Cyber Security Services Business Plan
Transcription
Cyber Security Services Business Plan
CONFIDENTIAL 1 No. _________________ 2009- Cyber Security Services Business Plan Industriestrasse 13C CH-6304 Zug Schweiz +41.44.586.8520 [email protected] 10306 West Emerald Street Boise, Idaho. 83704 +1.208.343.8520 [email protected] 3-15-6 Higashi 3-Chome 150-0011 Tokyo Japan +81 (0) 3 5468 7373 http://japan.digitar.com Confidentiality Agreement The undersigned acknowledges that the information provided by DigiTar AG. in this business plan is confidential; therefore, reader of said document agrees not to disclose it without the express written permission of DigiTar AG. It is acknowledged by the reader that information furnished in this Business Plan is in all respects confidential (except information that is in the public domain or obtained through other means) and that any disclosure or use of same by reader may cause serious harm or damage to DigiTar AG. Upon request, this document is to be immediately returned to: D. W. Williams, CEO, DigiTar AG. 10306 West Emerald Boise, ID 83704 ___________________ Signature ___________________ Name (typed or printed) ___________________ Date This is a business plan. It does not imply an offering of securities. 2 CONFIDENTIAL SaaS Cyber Security Services Business Plan. 1.8 Industriestrasse 13C CH-6304 Zug Schweiz +41.44.586.8520 [email protected] 10306 West Emerald Street Boise, Idaho. 83704 +1.208.343.8520 [email protected] 3-15-6 Higashi 3-Chome 150-0011 Tokyo Japan +81 (0) 3 5468 7373 http://japan.digitar.com DigiTar: A Complete Network Security On Demand; No Assembly required Traditional security approaches that require IT managers to research, justify, acquire, install and maintain multiple security technologies are quickly going the way of the dinosaur and being replaced with utility based security also known as Security In The Cloud. As we are all too aware, security threats are growing at an exponential rate as are the number of security technologies designed to address these new threats. This never ending process has become an arms race that no one can win. DigiTar's Security In The Cloud model provides the highest level of protection and flexibility available today by connecting businesses to the Internet through DigiTar’s multimillion dollar security infrastructure - all without capital expenditure or complicated and expensive systems integration projects. Offered as a subscription based, pre-integrated security utility, DigiTar has significantly reduced the time and work required to address pressing security issues without integration risk or headaches; in other words: "No Assembly Required". DigiTar's Vision of the Future: • Bring order and clarity to the world's messaging. – – e-mail, Instant Messaging, Web-Mail, VoIP and Micro-Blog messaging of the next decade [Web 2.0 enhanced]. provide advanced secure communications for cyber / wired / wireless connectivity's. – – – – services that interlock to provide intuitive seamless access to the messages you need, presented in ways that are instantly relevant to your task at hand. empower organizations and individuals with the features they desperately need...instantly. this means no client administration burdens and no waiting for results and benefits. – correlate and find the information you want regardless of how you received it (eMail, IM, Twitter, VoIP, etc.) • • Continuously expanding set of messaging services. DigiTar’s “Next-Gen” Over-arching concept of "Unified Messaging". DigiTar Motto: ZERO Configuration; ZERO Maintenance; 100% Security! DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 3 CONFIDENTIAL CONTENTS Executive Summary ………………………………………………………………………………………. Page 4 Financial Summary Overview ………………………………………………………………………. Page 5 The Business Concept …………………………………………………………………………………… Page 6 In-depth Overview ……………………………………………………………………………………….... Page 8 Company History …………………………………………………………………………………………….. Page 11 Sales Objectives / Strategies ………………………………………………………………………… Page 11 Management CV’s / Advisory Board ………………………………………………………………. Page 12 Company Facilities …………………………………………………………………………………………. Page 13 Products & Services Summary ………………….………………………………………………. Page 14 Competitive Comparisons …………………………………………………………………………….. Page 15 Technology Assets …………………………………………………………………………………………. Page 16 DigiTar Services Examples ……………………………….………………………………………….. Page 19 Detailed Market Analysis ……………………………………………………………………………… Page 24 Global Customer Base & Demand ……………………………………………………………….. Page 26 Primary Markets / Market Trends .……………………………………………………………….. Page 28 Value Proposition ………………………………………………………………………………………….. Page 31 Marketing Strategy ………………………………………………………………………………………… Page 32 Sales Strategy ……………………………………………………………………………………………….. Page 33 Sample Client List ……………………………………………………………………………………………………………………… Page 34 Strategic Alliances ……………………………………………………………………………………….. Page 35 Customer Testimonials & Recommendations ……………………………………………… Page 37 News Articles re: CyberSec Markets …………………………………………………………… Page 49 DigiTar Technology Scaling & Financial Impact Plans ………………………………. Page 55 DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 4 CONFIDENTIAL DigiTar AG. Cyber Messaging Security Services Business Plan Briefing Executive Summary: DigiTar was established for the development of proprietary technology solutions to cyber security problems within the internet communications industries. DigiTar formalized the infrastructure (people and facilities) and development of advanced proprietary technology services solutions for the rapidly growing eMessaging and voice/data security markets. Starting in 2005, DigiTar put real customers (Banks and ISP’s) on line! market share opportunity >$1,000,000,000 by 2016. DigiTar provides proprietary advanced cyber security solutions and unparalleled message processing capabilities, at extremely low cost, to IT Subcontractors, Internet Service Providers, and small medium (SMB) corporate enterprise network markets. Equivalent service performance products are not available at the retail level, and are not cost effective when obtained from competitive commercial cyber security service providers. DigiTar believes that security and management of information technology for business is similar to legal advice, accounting, graphic arts and other bodies of knowledge; that it is not inherently a do-it-yourself project. Smart business people who aren't computer experts require vendors of reliable cyber security technologies and support. They will utilize quality cyber security vendors as they use other professional service suppliers, as “Trusted Allies”. Demand for these services is growing at > 30% year-to-year. DigiTar has invested $2,000,000 in proprietary systems and advanced product-services to capture this phenomenal opportunity. DigiTar provides comprehensive proprietary eMessage™-DNA processing technologies for use by ISP’s, businesses, and individual’s worldwide, against today’s and tomorrow’s cyber terrorism attacks and malicious content internet communications. The demand for these services is growing at a rate greater than 30% year-to-year. As the sophistication of these attacks becomes more difficult for business organizations and individuals to handle, DigiTar ..greater than meets these challenges with low cost 24x7 advanced surveillance/protection systems $100,000,000 in sales and the most contemporary knowledge of attack signatures and eMessage-DNA properties available today. by the end of 2012. DigiTar has achieved strong market acceptance and plans to grow toward greater than $100,000,000 in sales by the end of 2012. This represents a corporate growth of >200% year-to-year. DigiTar’s plan targets attaining a 20% share of served markets by 2013. For the investor, an IRR greater than 200+% More importantly, DigiTar’s market expansion plan, for its’ proprietary technologies, targets untapped parallel markets including mobile communications/handhelds and Internet Telephony for its cyber security technology. With proprietary new services, DigiTar’s growth will continue exponentially. DigiTar technology was designed modularly so enhancements and new eComm services can be encompassed dynamically as client needs change. DigiTar projects the future eComm will split into multiple embodiments including email, Webmail, Instant Messaging, Voice over Internet and Micro Blogging. Each technology serves a different purpose and provides different benefits to the user. All are inherently insecure and require solutions to provide protection from cyber threats. DigiTar’s technology today scales easily to provide a complete integrated solution for these evolving multiple eCommunications embodiments. New investment funding activities proceeds will be used to market and promote its’ proprietary services globally and expand the client base for its’ Secure Messaging Services [SMS] and Complete Enterprise Security [CES] service-products. Long term financing: During March 2009, DigiTar executed a Memo of Understanding, for investment during 3rd Quarter of 2009, of up to €2,000,000, by Pontis Capital GmbH of Vienna Austria. Proceeds of this financing will be used as working capital to globally expand and intensify the scope of the Company’s sales & marketing programs; and to assure maximized revenue and client base growth during 2010, and beyond, for DigiTar’s SaaS eServices. PONTIS is member of the Austrian Private Equity and Venture Capital Organization (AVCO) and the European Private Equity and Venture Capital Association (EVCA). DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 5 CONFIDENTIAL Financial Plan Snapshot/Summary & Projections: 2004 Revenue nm COGS 2005 2006 2007 2008 2009 $156,000 $109,997 $523,300 $1,502,090 forecast $4,356,000 2010 2011 2012 forecast $14,675,000 forecast $60,650,000 forecast $132,550,000 $23,000 $37,607 $230,082 $732,350 $2,106,360 $6,834,250 $26,986,000 $55,803,170 Gross Pf’ $133,000 $72,390 $293,218 $769,740 $2,249,640 $7,840,750 $33,664,000 $76,746,830 Expenses $232,000 $388,634 $288,500 $760,850 $2,136,900 $7,060,000 $27,550,000 $55,650,000 EBT ($99,000) ($316,244) $4,718 $8,890 $112,740 $780,750 $6,114,000 $21,096,830 FY 2007 $306,660 $37,000 $0 $98,640 $81,000 FY 2008 $456,000 $62,000 $0 $25,000 $959,090 FY 2009 $3,050,000 $106,000 $0 $25,000 $1,175,000 FY 2010 $9,700,000 $550,000 $150,000 $500,000 $3,775,000 FY 2011 $43,800,000 $3,050,000 $2,000,000 $500,000 $11,300,000 FY2012 $75,824,000 $19,429,000 $10,982,000 $1,600,000 $24,715,000 Sales SENTINEL SMS SENTINEL CES SENTINEL IM Licensing & ManSecurityServices Other/SENTINEL Services Enhancements Total Revenue: $523,300 $1,502,090 $4,356,000 $14,675,000 $60,650,000 $132,550,000 FY 2007 $44,370 $2,386 $0 $2,650 $5,676 $175,000 FY 2008 $286,000 $16,500 $0 $8,850 $216,000 $205,000 FY 2009 $1,282,000 $53,000 $0 $6,250 $503,750 $261,360 FY 2010 $3,983,000 $275,000 $49,500 $125,000 $1,521,250 $880,500 FY 2011 $17,082,000 $1,525,000 $660,000 $125,000 $3,955,000 $3,639,000 FY2012 $27,516,360 $9,714,500 $3,624,060 $400,000 $6,595,250 $7,953,000 $230,082 $732,350 $2,106,360 $6,834,250 $26,986,000 $55,803,170 GM Expenses $293,218 $288,500 $769,740 $760,850 $2,249,640 $2,136,900 $7,840,750 $7,060,000 $33,664,000 $27,550,000 $76,746,830 $55,650,000 PBT PBT% COGS% Exp% $4,718 0.90% 43.97% 55.13% $8,890 0.59% 48.76% 50.65% $112,740 2.59% 48.36% 49.06% $780,750 5.32% 46.57% 48.11% $6,114,000 10.08% 44.49% 45.42% $21,096,830 15.92% 42.10% 41.98% COGS SENTINEL SMS SENTINEL CES SENTINEL IM Licensing & ManSecurityServices SENTINEL Services Enhancements Depreciation Total COGS: DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 6 CONFIDENTIAL The Business Concept: There was a time when cutting-edge enterprise network security meant a firewall on your perimeter and antivirus software on the desktop. No longer! With the advent of polymorphic Internet worms, application-layer cyber attacks, Trojan horses, Intrusion-Identity Theft, adware, spyware, and wireless hacks, the network security picture is more complicated than ever. To make matters worse, the enterprise’s cost of managing cyber security has increased exponentially; well beyond the resources of small and medium sized organizations. Managed Services Reach “Tipping Point” IT research firm Yankee Group issued a report mid-year suggesting that message management and threat protection had reached a “tipping point” in favor of an outsourced managed service model. Yankee cited several factors spurring the shift away from in-house software products to managed services, including the need to rely on specialized knowledge, the rapid response time needed to deal with threats, and the fact that fighting message threats is not a core competency that adds any value to the company’s bottom line. “Email Sanitization Services Preserve Peace of Mind,” Yankee Group DigiTar provides complete cyber messaging systems solutions, Research by Andrew Jaquith, including advanced programs and advanced proprietary security feature sets, without the need for the user organization to hire or expand internal staff or spend capital on new network facilities in order to enjoy a secure internal and external network environment. DigiTar’s client remains focused on their own business activities, be that a Law Firm, Bank, Mortgage Broker, Church, University or Medical office/Clinic, etc., thereby keeping precious resources invested in activities that meet regulatory compliance issues or business data management needs which optimize revenue & costs. The total SMB IT Market is currently (2009) >$26B in size; growing at greater than 33% compounded annual rate; and is largely unprotected from sophisticated attackers operating today. Value Proposition DigiTar makes it easy for regional IT Subcontractors, Value-Added Resellers/Distributors (VARs/VADs) and Internet Service Providers (ISP’s) to play a larger role in combating all sorts of spam and viruses without the need to spend money. VAR’s & ISP’s are offering DigiTar security services that scan all incoming and outgoing mail for viruses and spam; if a user's machine comes under attack, DigiTar technology blocks the attacking traffic, notifies the client, and performs automatic disinfection of the traffic. This kind of resource allows each VAR/ISP to charge additional fees for the cyber security protection which increases their own business revenues more quickly and with reduced competitive pressure from other ISP’s who do not offer DigiTar Sentinel leading edge cyber security services. No other supplier delivers the eMessage™ classification accuracy of services, the network performance improvements nor the exceptionally low cost benefits for the customer, equivalent to DigiTar. Value Proposition DigiTar makes it easy for regional IT Subcontractors, Value-Added Resellers/Distributors (VARs/VADs) and Internet Service Providers (ISP’s) to play a larger role in combating all sorts of spam and viruses without the need to spend money. Because of the "designed-in ability to scale", DigiTar makes it easy for its clients to grow or diminish in headcount, and/or modify bandwidth requirements. All without any budget “impacts” for additional/excess hardware, bandwidth, software and personnel expense issues. Unique to DigiTar is a proprietary "Auto-Provisioning" technology whereby customers are relieved of draconian bookkeeping and directory integration tasks that competitive offerings require. DigiTar automatically keeps track of "active" users in the client domain and charges only for users that utilize the service during the calendar month. This eliminates painful periodic manual "culling" by the client administrator (if there is one) and insecure external links to internal client directories. This keeps costs in line with actual use and maintains maximum client security and separation. This frees up several 100’s of hours per year of productivity savings, and incalculable security savings for the enterprise. DigiTar’s Sentinel technology is built on accelerated architecture implementations and proprietary message processing algorithms that simply “stop” Spam and other Cyber Threats from Entering Your Networks! DigiTar Sentinel can process messages 400 to 700 times faster than the competition. What they do in 3 seconds, DigiTar can do in .004 secs. This allows DigiTar to service 100’s more clients on a given technology resource (hardware processing facility) at an internal cost that is estimated at <5% of the competition’s cost of operations. This gives DigiTar the advantage of selling its’ services at a fraction of that of the competition and still enjoy excellent gross margins. For the end user client, as well as the VAR/ISP sales channel, this means unequalled benefits of real savings, revenue enhancement and state of the art (up to 99.9% message classification accuracy) Cyber Security benefits. DigiTar's Vision is to bring order and clarity to the world's messaging; be it e-mail, IM, VoIP, micro-blogging(Twitter) or messaging of the next decade. We envision a continuously expanding set of messaging services. Services that interlock to provide intuitive seamless access to the messages you need, presented in ways that are instantly relevant to your task at hand. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 7 CONFIDENTIAL DigiTar empowers organizations and individuals with the service features they desperately need...instantly. This means no administration burdens and no waiting. DigiTar's Vision is to bring order and clarity to the world's messaging; be it e-mail, IM, VoIP, micro-blogging(Twitter) or messaging of the next decade. We envision a continuously expanding set of messaging services. Services that interlock to provide intuitive seamless access to the messages you need, presented in ways that are instantly relevant to your task at hand. Our immediate and midterm vision comprises 6 Business Vectors: 1.) Next-Generation eMessaging - Solutions that enable customers to maintain connectivity, archive communications (of all types), enforce security, be compliant, and communicate with any organization...using IM services like AIM, MSN and Yahoo and/or micro blogging via Twitter! 2.) Consumer market revenues - proprietary user defined preferences advertising platforms with regional markets internet promotions advertisers and agencies. 3.) Regulatory compliance (SOX, HIPAA, etc.) - Service-based compliance for an organization's messaging. Nothing to replace. No additional capital or administrative overhead to become compliant. No burden. 4.) For Major Client’s mail flow, DigiTar On-Site Systems, DigiTar SENTINEL “On-Site” Resource Unit [DSRU], allows DigiTar to perform in-client as a systems service resource provider. Sentinel Messaging™ On-Site DSRU scales dynamically to accommodate virtually unlimited message processing capacity. 5.) Wireless communications – Elimination of unwanted communications (Spam etc.) and advertisements on wireless networks and wireless text messaging facilities. Fixed-flat rate wireless services evolution makes the cost of bandwidth the primary expense growth factor for wireless service providers. 6.) Voice-over-IP - VoIP is just another message for DigiTar. Our services will protect clients from voice spam, while providing the regulatory compliance that is mandatory for any electronic messaging medium. Over-arching all our efforts is the long-term concept of "unified messaging". The ability to find and correlate the information you want, regardless of how you received it Web Plan Summary The DigiTar website (www.digitar.com) is the virtual business card and portfolio for the company, as well as its online "home." The website is intuitive and straightforward, yet elegant and well designed; a cyber message processing website that stays current with the latest trends and provides information to the customers and a portal to our programs and products. The site utilizes the latest demonstrations capability of Flash technology so as to maximize a potential client's quick understanding of DigiTar product-services and application information. Website Marketing Strategy We will maintain a two-way link between our website and our product-services customers and suppliers. In addition to using the page as a sales tool, we will develop a monthly newsletter and a cyber security status links information page for industry lexicon sites. We will also maintain two-way links between major client organizations and supporters. Development Requirements The DigiTar website has been developed with limited expense and technical resources. A simple hosting provider, Tierranet.net, hosts the site and provides the network technical back end. DigiTar will maintain and enhance the site user graphic and interface to develop the simple, elegant, yet Internet focused site. DigiTar will design all website graphics and layouts. As the website rolls out future developments, newsletters and other related messaging and cyber security related applications issues will be chronicled via technical presentations and "walk-thru demonstration presentations. Organizational Structure DigiTar is organized to focus on two main activities: 1.) Client development for revenue growth; and 2.) Product development for greater reach into the served markets. Support personnel and staff positions are limited and must be associated with specific tasks that directly support one or both of the above objectives. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 8 CONFIDENTIAL In Depth Overview: DigiTar’s Security as a Service (SaaS): Sentinel Messaging™ This presentation covers DigiTar’s “Security as a Service” (SaaS), the next generation in eMessage processing innovations. DigiTar Sentinel Messaging™ is a paradigm shift away from the methods of the past and greatly reduces the complexity of enterprise email flow while dramatically increasing its reliability and security. In brief, DigiTar developed “eStrands Technology” in order to deliver advanced eMessage processing innovation for several problem areas: Highly parallel-modular architectural implementation that assures message delivery and unlimited scalability to meet load demand without disrupting a Client’s business operations. Reduces enterprise system complexity and increases stability by providing a completely outsourced integrated solution with zero required management. Enables quick reaction to Client’s needs via modular architecture – add functionality and feature sets as fast as, and whenever, required. No more, “One size limit’s all”. Ensures message continuity and enhanced reliability through a massively parallel, self-healing and redundant channel architecture that includes integrated in-depth audit reporting and content filtering capabilities Assured messaging compliance via enforced messaging formatting and integrated archiving procedures. Secure CLIENT-wide messaging through multi-layered anti-virus and proprietary anti-spam technologies in combination with policy-enforced encryption. Simplifies and transparently automates delivery of functional module code updates & service enhancements through an update anytime service-approach and single-point of precision delivery channel. Modularity architecture eliminates code update defects associated with application rewrites required to add-on / expand functionality necessary to mitigate new threat vector evolutions. Sentinel Messaging™ is an outsourced complete SMTP message-processing solution that integrates several proprietary Internet cyber security & eMessaging components to form a tightly integrated service pipeline. eStrands™/eMessage™ Processing Element Components include & integrate: E-mail Distributed-Denial-of-Service Protection (DDoS) Autoprovisioning and VeriSYNC™ – eliminates manual administration/management of user directories Anti-Virus – zero hour blocking Anti-Spam – unmatched spam/legitimate classification accuracy (>99.7% average) Content Filtering – complex policy-based filtering on 60 different categories Outbound Processing – Confidential / Proprietary info management Disaster Recovery - NeverLost™ eMessaging -7-day mail queuing for downed mail servers Transport-level Encryption - (B2B) Message-level Encryption - (individual recipient) Archival - regulatory compliance mail retention Premium Disaster Recovery - continuous data protection backup with per-user browser-based recovery consoles and per-user webmail capability Innovation & Novelty As a SaaS service, DigiTar Sentinel Messaging™ provides several unique benefits unavailable from appliance and boxed-product approaches: Zero-effort systems administration Zero-effort cyber threat signature upgrades Zero-effort technology functionality update management Single-point of responsibility (“one throat to choke”) Sub 1-hour malware threat vulnerability window Round-the-clock automatic spam detection updates Instant provisioning of additional service features (no downtime, no architecting) Elimination of virii and other security threats outside of your perimeter Reduction of penetration risk and vulnerability exploits by locating all functional components (i.e. anti-virus, anti-spam, mail processing engines, etc.) outside of Client’s IT infrastructure. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 9 CONFIDENTIAL In addition to the singular ability of Sentinel Messaging™ to dramatically reduce a Client’s mail flow complexity, DigiTar also provides hand-in-glove support services including automated direct user support on day-to-day issue resolutions. Benefits and Marketability In the course of implementing a Sentinel Messaging™ installation for the CLIENT, DigiTar provides the following: Reduced system complexity – Integrated functionality and cross-functionalities Eliminate multiple CLIENT-internal tiers of mail functionality (anti-virus, anti-spam, etc.). Remove the need for CLIENT administration of multiple vendor solutions and supporting infrastructure (load-balancers, etc.) and improves messaging systems reliability. Eradicate finger pointing and problem resolution times by providing a single vendor of responsibility. 1. Improve overall communication with operational users and customers Provides a robust / redundant communication resource and eliminates message latency delays. User-administered anti-spam quarantines provides unmatched 99%+ classification accuracy and dramatically increases the quality of the mail stream; thereby enhancing the robustness of the Client’s ecommunication. Provide support controls, which ensure accountability, security and availability. 2. Eliminate security risks VeriSYNC™ / Autoprovisioning and confirmation of valid users without the requiring integration with the Client’s LDAP Directory protects enterprise network structure and confidential information. Removes requirements to manually manage eMail user Directories. No insecured human activities & disclosures. Establish pro-active process controls that pre-empt and obviate potential operational interruptions. 3. Provide turn-key levels of messaging and resource management As there is no hardware to operate, and no software to maintain or configure, Sentinel Messaging™ eliminates the majority of burdens of conducting messaging management on Client’s mail flow. Capacity upgrades and feature enhancements are instantly provisioned. Sentinel Messaging™ completely eliminates the equipment surplus; acquisition and re-purposing that are normally required parts of eSecurity life-cycle management for optimizing a Client’s mail flow. 4. Eliminate problems of a Monolithic solution (Dedicated Appliance or Server configurations) No more “all-new” hardware upgrades or undected code defects embodied in rewritten applications. No more waiting several days for cyber threat signatures updates or cyclical software release enhancements. Enjoy Real-time Dynamic load matching of “resources-to-functionality-requirements” and infinite scaling without limitation. No single point of failure that takes down the entire network operation. Disruptive Implications of the eStrands SaaS Technology: Services and Systems DigiTar SENTINEL “On-Site” Resource Unit [DSRU] As a systems service resource provider, Sentinel Messaging™ On-Site DSRU scales dynamically to accommodate virtually unlimited message processing capacity. For a Major Client’s mail flow, DigiTar assures expandable DSRU modular unit capacity of: Peak messages per hour capacity: 4,000,000 Sustained messages per day capacity: 61,000,000 Disaster recovery retention period: 7 days Uninterrupted message flow and latencies of less than 1.5 seconds. DigiTar’s Fully Integrated SaaS Solution Currently, the complexity of a Client’s mail flow is largely induced by the variety of vendors (sometimes more than 4) and number of servers/appliances (6-9) necessary to satisfy all of a typical Client’s required processing (AV, AS, content filtering, etc.). This does not take into account the ancillary networking and server load-balancing gear required to further support the current solution. In contrast, implementing Sentinel Messaging™ consolidates all required message processing functionality into a single logical unit, and completely eliminates the management headache of an in-house solution. Further, by re-locating the DigiTar message processing out ahead of the Client’s network (in the red zone), the risk of security breach through an exploit in the mail flow is completely contained outside of Clients critical infrastructure. Unlike legacy vendor solutions, Sentinel Messaging™ was not narrowly designed primarily as an anti-spam or anti-virus solution. Rather, its primary design goal was to create a massively parallel, self-healing and redundant message processing and logistics pipeline, into which various service functionalities could be plugged easily, reliably and rapidly. As such, all messaging services offered by Sentinel Messaging™ are designed as fully integrated modules, which plug into a well-defined and robust messaging backbone. The benefits when compared to competing single and multi-vendor solutions are many-fold. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 10 CONFIDENTIAL First, each processing phase (i.e., anti-virus, anti-spam, encryption, etc.) is not an autonomous unit as with typical competitive single-function vendor (multiple-box and/or applications software) solutions. Rather, each DigiTar Processing element within each service phase is aware not only of the load and health of other processing elements in the same phase, but also the availability of other phases downstream. This allows all processing elements within a phase to dynamically absorb the excess message load from a failed peer, and also to dynamically route around entire phases in the unlikely scenario that all processing elements in a phase become unavailable (it has never occurred). This resiliency is possible because the services are built on a common messaging backbone whose primary design goal was to ensure the absolute delivery of every message. Further, since all services that integrate with the backbone are DigiTar-developed, there is no incompatibility between varying message processing functionality. Second, by implementing a common messaging backbone, DigiTar does not have to micro-manage the components in the pipeline. Rather they interact to self-adjust and self-heal, thereby eliminating the number one cause of system downtime: human error. Also, this common backbone enables an enforced audit trail/chain-of-custody across services for maximum audit and regulatory compliance. Third, for the CLIENT there is no management or administration required at all. All service and capacity upgrades, spam DNA and AV updates, as well as, service monitoring and repair are handled 24/7/365 by DigiTar. This zero management impact also extends to the initial installation, where there is no equipment to install or software to configure. All that is required is an MX eMail redirection. Fourth, Sentinel Messaging™ uses the well-defined principal of MX-redirection to enable the transparent and secure routing of CLIENT mail to a DigiTar processing silo. What this entails is changing the mail exchanger (MX) record for the CLIENT to point first to the DigiTar processing silo, instead of the CLIENT mail host system. At that point, all mail is first delivered to Sentinel Messaging™ where it is cleaned and processed, after which it is then sent over an encrypted link to Client’s mail servers. Start-up installations take less than 10 minutes to complete from start to finish. This occurs without requiring the CLIENT to remove any of the existing mail flow architecture. Rather than being disruptive to the Client, Sentinel Messaging™ is installed in parallel to the existing mail flow and delivers around it directly to the Client’s Messaging servers (Java Systems or Exchange). The existing mail flow components that are then unnecessary and can be inactivated once Sentinel Messaging™ installation is complete and active, thereby ensuring a disruptionless migration. Overall, Sentinel Messaging™ allows a CLIENT to eliminate several servers and load-balancers from the Client’s existing mailflow, and instead receive a single point of reporting and provisioning for mail services. Also, the CLIENT has “one-throat-tochoke” in terms of support, thereby eliminating the potential finger pointing from disparate multi-vendor solutions. Sentinel Messaging™ is by its nature as a robust service-oriented solution; the epitome of integrated mail processing. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 11 CONFIDENTIAL Company History: DigiTar represents the consolidation of two business entities, DigiTar SP (Founded 2002) {IT Networking & Cyber Security contract services}, and Spectrum Technology SP (Founded 1992) {high technology business development consulting company to the data communications and cyber connectivity industries}. DigiTar's founders have a combined experience of more than 50 man/years in high technology and data communications technology and management. DigiTar AG. is a Swiss Corporation headquartered in Zug Schweiz with R&D in Boise, Idaho USA. The Company founders are, Dale Williams, Chairman/President; Jason Williams Vice President CTO/COO and Director of Finance K. Sipiora-Williams. DigiTar's primary business Charter is to provide in-depth cyber security network services, for profit, as a managed security service provider (MSSP) to SMB legal, medical, corporate and financial enterprises as well as large Municipal/State/Federal agencies and corporations. The combined paid-in capital of the resulting enterprise is made up of business assets, equipment, purchased technology, purchased market research, memberships with Homeland Security industry organizations and alliances, purchased technical training and cyber security certifications, office equipment, furniture, and file systems. Additionally, more than one thousand (1000+) Man months of DigiTar cyber processing technology, and business and market development activities, have been completed and funded by the founders at a replacement value of the proprietary IP of more than $2,000,000. Capital: Throughout the startup phase the founder’s funded DigiTar R&D activities. All Founders investments have been consolidated into the Paid-in Capital of DigiTar. In 2005, DigiTar secured long term SBA financing for equipment. In 2006, additional private financing for working capital needs was established. Total debt is as follows: Total long-term debt and funding history is shown by this table below: Source of Date of Capital Loan or capital venture Amount Equity Founders 2004 /2005 $900,000 Seed SBA Loan 2005 $250,000 Loan Pvt Investors 2006 /2007 $400,000 Loan Sales Objectives / Strategies 1. Penetrate the global/regional Internet Service Providers [ISP], Telcos and IT Sub-Contractor markets, second and third tier suppliers, to>50% level with DigiTar SENTINEL SMS and CES message processing services. The major Internet service providers today, namely Microsoft, AOL and Yahoo, have already started major campaigns to lure e-mail accounts away from competitive suppliers who are promising antivirus and antispam filtering as a part of their service. This leaves the second and third tier suppliers at a significant disadvantage, because it is costly for any one of them to be able to do establish Advanced Technology message processing for their user base. DigiTar's SENTINEL technology provides an immediate and transparent solution for this market, which comprises more than 30 million e-mail accounts, serviced by 1500 second and third tier ISP’s. 2. Introduce advanced service products that expand revenues for SMB and major business enterprise messaging clients and/or enterprise message content management markets so as to differentiate DigiTar's high-margin DigiTar Sentinel technology services and make them super-attractive for add-on to in-house enterprise IT traffic management and productivity value-added programs. 3. Expand DigiTar's rifle shot marketing to targeted Global Distribution Channels, with a broad sales program aimed at selected-targeted end-user enterprises using Value-Added Resellers and in-country Partner-Agents. The key phrase here is Market Segmentation. Keys to Success The strength and value of DigiTar's technology is most appreciated by those organizations that are subject to new demands on their capital and technical staff by outside forces and regulations. In the past, smaller and medium-sized business organizations have been able to operate without extensive record/document security facilities and systems. Now, with the mandates of several new governmental laws, many companies (including medical clinics, drug stores, law firms, records repositories, title companies, mortgage companies, real estate firms, brokerage firms {especially satellite locations}, and many other firms) are faced with compliance investments to their networks and archive facilities. These new demands are coming at the same time that the cost of supporting ongoing, sustaining operations and updating requirements, is skyrocketing. As cyber-based communications take over greater percentages of business information and commerce activities, the need for better cyber security is expanding exponentially. DigiTar provides the latest state-of-the-art in antivirus, antispam, intrusion-detection & prevention, content filtering, spyware/Phishing and Hacker attack deterrence, to name a few. The keys to DigiTar's success depend upon timely penetration of these types of organizations. Initial contacts will be made through regional ISP's who are the primary DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 12 CONFIDENTIAL connectivity suppliers to the targeted clients. DigiTar will initially distribute its services and SMS technology through ISP’s as an add-on service and revenue opportunity for smaller regional IPSs. This resolves the need for the ISP to invest in cyber security enhancements at the same time it is investing in necessary resources required to meet the compliance issues of their customers who are subject to the new reporting and archival mandates of the federal laws. Management / Advisory Board C.V.’s Chairman of DigiTar AG. Previously VP/General Manager Rockwell International, Director of Marketing Microcomputer Division Intel Corporation; over 30 years experience in the computer, e-business and telecommunications industries as an entrepreneur and business development consultant. D W Williams – President J J W Williams – VP Chief Operations & Technology Officer, > 15 years experience in computer networking applications markets. He received his BA from Washington & Lee University in Virginia, magna cum laude. Member of Technical Staff at CyberHighway internet services provider, and as Manager IT and Network Specialist for the State of Idaho. He has received Professional Certification as a Cyber Security gateway systems expert and is a Member of the ISSA and Homeland Security Leadership Alliance. K Sipiora-Williams –VP & Chief Administration Officer, has more than 20 years of business operations experience in high Technology firms in Silicon Valley. She has been a member of several technology startup organizations and has held senior financial planning and market development positions with successful entrepreneurial firms. She served as VP of Finance for Spectrum Technology for 10 years. Premier European business development experience in Cyber Information and Advanced Networking technology markets. Executive Sales and Market channel development positions with leading Europe suppliers: General Manager-NOKIA Internet Communications; Vice President EMEA-Exinda Networks Pty.; Vice President EMEA & Managing Director- ForeScout Technologies, Central & Eastern European Manager-Ipsilon Networks Ltd, and Business Unit Director-ADIVA Computertechnology GMBH. R M Richter – Director Business Development Europe, H Iino – Director Business Development Japan, Eminently successful Japan entrepreneur and network systems market pioneer. Iino san’s business associations include extensive previous collaboration with Matsushita, Fuji and NEC Corporations. Iino san introduced DigiTar to Sakura KK, the IT division of Mitsui-Sumitomo Bank Group, and major Japan clients for DigiTar services including Sakushin University of Tokyo. T Rampelberg, Member of Technical Staff Technology Development, extensive development experience in anti-spam engines and next generation proprietary cyber security software algorithms. Previous experience includes Performance Engineering – Mirapoint, and Google, and LDAP, NIS+ and Kerberos distributed authentication services for the Computer Science Division at Pepperdine University. Tom has a BS in Computer Science from Pepperdine University. DigiTar Advisory Board: DigiTar has established a Technology/Business Advisory Board made up of key individuals from several cyber communications disciplines and business expertise arenas. The Charter of this body is “to facilitate critical reviews, discussions, analysis and recommendations concerning DigiTar development technology programs and/or business concepts. R Wagner -Director; 30+ years Contracts Lawyer, as in-house executive counsel in High Tech Fortune 50 Corporations. Dr. D. Bingham - Senior Scientist – Advanced Technologies, Idaho National Laboratories US Energy Dept. G Litteer – Scientist – Cyber Security Infrastructure Research, Idaho National Laboratories US Energy Dept. Dr. D Thompson - VP, Computer Science & Technology Dept Chairman, Pepperdine University; California T W Tinsley; University Network Security Director, Washington & Lee University; Virginia Maj. Gen. M Heath (Ret.) – Director Emeritus UK Defense Electronics Research Agency (DERA) England D Bartlett - Executive VP Operations, IDACOMM [Internet Services Provider] Idaho C Merrill – Certified Public Accountant, BDO Siedman LLP. P Thoms – Chairman/ CEO, NXT Private Limited Hong Kong DigiTar AG of Counsel: Peter Midgley, Esq.; Lawyer & Partner Zarian Midgley LLP - Boise, Idaho USA Dr. Christian Faßbender; Lawyer & Partner Waldeck Rechtsanwälte, Frankfurt am Main DE Peter Hodel; Lawyer & Partner Hodel - Frei Advokatur – Zug Schweiz Dr. Stefan Klass; Lawyer & Partner BRUHIN KLASS Rechtsanwälte - Zug Schweiz DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 13 CONFIDENTIAL Company Points of Presence and Facilities DigiTar's European HQ Domicile is in Zug Schweiz with USA business offices and R&D Operations Center located at a secure facility (co-located with the Boise Police Substation and the offices of Loomis Fargo armored car services) at Boise, ID 83704. DigiTar’s Secure Production Operations Center is located in Boise, ID 83709 (see photos below). In addition, DigiTar has established a DigiTar-Japan business development agency in Ebisu, Shibuya-ku, Tokyo, Japan for Japan and China eMessage processing markets. USA Business & R&D Center: Production Operations Data Center: DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 14 CONFIDENTIAL Product and Service Descriptions DigiTar has developed a specialized cyber network security services program known as "Sentinel©", targeted specifically at SMB Enterprise, Legal, Medical and Professional services and large enterprise businesses. Sentinel© is a low-cost high security services technology platform specifically tailored in a modular, expandable configuration that is available on a low-cost monthly basis. DigiTar is marketing these services as annual or multiple year service contracts. Sentinel© is a turnkey solution which provides all aspects of cyber security needs including antivirus, intrusion detection-prevention, virtual private networking, content filtering, firewall and bandwidth management. DigiTar is strongly positioned against its competitors in the managed security services space, due primarily to the combination of its focus on small-medium business and our proprietary industry-unique methods of detecting and preventing cyber threats. As compared to competitive MSSP providers, DigiTar provides sub-25 user pricing models that make security affordable to smaller firms, and when technology compared, DigiTar's Digital DNA method (unique to DigiTar) of identifying and eliminating message-borne pathogens yields a 99.9+% protection-level that no other services provider can claim, thus making DigiTar a more attractive solution even to companies as large as 200,000+ users/employees. Graphical Overview of DigiTar SENTINEL Architecture Composite overview of SENTINEL SMS and CES services functional processes components. DigiTar SENTINEL Messaging Services [SMS]: E-mail messaging Protection Services SMS services monitor and cleanse all domain e-mail traffic; removing Cyber virii and Spam contents from the data streams between a user's site and any incoming message(s), via the Internet. DigiTar Complete EnterprisePRO Security [CES]: Complete business cyber security Protection services. CES provides business protection services, operating 24/7, extending cyber protection to include all web traffic, e-mail, and private communications between a user and any web site or e-mail host associated with the worldwide web communication networks. CES enterprise protection provides safekeeping from cyber terrorism, including intrusion detection & prevention, content filtering, and network performance & bandwidth management. DigiTar cyber security equipment systems that have proprietary DigiTar functionality integrated as a valueadded component. These products range from cyber filters and software to complete turnkey SOC (Security Operations Centers) implementations, as customized for specific customers. DigiTar “On-Site™ & DSRU Licensing of proprietary security services equipment to international partners and major OEM accounts; and for unique or specific customer requirements which can be added to DigiTar products and services offerings as standard products for revenue enhancement and competitive sales advantages. DigiTar Cyber Technology Sales: Licensing of proprietary software and associated security services DigiTar's market reach strategy targets unique and/or specific customer requirements that can be added to the DigiTar products and services offerings, as standard products, for revenue enhancement and competitive sales advantages. Development of an international presence can most effectively be accomplished by developing jointventure partners in targeted market countries who contribute to the efficacy of the services technology, via language and symbol recognition enhancements to the underlying DigiTar algorithms and processing technology. Local incountry marketing activities by a Licensee/Partner will deliver more timely revenue results at lower costs to DigiTar than direct expansion into a foreign market by the Company. Licensing of technology allows for a continual (multiyear) sharing of revenue streams without the expense of developing in-country support personnel. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 15 CONFIDENTIAL Competitive Comparison DigiTar SENTINEL SMS message processing cost/benefit ratio exceeds all the top competitors in the cyber security services market today. Taken strictly on a cost per user basis, SENTINEL SMS sells for $3.00/month/user [$36.00/Yr] in small company implementations, (i.e., 3 to 5 users per domain). By comparison, all other suppliers charge $60.00 to $80.00/year/user; and most of them require a minimum of 50 or 100 users per domain. At higher populations of users/domain, the cost of SENTINEL SMS is less than $8.00/user/year. On the technical level, SENTINEL SMS is the “clear leader in performance” due to real-time message processing; no competitor offers this benefit. Therefore, there are virtually no delays associated with the Processing/Cleansing processes. Message datum transfer is real-time and never delayed; this means that the recipient is never left "on hold" while the antivirus/anti-spam systems are working. The following table summarizes the technical features of DigiTar SENTINEL vs. those of the competitive offerings in the market today. Competitive Technology Analysis DigiTar SENTINEL McAfee Mirapoint Barracuda SpamCop Symantec Ironport MessageLabs Google Postini Spam Engine iSTAT© Spam Assassin Realtime Black List Brightmail® Proprietary Technology Dynamic Spam Trend Alignment™ DNA Rules RBL Bayesian Rules YES NO NO NO NO YES Per Individual Global Rule Based Global Rule Based Global Rule Based Global Rule Based YES Complete User Control YES SENTINEL Auto Learns from User Preferences and Actions NO Requires Admin @ Server Level NO Requires Admin @ Server Level MessageLabs-Yes Yes NO NO NO NO YES Tailored to User Preferences NO User Must Mark Each Message for White/Black Listing NO Yes Yes Automatic Quarantine YES NO Sys Re-labels Message “Subject Line” Only NO Yes Yes Secure Personal Quarantine YES NO Quarantine NO MessageLabs-Yes Yes NO Symantec/Ironport-NO MessageLabs-Yes Yes User Preferences User Self Service Automatic System Learning Personal White List Spam Isolated Complete Content Anti-Virus Protection Spam Catch Rate NO YES Spam is handled after Outside of the User’s penetrating User’s Network Network YES Nested Attachments Included NO Simple Virus Protection @ Additional Cost NO NO Simple Virus Protection Only @ Additional Cost NO Simple Virus Protection @ Additional Cost 99%+ Typ 85%-90% Flattens @ 95% with Full Time Network Spam Administrator Typ65%-80% Typ 90%-95% Typ 90%-95% DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 16 CONFIDENTIAL Technology Internet technology has had a significant effect on business processes over the past couple of decades. For that reason, a new trend in business communications has emerged. Technological advances in electronic mail are attracting the attention of companies who depend on direct mail for leads. Companies can download potential customer addresses and names over the Internet and have a host of customer communications out-sourced. To the recipients, this communications inflow is most times unwanted, and in some cases contains dangerous message materials. Moreover, this robs the targeted business enterprise of valuable employee productivity time. (See: Cost of Spam Calculator in the Appendix.) DigiTar has developed an advanced set of Message DNA algorithms that support all types of system operating environments including Linux, Windows and Macintosh technology. Moreover, DigiTar has developed feature rich enhancement benefits for the user so as to eliminate major protocol and size limitations associated with E-mail and Instant Messaging constructs currently plaguing the industry. DigiTar Sentinel™ Technologies/Benefits: iStat© - eStrand© Technology -Dynamically Adjusts to Block Emerging ThreatsTraditional anti-spam technology methods such as lists, rules and heuristics are all limited in their approach. Sentinel DNA indexes are highly specialized analysis's designed to detect elements in a message’s DNA. Further, SENTINEL eliminates the need for constant user updates required by traditional anti-spam technologies. SENTINEL analyzes the DNA of email to provide a “spam index” gene used to determine and identify spam. Because SENTINEL analyzes the genetic make-up of email rather than content, it is language agnostic, and are capable of identifying spam in any language. SENTINEL is able to track evolving mutations to spam’s genetic structure, delivering updated spamDNA information continuously, defeating new spam techniques before they can become effective. Sentinel is the immune system for email. iSTAT© – Powerful Proprietary Algorithms Identify Spam • Highly specialized iSTAT© programs detect mutations in a message’s DNA • Sentinel’s iSTAT technology immunizes against evolving spam forms • iSTAT technology supersedes traditional approaches including content evaluation, lists, rules, heuristics eStrands© - Proprietary DNA classification Engine • Sentinel’s eStrand engine, using genetic algorithms, constantly provides most effective spam DNA classification accuracy • Sentinel eStrand Technology delivers continuously updated eMessage DNA information 24/7 • Sentinel eStrand Technology appends each message with a unique tag enabling future logging services iMESH™ /”WCL Technology -Dynamically reacting/adjusting to Morphing DDos AttacksMitigating a Distributed Denial of Service (DDoS) attack requires OSI Layer 3 mitigation combined with Layer 7 intelligence. In the DigiTar™ systems, this means identifying offending hosts (Cyber Threat Attackers) quickly through numerous Layer 7 anomaly detection processes, and denying those, and similar, hosts the ability to send such content for an amount of time commensurate with their offenses. The key to stopping a DDoS is to quickly translate threat identification into threat mitigation. DigiTar™ created its multi-phased iMESH™ mail transfer system. iMESH™ is a distributed system that consists of multiple phases that are meshed for resiliency and speed. Each phase of iMESH™ can communicate Layer 7 anomalies back to the very first phase to enable deep pattern recognition and thereby mitigate extremely distributed attacks. Key to iMESH™’s mitigation capabilities is its proprietary Weighted Control List™ (WCL™) embedded in the first phase. As hosts exhibit offending behavior, they are added to the WCL™ with a weight commensurate to their offenses. Repeat offenses greatly increase the weight, particularly when done at short intervals. The higher the weight, the longer a host will be denied access to the DigiTar™ ecosystem. A host’s weight decays over time, allowing attacking mail servers the opportunity to be cleaned up and eventually be considered legitimate again. iMESH™ will also auto-rate limit mail deliveries to protect client mail servers from floods of legitimate mail. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 17 CONFIDENTIAL Sentinel Kamiza™ Overview -Superior Management Control for select AdminsSometimes it is necessary and beneficial for Client Administrators to be assigned special privileges regarding the governance of Sentinel Messaging™ operations. The Kamiza Administrator is assigned senior responsibility for a number of important roles critical to maintaining the maximum efficiency and efficacy of the organization. Sentinel Kamiza™ enables approved individuals who are assigned Kamiza Administrator status, to access the Sentinel Messaging™ quarantine of any individual within their organization. This is provided through DoppelGanger™ technology, which enables a Kamiza Administrator to assume the Sentinel Messaging™ identity of any user who’s Sentinel Messaging™ Portal they need to access. Once a Kamiza Administrator has assumed the Sentinel Messaging™ identity of a user, he or she can do anything the user themselves could do within their Sentinel Messaging™ Portal, including: Release false positives. Change the user’s password. Change Sentinel Messaging™ Digest delivery frequency. Administer the user’s whitelist. More… Sentinel Kamiza™ empowers any approved Principal, within the organization, to execute the responsibility of maintaining a constant vigil over their e-mail security. DigiTar veriSYNC™ Technology -AutoProvisioningIf/when a DigiTar customer enables/disables a user name in their mail server, Sentinel Messaging™ will notice automatically that that the user is new-valid or now-invalid. If a user is found to be invalid by veriSYNC™, Sentinel Messaging™ will refuse to accept new messages and return an error to the sending server, which will then send a bounce to legitimate senders informing them the message could not be delivered. On the other hand, if Sentinel Messaging™ notices that a new user has been validated in the Customer’s mail host, DigiTar’s system automatically provisions the new user in the DigiTar approved user lists. This relieves the customer from the of draconian bookkeeping and directory integration tasks required by all competitive AV/AS technology suppliers.; DigiTar automatically keeps track of "active" users eliminating painful periodic manual "culling" by the client administrator and insecure links to client directories. The elegance of veriSYNC™ is that it works with all customer e-mail systems and directories, regardless of type. DigiTar veriSYNC™ Technology (cont) -Protection from Cyber Security Directory Harvest AttacksThe DigiTar customer can choose between 3 behaviors when veriSYNC™ determines a recipient is invalid: 554 Response: Accept the invalid recipient and return a 554 error. This has the benefit of not telling the spammer which recipient is invalid. It also provides the benefit that if a legitimate sender types a recipient name incorrectly by mistake, they will receive a bounce message informing them of the mistake. This is an exclusive to SENTINEL, DigiTar-proprietary behavior. No competitor protects against DHA while enabling legitimate senders to receive notification of their addressing mistakes. Silent Drop: Accept the invalid recipient and also accept the DATA section. Then silently drop the message to any invalid recipients, and deliver the message to any valid recipients. DHA Protection Disabled: Send a standard “550 No Such User” error in response to any invalid RCPT TO. This provides no DHA protection. Silent dropping of mail to invalid recipients is a crucial security feature that is accepted best practice. Sentinel Messaging ™ veriSYNC™ feature is the “Best-in-Class” mechanism by which we enable this best practice. DigiTar veriSYNC™ Technology (cont) -Protection from Denial of Service AttacksDigiTar’s veriSYNC™ technology also continuously protects its’ customers from Denial-of-Service attacks. A prime example is a DigiTar customer who is a global positioning tracking company. Their devices are used in critical law enforcement applications, and the devices e-mail their status back to the company who then publishes the data via the web to their customers 24/7. Very recently, the company's domain saw their gross e-mail traffic jump from 7,000 messages/day to 60,000 messages/day. That jump occurred within an 8-hour period of time, as a result of being targeted by a spam attack. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 18 CONFIDENTIAL Because they were protected by veriSYNC™, Sentinel Messaging™ silently dropped the messages to invalid accounts (over 100,000 different user accounts were tried) and the company was able to keep their mission critical e-mail flowing. The company did not experience any increase in their normal mail traffic (2,500 legitimate messages/day), as DigiTar filtered these (legitimate eMessages™) out of the deluge of bogus traffic and delivered them to the rightful recipients. For minimum vulnerability and liability purposes, DigiTar has an unequalled competitive advantage using veriSYNC(tm) to maximally protect its’ client organizations from both cyber-attacks as well as social engineering that comes from directory harvests. DigiTar Technology Benefits DigiTar “SENTINEL” Technology provides complete cyber messaging solutions. Including: low cost 24x7 protection using the most advanced knowledge of attack signatures and eMessage-DNA properties to block: virus, spam, spyware, polymorphic Internet worms, Trojans, Identity Theft, adware, Intrusion and application layer cyber attacks. Eliminating: need for the customer to hire/expand internal staff or spend capital to achieve complete security of internal and external network messaging environments. Competitive Edge: SENTINEL services are easy (transparent) to integrate; use customer’s existing domain and networks; no additional infrastructure or personnel required. Designed-in “Ability to scale“: DigiTar makes it easy for clients to grow or diminish in headcount, and/or bandwidth requirements. No client Capital budget “impacts” for additional (or surplus ) hardware, bandwidth, software or personnel changes. Auto-Provisioning: Customers are relieved of draconian bookkeeping and directory integration tasks; DigiTar automatically keeps track of "active" users eliminating painful periodic manual "culling" by the client administrator and insecure links to client directories. Eliminates costs and maintains maximum client security and separation. [Several 100’s of hours per month of productivity savings, and incalculable security savings.] Threat Classification Accuracy: For the end user client, as well as the VAR/ISP sales channel, this means unequalled productivity (real $$’s) savings, revenue enhancement and state of the art (99.9% accurate) Cyber Security benefits. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 19 CONFIDENTIAL Cyber security Service Market Segments: SMS / CES DigiTar SENTINEL SMS (SENTINEL Messaging Services) DigiTar has a highly redundant multiphase security message processing and content cleansing network architecture. SENTINEL SMS: Use of multiple antispam engines and antivirus engines coupled with 24x7 security updates as to the latest antivirus signatures and rule sets designated by global cyber security monitoring and cyber terrorism prevention organizations. SENTINEL SMS blocks objectionable and/or unwanted messaging; removal of spam, spy ware, Phishing, and intrusion attack software – sites – documents. Material of this nature is removed from the message stream and trashed according to central cyber security monitoring and client managed security rule sets. Questionable materials are quarantined in a protected clientunique web site for review and disposition by the client, (i.e., "whitelist" if always valuable; "release" to client mail server if desired this time). SENTINEL will automatically empty the quarantine after periodic reviews by the user; no further actions by the user to eliminate the spam from the quarantine are required. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 20 CONFIDENTIAL For example; Normally, when someone is sending an e-mail message to "[email protected]", the sender’s mail server interrogates the Internet name server to locate the IP address for blow.com. The Internet name server returns requested information; in this case that the blow.com domain is located at IP address 1.2.3.4. Joe is inundated with a torrent of unwanted and hazardous material on an hourly and daily basis. Management of this in-rush requires considerable time and expense both in regard to personnel distractions, productivity impacts, acquisition costs of AV software and manual updates on a regular basis. By redirecting Joe's inbound e-mail traffic to SENTINEL's SMS Cleansing Silo [IP 4.2.1.4], only spam-free and virus-free e-mails are allowed through. All virii, worms, etc. are trashed and the spam is quarantined in a secure user-personal quarantine site, away from the enterprise network. An additional benefit to the enterprise is the cost reduction associated with expanded network/bandwidth infrastructures no longer burdened by supporting messaging traffic flows that were clogging up the Enterprise's Voice/Data communications facilities. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 21 CONFIDENTIAL DigiTar SENTINEL CES (Complete Enterprise Security) SENTINEL CES: DigiTar’s on-site client premise Sentinel provides complete Enterprise-wide intrusion prevention and virtual private networking capability, which augments the secure messaging services from the Sentinel SMS configuration. SENTINEL CES builds on the SMS message processing engines, for SMTP traffic, and broadens the datum processing activities by adding custom HTTP traffic engines and algorithms that clean web content, File Transfer Protocol files, Instant Messaging traffic and provide Intrusion Detection and Prevention processing as well as Virtual Private Networking communications. As with SENTINEL SMS, SENTINEL CES blocks objectionable and/or unwanted Web content material and provides removal of Virii, Spyware, Phishing, and Intrusion Attacks delivered by Software/Sites/Documents. Material of this nature is removed from the Datum stream and trashed according to central cyber security monitoring and client managed security rule sets. Again, questionable materials can be quarantined in a protected client-unique web site for review and disposition by the client, (i.e., "whitelist" if always valuable; "release" to client mail server if desired this time). SENTINEL will automatically empty the quarantine after periodic reviews by the user; no further actions by the user to eliminate Datum from the quarantine are required. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 22 CONFIDENTIAL Enterprise Security with SENTINEL CES Technology Internet Hacker Bob Enterprise Branch Offices Secure SMTP Secure HTTP Remote Sites VPN - Secure VoIP CES Work at Home Dedicated VPN Link Major Customer On-Demand VPN Link PBX PBX SENTINEL DigiTar SENTINEL SMS Secure VoIP Web Server Hotel / Home / Cust Site Secure VoIP Secure HTTP Secure SMTP V oI V P oI V P oI V P oI P Mail Server DigiTar Client Services Enterprise HQ Offices CES Secure Services: AV / AS / CF / I PS / BW /VPN Sentinel CES/VoIP – Providing VoIP Security & QoS A key issue for VoIP phone system deployments is the problem of normal data traffic plugging networks lines, and leaving little or no room for VoIP traffic. This is particularly the case with Service Provider (SP) deployments, where the SP controls the quality of service (QoS) inside the SP network, but cannot control how the customer uses the T1 or DSL that provides service over the “last mile”. Often, the customer will use their network link to full capacity (i.e. downloading PDFs or watching videos) thus making it very difficult for VoIP calls to maintain their quality…if they can get through at all. Adding to this situation is the recent FCC ruling that VoIP SPs must provide 911 access, thus making the problem of an unusable VoIP installation particularly acute. Moreover, VoIP handsets are susceptible to the same virus infections, exploits and Denial-of-Service (DoS) attacks that plague standard computer systems. “… CES… guarantees VoIP quality and availability, regardless of the client’s Internet usage profile.” Sentinel CES/VoIP secures the VoIP handsets, and, in addition, guarantees minimum available bandwidth levels to those handsets. By deploying CES/VoIP, VoIP SPs can guarantee VoIP quality and availability, regardless of the client’s Internet usage profile. Undesirable-effects of attacks on VoIP handsets include: phone calls by unauthorized third parties (i.e. suspicious calls to Afghanistan on your bill), eavesdropping, and complete incapacitation of your VoIP systems. CES can ensure both the security of your calls, and protect the capability to make them. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 23 CONFIDENTIAL Future Products and Services Next Generation DigiTar -PRODUCT ENHANCEMENT PLANS/PRIORITIES – CONFIDENTIAL 1.) SENTINEL “Today” Enhancements: Pattern-based routing & policy groups. Dynamic Address extensions. New Portal with web APIs underneath. Managerial executive console [Confidential PRD] IBM Lotus-Domino Plug-in & Integration 2.) SENTINEL “Next Generation” Technologies: TweetComplete™ Micro-Blogging Tools [Confidential PRD] MaxIM™ Secure Instant Messaging [Confidential PRD] eAttach™ Protection Services [Confidential PRD] MadAve™ Advert Revenue [Confidential PRD] SMS Wireless eMessaging™ [Confidential PRD] These development activities are sensitive work product of DigiTar technical team, and will be a part of patent and Intellectual Property filings covering state-of-the-art messaging management, and smart wireless technologies along with instant messaging Web2.0 security. Introduction of these service products is scheduled during late 2009 through 2011. The heretofore-unavailable features and capabilities of these advanced technologies will revolutionize the way providers service their clients. Moreover, they will infinitely expand revenue communications currently “blocked” due to system limitations of today’s network implementations. Lastly, these products will "unfetter" the next generation smart phone 3G capabilities when it comes to eliminating "malware" (voice and eMessage Spam) and other cyber attacks these new phones are subject to. Summary Market Characteristics: SMB Market: Average Range Client Size 50 to 250 users/client Large Enterprise Market: Average Range Client Size 750 to 5000 users/client Larger Gov/Telco/ISP Enterprise Market: Range Client Size 25,000 to 3.5 million users/client Anticipated changes in the client makeup will be driven by the bi-furcations of eMessaging structures and the impact of .MOBI on the organizations. eMail as we know it today is evolving and expanding alone the “needs” lines of usage. In particular “Text Messaging” and “Instant Messaging” are replacing portions of the normal short context emails of the past. Immediacy of connection and feedback is the big attraction of these communications mediums. Even newer eMessaging Channels are appearing as “Opt-In” Micro-Blogging message delivery conduits (Twitter/Tweets). These will further expand / enhance the efficacy of eCommunications and have significant impacts on future concepts of Business and operations campaigns of all types (Marketing, Services, Political, Public Relations, etc.). Likewise, it is impossible to escape the evolution of wireless “Mobile” connectivity. Products such as iPhones, Blackberrys, and new Nokia smart handsets are bringing the information directly to the user without the need of in-house networks and client hardware systems. Fortunately for DigiTar, these evolutions were considered as a part of the backbone technology architecture of our all types of “eMessagingAlignment™ charter and long term business objectives. Also fortunate, is the fact that these new Communications implementations are massively insecure in their HTTP transfer protocols. They open additional requirements and applications for DigiTar technology available today and planned for release in the future. DigiTar’s services market is getting exponentially larger and less competitive (for a while) at the same time. A contra positive trend, to the above, we see with very large enterprise clients planning to move to services “On-Site”. Select types of enterprises are driven to seek better functionally and costs but wish to do so with on-site data processing storage and management. These orgs are highly regulated in some cases and worry about data processing outside their physical plant for PR and ethereal reasons. Inquiries from Japanese and USA bank clients have suggested a desire/need for “DigiTar On-Site” and/or “DigiTar In-a Box” embodiments with remote management and updating of on-site operations being performed on client traffic. As discussed earlier, DigiTar technology is massively modular and redundant to maximize performance and reliability. DigiTar has been working with its hardware technology partner, SUN Microsystems, Inc., on development of server-storage technology systems that embody multiple virtual processing Elements using SUN’s “Secure SOLARIS” Operating system and multi-Threaded server architectures. This is a long term Vision-of-the-future concept which is not included in the financial projections. It is included here for completeness of Disclosure and insight into the modularity of our technology. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 24 CONFIDENTIAL Market Analysis Summary Enterprise Security: As recent virus attacks vividly demonstrated, companies large and small are struggling to maintain around-the-clock network security. Occurring nearly simultaneously, the Blaster, Welchia, Sobig.F and Conflicker worms ripped through “the need for better cyber security is hundreds of thousands of corporate computers, resulting in untold expanding exponentially.” [Gartner] damages and lost productivity. This was followed by even more devastating epidemics of MyDoom, Bagle, and NetSky worms. In such an atmosphere, how can small businesses maximize their IT investments and successfully manage security? “in-house teams struggle to understand and defend against the latest security threats because this requires constant system monitoring – something that few small businesses can afford”. [Gartner] Handling security in-house: Small/medium sized businesses are in a unique – and extremely challenging – position when it comes to combating security threats. Lacking the IT staff commonly found in enterprise operations, they must nevertheless protect their network from attack. This normally entails formulating a security policy and implementing firewall, intrusion detection, virus detection, and other security technologies. But even after taking these steps, the challenge remains of how to manage the security effort. Security, after all, is not static, and small businesses – like any other operation – must be prepared to proactively monitor, maintain, and upgrade their network protection. According to market researcher Gartner, at most companies, the staff responsible for these security functions is also responsible for other activities and spends most of its time on non-security projects. For resource-constrained small businesses, Gartner added, such added responsibility is often too taxing. The bottom line: maintaining the necessary vigilance in these days of “zero-day” attacks requires significant investments in staff, IT systems, and training. NB: DigiTar provides “Zero-Hour” Protection! Michael Osterman reported in 2006 “The trend to integrate messaging security will continue, Outsourcing the security operation: The cost-effective alternative is driven by an increasing number of organizational for small businesses to outsource the management and monitoring of requirements for messaging security focused on stopping malware, spam and phishing attacks; their network security to an MSSP like DigiTar. An MSSP can combine plus adding secure messaging, archiving, content advanced technology with expert human analysis, enabling a small filtering for compliance and other services.” business to cost-effectively strengthen its security posture. An MSSP can “Messaging Security Market Trends, 2005-2008, also provide a level of technology and expertise that ensures rapid An Osterman Research Multiclient Study, 2008. response to real threats. In general, an MSSP’s services include timely phone and email access to security monitoring staff and Web access to reports on such things as device status, change requests, and service level performance. Most importantly, by effectively solving security problems, these services enable small businesses to focus on their core, everyday business issues. Security Management: Small/medium sized Business (SMB) need the benefits of maximum protection, and minimized threat-discovery to threat-destruction time just like the large enterprises. In-short, World-class security, Maximum Protection, but at minimum costs SMB Threats Summary: -Worldwide problem -Everyone connected to the Internet is a target. -Automated tools, blended threats, and worms increase exposure. -Systemic problems, vulnerabilities and configuration errors, make security more difficult Market Segmentation DigiTar's markets are rapidly growing and are tied to cyber security demands of today's Information Technology world. Information security is required at all levels – personal level, corporate level, state and national level. According to the U.S. Department of Homeland Security, there is a steady rise in the occurrence of cyber attacks. As per a recent survey, cyber attacks cost businesses more than $ 46.2 billion (2007) in damage and clean up cost, while the cost in 2000 was $17.1 billion. Some enterprises were forced to shut down whole networks to fix the problem. Thus, there is clearly a sizeable requirement for DigiTar's cyber security products and services for many years. Major market segment: Sales of E-mail messaging Protection Services: A very high demand market for 24/7 services that monitor all domain e-mail traffic and remove Cyber virii and Spam contents from the transfer data streams between a user's site and any incoming message(s) via the Internet. Major market segment: Sales of Complete business cybersecurity Protection services: A major market for business protection services operating 24/7 that extends cyber protection to include all packetswitched data traffic, and private communications between a user and any web site or e-mail host associated with the world-wide web communication capabilities. Complete enterprise protection provides protection from cyber terrorism, including intrusion detection & prevention, content filtering, and performance & bandwidth management. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 25 CONFIDENTIAL Major market segment: Sales of cyber security equipment and systems that have proprietary DigiTar functionality integrated as a value-added component. These products range from cyber filters and software to complete turnkey SOC (Security Operations Centers) implementations, as customized for specific customers. Custom market segment: DigiTar “On-Site™ & DSRU Sales & Licensing of custom software and Joint Venture proprietary security services to international partners and major OEM accounts; and for unique or specific customer requirements which can be added to DigiTar products and services offerings as standard products for revenue enhancement and competitive sales advantages. Market Analysis – TAM Customers/Application 2005 Potential Customers eMail messaging Protection: Complete Enterprise Cyber Protection: Cyber Security Services: Proprietary Technology: DSRU Licensing MSSP ManSecServices Other 2006 2007 2008 2009 2010 CAGR 690,000,000 803,850,000 936,485,250 1,091,005,316 1,271,021,193 1,480,739,690 16.5% 15,000,000 19,950,000 26,533,500 35,289,555 46,935,108 62,423,694 33.0% 11,000,000 14,300,000 18,590,000 24,167,000 31,417,100 40,842,230 30.0% 3,405,000 5,771,475 9,782,650 16,581,592 28,105,798 47,639,328 69.5% 1,000,000 100,000 1,200,000 115,000 1,440,000 132,250 1,728,000 152,088 2,073,600 174,901 2,488,320 201,136 20.0% 15.0% 720,505,000 845,186,475 992,963,650 1,168,923,551 1,379,727,701 1,634,334,398 Total: 17.8% Source: International Data Corporation (IDC) Target Market Segment Strategy [Spam Market Drivers] Spam, commonly defined as, “unsolicited commercial e-mail”, is a powerful advertising channel for many products and services. As a result, spamming has become a profitable business, driven by the low cost of sending e-mail compared to other direct marketing techniques. The high return on investment for spammers has resulted in an overwhelming volume of unwanted messages in personal and business e-mail boxes. Consider this: Conducting a direct mail campaign costs an average of $1.39 per person, meaning that a response rate of 1 in 14 is necessary just to break even on a $20 item. Selling the same $20 item via unsolicited spam e-mail costs only $0.0004 per person, meaning that a response rate of 1 in 50,000 gets the seller back to break-even; anything above that is gravy. DigiTar SENTINEL SMS Simply Stops Spam and Other E-mail Threats from Entering Your Networks! Phishing Phishing is a specific type of spam message that solicits personal information from the recipient. Phishers use social engineering techniques to fool recipients into believing that the message originated from a trusted sender. These attacks are especially dangerous because they often con victims into divulging social security numbers, bank account information or credit card numbers. In one six-month period, from November 2005 to May 2006, Phishing attacks increased in frequency by 4000% and the trend continues upward. Spoofing Spoofing is an especially deceptive form of Phishing/Spam that hides the domain of the spammer or the spam's origination point. Spammers often hijack the domains of well-known businesses or government entities to enhance the validity of their commercial message or scam. An example of spoofing is an e-mail that appears to come from a bank requesting that users log into their account to update or correct personal information. When the users follow a link embedded in the e-mail, they are redirected to a site that looks and behaves like the expected bank website. However, unbeknownst to the soon-to-be identity theft victims, the site is actually controlled by the scam artists who sent the e-mail. Any and all information entered by the victim can now be used in a variety of ways, none of them good. Today's spammers are craftier than ever before and have begun blending elements of both Phishing and Spoofing into their messages, further spinning their web of deception. The toxic combination of Spoofing and Phishing presents a dangerous major threat that can trick most anyone into providing personal information to a stranger. Toothless Legislation In 2004, President Bush signed into law the "Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003," or "CAN-SPAM Act". While well intentioned, CAN-SPAM has done little or nothing to curb the flow of unwanted e-mail. In fact, an estimated 97% of all spam e-mail sent in 2008 violated the Act, and the United States still dwarfs other nations in terms of the origin of spam, with research revealing that an astonishing 85.9% of all spam comes from U.S.-based IP addresses. While CAN-SPAM was designed to decrease the overall volume of spam, the exact opposite has happened: in 2004, spam accounted DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 26 CONFIDENTIAL for approximately 77% of all e-mail traffic, and Phishing attacks continue to increase exponentially, with studies showing an increase of 10,000% from November 2006 to May 2008. Why Anti Spam Software for the Desktop is Not Enough (See: Symantec Hit by Large-Scale Flaw ) The dramatic increase in spam volume has prompted a corresponding surge in stand-alone anti spam software solutions for the desktop, all with varying levels of effectiveness. Some anti spam software uses text filtering to screen incoming messages for known characteristics of spam, while other solutions rely solely on reputation systems, which monitor and categorize email senders by IP address according to their sending behavior. Still other anti spam software uses "challenge/response filters" to block unapproved mail until the sender responds (manually) to a challenge e-mail sent to their e-mail account to verify his or her identity. With so many different methods of filtering spam, no single software-based desktop anti spam solution is capable of effectively stopping spam before it reaches the inbox. The only way to successfully fight spam is by employing DigiTar's SENTINEL anti-spam "DNA" technology. SENTINEL's anti-spam engine is tailored to each user's requirements and coupled with constant updates from global spam definition lexicons plus DigiTar's proprietary spam DNA recognition algorithms. Most importantly however, is the positioning of an effective anti spam solution, ahead of the e-mail gateway, not at the desktop. Without protection ahead of the gateway, mail servers waste massive amounts of bandwidth, cpu utilization and storage space processing every message (wanted or not) and end-users face the unenviable task of deciding what to do with the countless spam messages that successfully reach them. DigiTar SENTINEL deals with spam and other attacks before they get inside your network, thereby adding a critical layer of security and separation from the "malware" and your internal operations. Take a Consolidated Approach to Anti Spam Because it takes a person several moments to process a message and identify it as spam, it is critical to automate that human process, thereby eliminating the impact on employee productivity and business costs in dealing with the removal of spam from the workplace. In addition to effectively identifying spam, businesses must be assured that legitimate mail is not blocked in error. Even one false positive, or incorrectly blocked e-mail, can have a significant impact on businesses today. Accurate spam processing requires a combination of analyses to properly examine various message criteria combined with real-time intelligence data. By utilizing DigiTar's advanced DNA message analysis technologies, and placing the Anti-Spam solution ahead of the network e-mail gateway, an enterprise can retake control of their inbox while improving bandwidth utilization and saving costs. Global Market Demand [24 Hour/Day Assets Leverage]: DigiTar supports its’ Global customer demand is via high speed Fiber-Optic connectivity (between DigiTar and the global client location) and requires a limited number of DigiTar Data Centers. Non-overlapping maximum active user periods yield rolling regional demand loads of 90% of Regional message traffic occurring between 0900 thru 1100 and 1400 thru 1600 local time. DigiTar Facility utilization is defined by the demand usage levels (active Users) associated with 24 1- hour Periods/Area; given 12 service Regions (World-Wide) and total client User Base as follows: [Greenwich Mean Time=Z Time] 1 2 3 4 5 6 7 8 9 10 11 12 Area/Region EEC/United Kingdom EEC/France\Germany Mid East/Israel Mid East/Dubai India/Delhi\Mumbai China/HKG\Shang\Beijing Japan/Tokyo\Osaka\Kyoto\Nara Australia/Sydney USA/LAX USA/DEN USA/CHI USA/NYC ∆ to Z Time +0 Hours +1 Hours +2 Hours +4 Hours +5 Hours +8 Hours +9 Hours +10 Hours -8 Hours -7 Hours -6 Hours -5 Hours Total Users 500,000 2,600,000 100,000 100,000 500,000 1,750,000 3,500,000 300,000 2,500,000 1,250,000 2,500,000 4,500,000 20,100,000 Max Active user Peak Load 250,000 1,300,000 50,000 50,000 250,000 875,000 1,750,000 150,000 1,250,000 625,000 1,250,000 2,250,000 3,510,000(1) Note(1): Maximum Regional User periods (demand levels) do not align with any other regions; therefore, DigiTar needs support for a maximum user load of 3.5 M users (Peak Load) of 20.1M clients. Examples: India client eMessage processing by DigiTar USA requires 800mSecs (0.8 Secs) total message transfer time (From/Return) plus 200m/Sec processing time at DigiTar Data Center; Total >2.0 Sec message latency time. Austria client eMessage processing by DigiTar USA requires 400mSecs (0.4Secs) total message transfer time (From/Return) plus 200m/Sec processing time at DigiTar Data Center; Total >1.0 Sec message latency time. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 27 CONFIDENTIAL Business Models: 2010 Global Served Available Market Active Users: 20,100,000 Peak Users: Monthly Revenue/User@ 3,510,000 $0.58/User(2) $11,658,000 Gross Annual Revenue $139,896,000 Note(2): Discounted net revenues to DigiTar after Marketing/Sales regional absorption costs. Business Models: 2012 Global Served Available Market Active Users: 58,750,000 Peak Users: Monthly Revenue/User@ 7,000,000 $0.43/User(2) $25,262,500 Gross Annual Revenue $303,150,000 Note(2): Discounted net revenues to DigiTar after Marketing/Sales regional absorption costs DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 28 CONFIDENTIAL What the CyberSec Market Needs: Network Security Solutions Must Evolve: Security Challenges and Needs Solutions that ensure business continuity, network availability, and applications access to secure centralized office locations as well as distributed remote workers. Protection against today's complex blended threats and unknown attacks Proven security that does not require constant increases in security staff to select, deploy and manage security solutions Scalable management solutions that contribute to business unit efficiency and meet regulatory compliance Reduce acquisition, installation, and management costs associated with security functions Market Trends DigiTar's markets are rapidly growing and are tied to cyber security demands of today's Information Technology world. ..steady rise in the occurrence of cyber attacks (48 % rise 2003, 67% rise in 2005, 76% rise in 2007, 84% rise in 2008) [US Dept of Homeland Security] Information security is required at all levels – personal level, corporate level, state and national level. According to the U.S. Department of Homeland Security recent survey, 2007 cyber attacks cost businesses more than $ 46.2 billion in damage and clean up cost, while the cost in 2002 was $ 17.1 billion. Some enterprises were forced to shut down whole networks to fix the problem. Thus, there is clearly a sizeable requirement for DigiTar's cyber security products and services for many years. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 29 CONFIDENTIAL Current Security Trends The Number of threats is increasing year over year; over 2,600 new vulnerabilities documented in 2003; over 56,000 in 2004, over 552,000 in 2006 and over 3,504,000 in 2008. Many new vulnerabilities are easy to exploit with many applications and protocol code being made public for scripting and interface Sophistication of threats are evolving – severity of vulnerabilities are increasing Time of infection is now very fast requiring IT to react much faster Malicious Code which exposes confidential data has increased significantly–Blended attacks against Microsoft have increased 10,000 fold The motive and intent is changing – moving from notoriety to financial gain garnered by theft of financial and personal information Market Growth In the first quarter of 2003, there were an estimated 30,000 Internet Service Providers in the United States alone: In particular; 5,000 are colleges and universities. 1,800 are fixed wireless service providers1, including “community” or non-commercial shared networks. 2,500 are Wi-Fi Wireless network nodes, “hot points,” and similar free-access services. 15,000 are Multi-Tenant Unit and Multi-Dweller Unit providers, serving apartment buildings, office buildings, college campuses and other properties2. 12,300 are dialup and broadband services offered by independent ISP’s using incumbent telephone companies.3 8,000 are rural and independent ILEC telephone companies that offer broadband and narrowband Internet services.4 1,000 are cable television companies, including cable over-builders, private cable systems, and local and national cable providers that offer broadband Internet services. 340 are cyber-cafes, resorts, shopping mass kiosk sites and others offering Internet access. 100 are competitive local exchange carriers that offer broadband services, wireless or dial-up services.5 125 are “virtual ISP” services such as the AFL-CIO and the Republican Party, which operate Internet services but have no infrastructure or support of their own. Today (2009) there are an estimated 155,000 of additional global ISP’s, including the remnant “free” services, Fiberto-the-home (FTTH) providers, powerline providers, information services, private ISP’s and virtual private networks, corporate ISP services, and web hosting companies. 1 Source: In-Stat/MDR, March, 2003. Source: Broadband Properties Magazine, 2003 Source: Combined data from Verizon, SBC, BellSouth and Qwest 4 Source: US Telecom Association, 2003 5 Source: New Paradigm Resources Group “CLEC Industry Report 2003” 2 3 DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 30 CONFIDENTIAL According to the U.S. Internet Industry Association, the major trends affecting the Internet service provider industry in the opening years of the 21st Century are: The growth of broadband. 33 million Americans were online via broadband as of the end of 2003. Broadband posted a 59 percent growth rate in 2002, while dial-up accounts declined by 10 percent.6 Broadband connections surpassed dial-up connections in 2007 and virtually will replace dial-up by 2010.7 Evolving Internet services. Traditional Internet services -- email, web browsing and e-commerce – continue to grow. Email messaging will increase by 40% per year through this decade, according to the Gartner Group. And the US Department of Commerce notes that retail sales online surged again last year, up 58 percent over 2007. Added to these traditional applications are a new generation of network services that include peer-to-peer file sharing, instant messaging, Internet to cell phone integration and text messaging, and Voice-Over-IP telephony. These services will combine with other telecommunications and video services over broadband to drive growth and profitability. Email Subscribers: According to Jupiter Research, as of September 30, 2008 the total number of global ISP subscribers was 812.1 million. This number does not include subscribers at work, at universities, or in government. The US Bureau of Census reports revenue data that covers the 1997 through 2008 periods indicating a 36% CAGR growth of DigiTar’s initial key market, “Internet access services”, also known as Internet Service Providers [ISP’s]. Estimates of growth through 2011 and beyond are based on Census data and industry forecasts completed by the U.S. Internet Industry Association [USIIA], The Internet Security Alliance [ISA] and Jupiter Research. Source: U.S. Bureau of the Census, Economic Census NAICS Code: Title: Sector: Definition: 518111 Internet service providers 51 This industry comprises establishments known as Internet service providers. Establishments in this industry provide client’s access to the Internet and generally provide related services such as Web hosting, Web page designing, and hardware or software consulting related to the Internet connectivity. Establishments in this industry may provide local, regional, or national coverage for clients or provide backbone services (except telecommunications carriers) for other Internet service providers. Internet service providers have the equipment and telecommunication network access required for a point-of-presence on the Internet. 2007 Product line code Description 35550 Internet access services 35551 Internet access services: Narrowband 35552 Internet access services: Broadband Ten Year Profile & Projection: 518111-35550 2001 2002 2003 2004 Revenue/Yr $16,170 $20,374 $24,163 $30,108 $x1,000,000 23.90% 26.00% 18.60% 24.60% Yrly AGR 6 7 Number of establishments 16, 394 3,917 13,620 2005 $38,809 28.90% 2006 $52,392 35.00% 2007 $71,777 37.00% 2008 $99,053 38.00% 2009 $137,683 39.00% 2010 $192,756 40.00% See http://cyberatlas.internet.com/markets/ broadband/article/0,,10099_1570321,00.html Study By ARC Group, referenced at http://cyberatlas.internet.com/markets/broadband/article/0,1323,10099_985891,00.html DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 31 CONFIDENTIAL Value Proposition DigiTar provides a complete low cost "Turn-Key" solution to its clients including all hardware, software, 24 hour updates to the virus and spam filters, and all management and reporting of the events and the results of all traffic scanned and/or purged. No other supplier, to date, has the breath of services or system user benefits comparable to DigiTar. By providing complete solutions, including custom programs and/or feature sets, the client can remain focused on their own business activities without the need to expand internal staff and facilities in order to meet regulatory compliance issues or business data management needs. Distributing a Service DigiTar will initially distribute its SMS and CES service products to end users through Independent IT Contractors, VARs and Internet Service Providers (ISP's). In concert with sales through ISPs, DigiTar will also promote and distribute through its own web site and allow customers to sign up and pay via credit card for its SMS services. DigiTar's direct distribution sales plan includes positioning regional agents (commissioned sales) in key metro areas for business development of medium and midsized business firms and enterprises. DigiTar direct sales of security services will be handled by the Regional ISP’s and Value-Added IT-Contractors and Resellers and in-country Partner/Agents, both domestic and international. Development of select USA and certain international markets will be pursued with an objective to form a joint venture business relationship wherein DigiTar will license its technology, and co-location equipment, to substantive regional partners who have the market contacts, depth, technical expertise, and financial where-with-all to establish leadership revenues for DigiTar via franchise and royalty fees commensurate with the served market. Competition and Buying Patterns The traditional cyber security industry has been dominated by only a few major manufacturers: Symantec, McAfee, MessageLabs, and Postini; and then come the low-end players: Spam Assassin, SpamCop, and Barracuda. With the exception of the high end players, MessageLabs (Purchased by Symantec 2008) and Postini (Purchased by Google 2007) who maintain their own sales forces, the other manufacturers distribute and sell mainly through authorized dealers, retailers or via their web site. Given the rapidly growing cyber security threats, the future will most likely be dominated by the same participants as described above. While Symantec has been a past leader in the sales of single function per user "boxed" products, McAfee has emerged as both an innovator, and a leader, in this area as well. Main Competitors The cyber security "services" market has been dominated by MessageLabs, and Postini who offer very expensive solutions, primarily to the large corporations and government agencies business markets. While these services offer extensive features, they are increasingly ineffective at coping with rapidly changing spam trends and are inflexible to the scaling + specific needs of the individual customer. Some competitors, (Ironport), offer/require the user enterprise to purchase a combination of software and hardware products. This makes the integration of security products (hardware) into the user’s network topology much more difficult and expensive; and requires in-house IT Management personnel. Customer Benefit-Value Proposition DigiTar makes it easy for both regional and international Internet Service Providers (ISP’s) to play a larger role in combating viruses. ISP’s will be offering DigiTar security services that scan all incoming and outgoing mail for viruses and spam; if a user's machine comes under attack, DigiTar will block the attacking traffic, notify the ISP, and perform automatic disinfection of the traffic. This kind of resource will allow ISP’s to charge a fee for the cyber security protection which will grow their own business more quickly and with reduced competitive pressure from other ISP’s who do not offer DigiTar Sentinel competitive edge services. No other supplier, to date, has the breadth of services or the reporting systems comparable to DigiTar for the same cost to the customer. By providing complete solutions, including custom programs and/or feature sets, the client can remain focused on their own business activities without the need to expand internal staff and facilities in order to meet regulatory compliance issues or business data management needs. Competitive Edge DigiTar SENTINEL SMS/CES services are easy (transparent) to integrate and utilize within the users existing domain and networks without need for additional infrastructure or personnel. Because of the "designed-in ability to scale", DigiTar makes it easy for its clients to grow or diminish in size, and bandwidth processing requirements, without budget impacts for additional/excess hardware, bandwidth, software and personnel issues. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 32 CONFIDENTIAL DigiTar has built-in a proprietary "Auto-Provisioning" technology whereby customers are relieved of draconian bookkeeping and directory integration tasks that competitive offerings require. DigiTar automatically keeps track of "active" users in the client domain and charges only for users that utilize our service during the calendar month. This eliminates painful periodic manual "culling" by the client administrator, as well as capricious and insecure “LDAP” links to internal client directories, in order to keep costs in line with actual use and maintain maximum client security and separation. This can amount to many man-hours per month of productivity savings, and incalculable security savings. DigiTar's technical staff is unequalled in the innovation of cyber security concepts and implementation of unique DNA algorithms and system constructs. DigiTar will pursue patents and intellectual property rights filings that will differentiate and protect DigiTar's core technology strengths from competitive offerings. Joint selling with major VAR & ISP sales managers and training of their sales personnel allows DigiTar to capture the power of multiple & broadly distributed sales organization(s) throughout the USA, and internationally, without having to directly pay for these large sales teams before real revenue is achieved from the sales region. DigiTar has developed the cyber security industry's first secure service solution to voice over internet connectivity (VoIP phone systems). VoIP is becoming a major growth market, especially in the small-medium sized business markets. Operational cost of these systems is far below that of standard phone and PSTN tariffs from RBOCs. However these systems (Digitized Voice) are subject to the same cyber attacks that business computers are. DigiTar plans to exploit the VoIP market with its "secure VoIP" services in concert with ISPs that are investing in this area in order to expand and differentiate their service offering to their regional markets. Marketing Strategy DigiTar makes it easy for both regional and international Independent IT Contractors and Internet Service Providers (ISP’s) to play a larger role in combating cyber threats. VAR’s and ISP’s offering DigiTar security services are delivering complete "TurnKey" solutions to its clients including all hardware, software, 24 hour updates to the virus and spam filters, as well as all management and reporting of the events and results of all traffic scanned and/or purged. No other supplier to date has the integrated breadth of services or the reporting systems comparable to DigiTar. This kind of resource allows ISP’s to charge a fee for the cyber security protection which will grow their own business more quickly and reduce competitive pressure from other ISP’s who do not offer DigiTar Sentinel competitive edge services. DigiTar provides a deep discount, up to 50%, to resellers of SMS and CES services. By providing complete solutions, including custom programs and/or feature sets, the client can remain focused on their own business activities without the need to expand internal staff and facilities in order to meet regulatory compliance issues or business data management needs. DigiTar's technical staff is unequalled in the innovation of cyber security concepts and implementation of unique DNA algorithms and system constructs. DigiTar has extensively modeled the costs associated with providing cyber security services for a broad spectrum of account sizes. DigiTar has developed an aggressive pricing strategy that saves clients significant costs, as compared to competitive suppliers, and at the same time delivers gross and net margin to DigiTar well in excess of industry norms. Due to DigiTar's proprietary technologies, business constructs and the extensive margins built into this business plan, DigiTar will remain profitable in the face of possible competitive price pressures. Joint selling with major Resellers, and training of their sales personnel, allows DigiTar to capture the power of multiple & broadly distributed sales organization(s) throughout the World without having to directly pay for these large sales teams before real revenue is achieved across the region. Positioning Statement Association with prominent Resellers and Internet Service Providers (ISP's) globally wherein DigiTar brings a turnkey ability for the them to offer advanced cyber security features and capabilities to their existing and competitive customer base. This spares them the need to spend additional capital, and avoids the expansion of current employment to cover the security monitoring and systems performance required to provide users with 24/7 cyber security protection from web-based virii, intrusions, spam mail and secure virtual private connectivity to and through the world wide web cyber business environments. Pricing Strategy DigiTar has priced its services based upon value and return on investments criteria. DigiTar has extensively modeled the costs associated with providing cyber security services for a broad spectrum of account sizes. Distributors & select Resellers can enjoy up to 50% discounts on list user pricing, which produces excellent margins for the sales organization without the need for add-on administration or equipment expense. DigiTar has developed an aggressive pricing strategy that saves clients significant expense, as compared to competitive suppliers, and at the same time delivers gross and net margin to DigiTar well in excess of industry norms. Due to DigiTar's proprietary technologies, business constructs and the extensive margins built into this business plan, DigiTar will remain profitable in the face of possible competitive price pressures. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 33 CONFIDENTIAL Promotion Strategy DigiTar plans to list its services with major internet search services, such as Google, Yahoo, etc., and advertise on these services also. In complement with the search engine services, DigiTar will directly contact targeted smaller and medium sized clients, i.e., ISP's, Law firms, Mortgage services, Banks, county and city agencies, Medical clinics and associated regional facilities, through the use of e-mail-list services and each industry's promotional publications. Key to the DigiTar plans for enhanced services is a viral marketing campaign targeted initially at technophile cyber communities and early adopters of paradigm-shifting technology. It is these early adopters that are, by nature, evangelists that push new technology out towards friends, family and general adoption. We will allure published and recognized luminaries in technorati circles with the use of DigiTar’s compelling technology, in exchange for testimonials on their channels to the community. Examples of such luminaries and their channels are: Jon Udell – His opinion articles (InfoWorld, et. al.) and blogs are widely read and trusted by the technology community for his perceived sharpness and attunement to new and useful technology trends. Joel Spolsky – Spolsky’s blog “Joel on Software” is read by thousands in the Information Technology and technology-at-large communities. Due to the nature of blogging, his opinions and insights are viewed as uninfluenced by glitzy marketing and grounded instead in reality. As a result, his influence over his readership is great. Slashdot – Under recognized as a resource by established vendors, Slashdot is a massively followed harbinger of successful paradigm-shifting technology. So pervasive is its influence that it has a verb associated with it. To be “slashdotted” is to have your web site hit by so many visitors as to be effectively overloaded. The verb has its origins in the fact that almost every site Slashdot references becomes rapidly slashdotted. Google, Flickr and BitTorrent are but a few of the services and products that have been widely accepted by the early-adopter community after mention on Slashdot. There are additional techno luminaries and communities that will be targeted as well. The above list represents the planned initial contacts. Distribution Strategy DigiTar will initially focus on developing VAR and ISP sales channels in order to establish regional blocks of residential and business end user accounts. This revenue base will be enhanced through the addition of new add-on services that are proprietary, patented "pay-for-use" incremental charges for benefits unavailable from other suppliers. Distribution sales channels, particularly with regard to international users, will be established where market development and expansion can be effected at a favorable cost to DigiTar in return for revenue commitments from these markets over a contract period of years. DigiTar believes that many USA and international distribution opportunities exist wherein the joint venture program can more rapidly garner market share for DigiTar services at significantly reduced cost, as compared to developing said markets directly. DigiTar has established its web site so as to support direct sales and user add-on services for any end user that chooses to take advantage of these proprietary services and benefits. Marketing Programs To date, DigiTar is focused on the smaller and medium sized business markets, i.e., companies, firms and agencies that have less than 5000 users per domain. Small firms might only contain 5 to 50 users. Medium sized organizations will have 300 to 2500 users. Depending upon the enterprise, the connectivity provider or ISP associated with the enterprise, DigiTar will provide cost savings and feature-benefits unavailable from other eMessage security services suppliers. In some cases the ISP may use DigiTar services as a way to attract hosting and connectivity revenues away from their indigenous competition. DigiTar Sales/Marketing Channel Strategy: Sales Strategy: Tailored to the Client Strategic alliances with regional domestic and international Value Added Resellers and Distributor plus Internet Services Providers (ISP’s) are fundamental to the initial customer focus sales strategy of DigiTar. Since many potential clients are serviced by regional ISP’s, DigiTar represents a low-cost/no-cost upgrade to their existing service for their customer base. The firms have major investments in data transmission infrastructures and message management systems but lack an effective integrated cyber security solution. To be able to "bolt-on" DigiTar security services, without major capital outlay or the hiring of certified cyber security management personnel, is a significant advantage to these regional providers in their continuing competitive battles with the super large ISP’s such as MSN.com and AOL.com. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 34 CONFIDENTIAL Globally there are a large number of small regional phone services companies that are struggling to remain competitive against the "By-pass" phone companies and the large RBOCs of the Bell System. DigiTar will joint venture with some of these organizations to enhance their offering to their ratepayers while at the same time providing DigiTar with a captive market user base within each of these regional communications suppliers markets. Special Japanese market initial strategic alliance focus includes several organizations in Banking and IT Computer network products and services. Commitment to Channel Sales Model Strategic alliances with regional and Pan-National IT Distributors, Resellers and Internet Services Providers are fundamental to the strong marketing focus and sales strategy of DigiTar. Since many Global Clients are serviced by regional distributors and resellers, DigiTar represents a low-cost/no-cost upgrade to their existing sales programs and product offerings to their existing and new-potential (outsourcing) customer base. High Gross Margins provided by DigiTar makes the Channel decision to add DigiTar to the profit line, without the requirement for capital expanse, an easy one to support. VAD: DigiTar is targeting to have one Value Added Distributor per Territory to develop the Local Markey quickly: with, A Strong established access to Value Added Reseller base A Strong established contacts to ISPs and Telcos Local Channel Management Local Account Management The Ability to influence local decision makers Local PR VAR: DigiTar’s target is to have the most active and innovative Value Added Reseller: who already, Understands how to promote and sell new services Is Established in the IT-Security business Has strong access to Enterprise Market Has strong access to local Government sector(s) Sample Client List (By Geography and Business Type): Sample Clients Legend: USA/Canada Japan/Asia Europe Retail Universities & Schools Law Firms Services Professional lylepearson.com controller.stanford.edu angstman.com a-c-accounting.com agsgps.com miracle-earcenter.com evolve.stanford.edu cosholaw.com actionbarricade.com amelio.com mollyo.biz family.stanford.edu daviesmoore.com adv-bus-networks.com clearwaterrei.com olvcaldwell.org lanecc.edu goicoechealaw.com bsmwireless.com daviesrourke.com statpads.com law.stanford.edu himbergerlaw.com circlecenergy.com dct-web.co.jp tatesrents.com ml.sakushin-u.ac.jp jbhhlaw.com citent.com digitar-japan.com wingscenter.com purchasing.stanford.edu jesutton.com datatelco.com eaglesconsulting.com rcdb.org technology.stanford.edu mgslegal.com djautotransport.com eberle.com wlu.edu richardsonandoleary.com dukephotos.com explorationservice.com technologylawgroup.com foto-grafics.com frontlinegeo.com Medical landelapharma.com Churches kimvorsemd.com catholicidaho.org treasurevalleylawyers.com ir-m.com geosourceenergy.net landofchaos.com familyradio.org zarianmidgley.com m2mcomm.com gtgcpa.com mluquemd.com risenchristboise.org milliganevents.com lktechinc.com valleywidehealth.com sacredheartboise.org mk-cpa.net mathieucomputer.net Real Estate Manufacturing stmarksboise.org cradlepoint.com plan-it-services.de notes.corpinfo.com colliersidaho.net stmarksschool.pvt.k12.id.us cspboise.com propertybyowner.com onspirix.com deltasquare.com stmarys-boise.org ef5.nl quantumpointtech.com pimtx.com ettore.com stisurveys.com pontiscapital.at gvcrouchmerc.com Government hscc.org ccidaho.org flashelement.com support4domino.com rmeinc.net spectra.com ci.healdsburg.ca.us hydeelectric.net thesolution.at rprwyatt.com Construction superiorec.net idahocenter.com interstate-electric.com woodriverlandtrust.org iddk.com wyattaerospace.com brightoncorp.com stackle.com syringabank.com brandroots.com idhfa.org thunderspring.com cfauscorp.com thaarchitecture.com vanauker.com nhcgov.com olrboise.org esiconstruction.com virtualitidaho.com DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 35 CONFIDENTIAL Strategic Alliances Establishing key business development relationships with the leading IT market suppliers, SUN Microsystems, Inc. and IBM Corporation has allowed DigiTar to market worldwide with the partnership advantages that include platinum level systems and services support in more than 200 countries by trained in-country personnel of SUN and IBM. In addition, DigiTar’s Partnership status provides advanced access to in-country marketing teams along with joint sales programs that complement SUN and IBM products. [See the following News Releases] DIGITAR ACHIEVES ENHANCED STATUS AS A PRINCIPLE PARTNER WITH SUN MICROSYSTEMS ADVANTAGE PARTNER PROGRAM Boise, ID (July 15, 2006) – DigiTar AG. (DTAR), a leading IT outsource provider of Security as a Service (SaaS) and automated Web Content processing solutions, today announced it has been designated by SUN Microsystems as a “Principal Partner” with SUN Microsystems Advantage Partner program. SUN Microsystems Advantage Partner program delivers a wealth of offerings and options to DigiTar, in five key areas: MARKETING TOOLS: Broadens the reach and increases the efficiency and cost-effectiveness of DigiTar’s marketing efforts by leveraging Sun’s considerable experience, resources, and market influence. SALES ENGAGEMENT: Takes DigiTar’s go-to-market efforts to the next level by tapping into Sun’s sales organization, with privileged access to expertise across the organization and expanded teaming opportunities with other program participants. TECHNOLOGY AND PRODUCTS: Cuts the cost and complexity of designing, developing, and deploying DigiTar SaaS eMessaging and Web 2.0 Services—to shorten time to market and increase the return on investment. EDUCATION AND INFORMATION: Build technology competence with Sun products and stay abreast of the latest tools, technologies, and topics of interest in DigiTar’s industry—so as to stay a step ahead of competitors. PARTNER INITIATIVES: Participate in Sun partner initiatives focused around a specific technology and find new ways to expand DigiTar business opportunities and revenue streams. DigiTar’ state-of-the-art, SENTINELMessaging™ and SENTINELComplete™ Enterprise technology provides Fortune 500 and Fortune 1000 clients unprecedented levels of protection, and allows its clients to maintain 24x7x365 access to their mission-critical systems and cyber communications data without any planned or unplanned interruptions. “DigiTar understands that even a few minutes of downtime within a services provider can have a catastrophic effect on a company’s business operations, corporate reputation, and ultimately, its bottom line,” said Dale Williams, President and CEO of DigiTar. “DigiTar has built a world-class eMessaging infrastructure that, combined with a wealth of industry experience and expertise from SUN, ensures that DigiTar clients always have the highest level of turn-key CyberSec solution processing performance and reliability necessary to compete in today’s global marketplace.” About DigiTar DigiTar AG. (DTAR) provides outsourced eMessaging and cyber security processing services for world-class IT communications solutions that accommodate the business needs of large and small, data-intensive enterprise companies. DigiTar operates a highly reliable and secure Enterprise Data Center facilities that offer “five nines” (99.999%) availability and highly scalable processing systems in conjunction with managed IT solutions that secure Fortune 1000 companies’ mission-critical, threat & disaster proof cyber messaging and communications. DigiTar is a SUN Microsystems Advantage - Principal Partner, which assures DigiTar clients of leading edge innovation, performance, reliability and support. As a result, DigiTar solutions enable clients to reduce their operating costs and focus on their core competencies. For more information about DigiTar, contact www.digitar.com. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 36 CONFIDENTIAL From: [email protected] Sent: Thu 10/12/2006 1:36 PM To: DigiTar AG. Subject: Advanced level membership At this time we’re pleased to inform you that your customer services technology to IBM Lotus Notes and Domino applications software products was approved for and has qualified you for the following: "DigiTar AG. - IBM Advanced Business Partner" Achieving PartnerWorld Advanced level entitles you to use the IBM Business Partner emblem and the designation "IBM Advanced Business Partner". Use of this emblem endorses your relationship with IBM in the minds of your clients and can reinforce their decision to do business with you. The IBM Business Partner emblem and usage guidelines can be found at: http://ibm.com/partnerworld/pwhome.nsf/weblook/emblem_welcome.html In addition, your company is now entitled to a powerful set of marketing, sales, and technical resources specific to the industries and markets you serve through the PartnerWorld Industry Networks. Please visit http://ibm.com/partnerworld/industrynetworks to learn more. If you are interested in a complete listing of all PartnerWorld benefits, they can be found at: https://ibm.com/partnerworld/mem/manage/mem_ben.html Congratulations! Thank you for your interest in IBM. If you have questions regarding PartnerWorld or this email, please contact PartnerWorld Contact Services at: http://ibm.com/partnerworld/pwhome.nsf/weblook/cpw_index.html Sincerely, The PartnerWorld ISV team DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 37 CONFIDENTIAL Case Studies and letters of Customer endorsement and recommendations: DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 38 CONFIDENTIAL David Bartlett – Executive Vice President Operations DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 39 CONFIDENTIAL DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 40 CONFIDENTIAL DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 41 CONFIDENTIAL DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 42 CONFIDENTIAL DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 43 CONFIDENTIAL DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 44 CONFIDENTIAL DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 45 CONFIDENTIAL DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 46 CONFIDENTIAL 2006 DigiTar, All Rights Reserved DigiTar™ case study series - Sentinel Messaging™ RiskSecure, LLC April 2006 RiskSecure provides a range of cyber security consulting services, including compliance audits, round-theclock vulnerability scanning as well as in-depth security training. Their clients range from small-sized businesses to companies in the Fortune 50. Through their commitment to improving security and reducing risk, RiskSecure has established themselves as a world-class provider for security services. About Troy Taylor Troy has worked for Fortune 50 clients in roles such as Divisional Information Security Manager for HewlettPackard and has over fifteen years of IT experience. He has started, run and sold several start ups and holds degrees in Nuclear Physics and an MBA. The Problem: Spam Overload To say RiskSecure had a problem with spam might be the understatement of the year. Having collected many “old growth” domains from the companies that merged to form RiskSecure, the company was a target for armies of spammers. Many thousands of spams would hit its mailboxes every day. For a long time, RiskSecure employed the Open-Source Software program SpamAssassin to mitigate the problem. However, the spammers seemed to always be one-step ahead. The volume of spam processing kept increasing to the point where hundreds of spams where slipping past SpamAssassin every day. Additional layers of spam filtering were implemented and eventually even those failed. Something needed to be done before email became a useless tool. RiskSecure needed a solution to fix the problem and it needed to happen fast. The Solution: Sentinel Messaging™ As a longtime information security insider, RiskSecure CEO Troy Taylor was familiar with the many products and approaches on the market. So when looking for a new messaging security solution, he was skeptical that he would find anything that performed better than SpamAssassin. “To be honest, when I first heard about DigiTar’s Sentinel Messaging™ solution, I had my doubts that it would perform any better than SpamAssassin. In fact, I was fairly sure they would not get even close to 99% accuracy. So, RiskSecure was understandably thrilled at the results Sentinel Messaging™ produced within the first two weeks. We’re consistently seeing accuracies in the range of 99.2% to 99.7%. It’s truly amazing.” RiskSecure has also enjoyed many unanticipated ancillary benefits of using Sentinel Messaging™: “DigiTar has reduced the amount of mail hitting RiskSecure’s servers by over 75%. Thus, we can spend more time working and less time on manually filtering email and save a tremendous amount of time upgrading our mail infrastructure. Frankly, the biggest benefit has been DigiTar’s support and service. Anytime RiskSecure has had a question or needed assistance, DigiTar worked diligently to address our concerns. The turnaround time has been fantastic. Refreshingly, this just seems to be the normal way DigiTar runs their business. Having a technical background, I am used to managing infrastructure in-house, and I was hesitant to give up control of such a critical part of our business. Since RiskSecure is a security services company, any failure could be catastrophic to our reputation. DigiTar has consistently delivered on our reliability expectations and RiskSecure’s ability to handle previously insurmountable mountains of spam. I personally believe their solution is among the best on the market and certainly the most affordable. We would without hesitation recommend Sentinel Messaging™ to any of RiskSecure’s customers, including the Fortune 50 clients. DigiTar has made a believer out of RiskSecure as a company and me personally.” Moving forward, RiskSecure states they look forward to taking advantage of additional Sentinel Messaging™ features as their business grows and their disaster recovery and messaging compliance needs expand. The fact that this will be a zero hassle, instant deployment event, makes their choice particularly comforting. DigiTar's mission is to align and elucidate the world's messaging. Our services enhance existing messaging systems with next generation feature sets, through state-of-the-art technology development. Core to our philosophy is the commitment that next-generation enhancements should reduce not add to the burden of those systems. We seek zero configuration principles across our entire service line. To find out how you can benefit as RiskSecure has, please contact DigiTar Sales via [email protected]. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 47 CONFIDENTIAL DigiTar™ case study series - Sentinel Messaging™ Stanford Law School March 2007 The Problem: Processing Overload Spam was making Bao Tran’s life miserable. As the Technical Services Manager at Stanford Law School (SLS), availability of his IBM Domino cluster was keeping him up at night. SLS’ server-based anti-spam and anti-virus packages were buckling under the torrents of e-mail thrown at them…and taking the Domino cluster down. Further complicating matters, was the hands-off approach the security software vendors took to addressing Bao’s growing problem. As a result, Bao started looking for an alternative solution. One that would both increase the accuracy and effectiveness of SLS’ mail security, while offloading the processing burden. When he chose DigiTar’s Sentinel Messaging™ service for its superior performance, low administrative overhead and service commitment, he did not realize how quickly his choice would pay off. While Sentinel Messaging™ had been chosen by SLS, full deployment was awaiting the completion of a metered activation plan. Without warning, swarms of e-mail with 7MB attachments started hitting the SLS Domino cluster. Someone had forwarded a 7MB e-mail to a mailing list subscribed to by many faculty and staff, and it was grinding the cluster to a halt. So when the massive e-mail storm hit, each server in the Domino cluster started to grind to halt under spam and virus scanning load. The Solution: DigiTar Sentinel Messaging™ DigiTar™ was immediately ready to help. After discussion with DigiTar™ messaging engineers, Bao quickly obtained the necessary SLS approvals to authorize a full Sentinel Messaging™ deployment: “We didn’t know how to get the situation under control. Our old spam and virus scanning software was crushing our Domino cluster, and professors were starting to notice that their e-mail was being heavily delayed. I called DigiTar to find out how fast they could stand up a full-deployment…hoping we could remove the anti-spam and anti-virus software that was killing us. Imagine my amazement when they said they could be ready to go in 60 minutes. Normally, a major change like this would have required weeks of preparation and careful planning. Without Sentinel Messaging™’s amazing auto-provisioning and veriSYNC™ features, making a move so quickly would have been unthinkable…even given our dire situation. With any other service, just getting an accurate user list together would have taken days. To get Sentinel Messaging™ fully configured and running didn’t require any more effort than saying ‘Yes’. More importantly, DigiTar™ treated Stanford Law’s problem as if it was DigiTar’s problem from the minute I called. They had a signed purchase order from us…they didn’t have to go the extra mile.” Within minutes of activating all of Stanford Law School’s users, Sentinel Messaging™ completely shouldered the burden of the unexpected Denial-of-Service: “The SLS Domino cluster returned to stability within minutes of activating Sentinel Messaging™. Without the amazing service and support we received from the DigiTar™ staff, we could not have successfully weathered this incident. Throughout our trial, and now production use, DigiTar has consistently provided a level of service and concern for our organization that we have never before experienced in IT. You can’t buy that kind of relationship. ” Source: Mr. Bao Tran - Technical Services Manager, Stanford Law School; Palo Alto CA DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 48 CONFIDENTIAL DigiTar™ case study series - Sentinel Messaging™ The Problem: Poor Service & Spam Avalanche December 2006 Colliers International - Boise had a major issue. “Our Office was getting overloaded with spam on our Exchange server and so we moved to a messaging security service to address the issue. Unfortunately, the service’s message classification accuracy wasn’t much better, and it also introduced up to 4-hour delays to our receiving mail. Further, the service wasn’t able to resolve the fact that many critical messages didn’t arrive at all.” “In a series of efforts to fix our problems, Colliers first tried GFI MailEssentials anti-spam software on our Exchange server, which was ineffective against the tide of spam we faced daily. As a result, we then tried the SecureTide™ messaging security service from AppRiver®. Rather than a cleaner inbox, Colliers now tolerated mail delays of up to 4 hours, and sometimes mail that simply didn’t arrive at all. AppRiver’s response of “not our problem” was crippling Colliers from conducting millions of dollars of business on a daily basis. Fed up with the “not our problem” attitude, Colliers went looking for a better answer…and a better service relationship.” The Solution: DigiTar Sentinel Messaging™ Colliers CFO Elaine Holm’s biggest concern was the mail they were missing: “Clients would send emails that just wouldn’t arrive. Best case, it would take a couple of hours for the mail that did arrive to get to us. In our business, getting mail on time can mean the difference between making a million dollar deal and getting shutout. We were just hamstrung.” “Every time we’d talk with AppRiver it was the same story…'we don’t know what the issue is, the mail delays are normal, ….not our problem'. They didn’t expend any effort to help us resolve the problems. It was tempting to laugh at our IT solutions provider when they suggested another service vendor - DigiTar. Needless to say I was stunned at the level of service we received with DigiTar’s Sentinel Messaging™. It was a night and day difference from AppRiver.” “From day one with DigiTar, when problems of missing mail persisted, DigiTar assumed the issues were their problems. They went above and beyond their own systems, spending days tracking down the issue with our clients’ IT departments. They finally identified the problem as being caused by our former DNS provider Time Warner Telecom. Even when the problem was positively identified as not being DigiTar’s responsibility, DigiTar worked with Time Warner on our behalf to make sure Time Warner resolved the issue. DigiTar made Time Warner’s problem their responsibility and kept us informed. We didn’t buy a special support contract…this was just DigiTar’s standard level of service.” Colliers International – Boise, since then has enjoyed many additional benefits of using DigiTar Sentinel Messaging™ Services: “The most immediate effect of using Sentinel Messaging™ was that the mail delays disappeared. Even before Time Warner resolved our DNS issue, our mail started arriving within seconds of our clients sending it. No longer did we wait 4 hours for an e-mail like we did under AppRiver™. Also, our spam deluge problem disappeared.” “If your business relies on e-mail, we can’t recommend DigiTar Sentinel Messaging™ highly enough. Our relationship is what DigiTar values the most. In addition to DigiTar’s continued velvet glove service, Colliers is looking forward to upcoming features of Sentinel Messaging™ as our business grows and our messaging needs become more sophisticated.” Source: Ms. Elaine Holm - Chief Financial Officer Colliers International – Boise Operations DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 49 CONFIDENTIAL Recent News Articles: Cyber Security Trends & Challenges Report: “Security” Tops CIOs' IT Investment List By Scott Campbell, ChannelWeb 1:35 PM EDT Wed. Apr. 15, 2009 Seventy percent of CIOs said they will continue to invest in IT initiatives over the next 12 months, according to a survey by Robert Half Technology. Information security was chosen as the top technology, with 43 percent of the 1,400 respondents expecting to invest in that area. That was followed by virtualization (28 percent) and data center efficiency (27 percent). "Although times are lean, many companies are finding that they can't afford to postpone IT investments that lead to increased security, efficiencies or revenues," said Dave Willmer, executive director of Robert Half Technology, in a statement. "Organizations also are trying to make sure they are prepared for growth when conditions improve, and enhancing their IT infrastructure is part of that process." CIOs in the financial services and transportation sectors were most likely to cite information security as an investment in the next 12 months, with 59 percent and 58 percent of respondents, respectively, citing that technology. Other technologies rounding out the top five investments for CIOs are VoIP (26 percent) and Software-as-a-Service (26 percent). "Subscribing to SaaS, rather than purchasing software licenses, is a particularly attractive option for businesses with tight IT budgets," according to Robert Half Technology. " Other IT initiatives for which CIOs are planning less investment include green IT (20 percent), business intelligence (19 percent), and social networking (18 percent). Glenn Leatherwood, director of IT architecture at Valmont Industries, Valley, Neb., said the results didn't surprise him. "I would agree that information security is a big focal point right now.” DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 50 CONFIDENTIAL MARKET BULLETIN: CyberSec is at the top of the list of issues deemed important (87 percent) in 2009. Forrester 2009 Security Trends Despite Economy, Security Spending To Increase In 2009 Data protection, identity management to get increasing attention in new year's budgets, Forrester says By Tim Wilson Despite a troubled economy, both large and small enterprises are poised to spend a higher percentage of their IT budgets on security in 2009, a major research firm said today. According to new reports on IT security trends in large enterprises and small and midsize businesses (SMBs) released today by Forrester Research, the pressure to cut back on IT spending is not slowing the trend toward increased security spending. "Security is getting a larger slice of the IT budget pie," says Forrester analyst Jonathan Penn in the enterprise study. "Firms are devoting 11.7 percent of their company's IT operating budget to IT security in 2008 -- contrasted with 7.2 percent in 2007 -- and plan to continue nudging up IT security budgets in 2009 to 12.6 percent of the IT operating budget." Security will also account for a higher percentage of budget allocations for new initiatives this year, going from 17.7 percent in 2008 to 18.5 percent in 2009, the report says. Similar increases are expected in smaller companies, Penn says in the SMB report. "SMBs devoted 9.1 percent of their companies' IT operating budget to IT security in 2008 -- down from 9.4 percent in 2007 -but they have plans to bring IT security budgets back up to 10.1 percent in 2009," the report says. "Allocation of budget for new initiatives mirrors this trend, with security going from 14.9 percent in 2008 to 15.9 percent in 2009. No big swings of the budget axe here." What are the drivers behind the spending increases? "Protecting the organization's information assets is the top issue facing security programs," the enterprise report states. "Data security (90 percent) is most often cited as an "important" or "very important" issue for IT security organizations, followed by application security (86 percent) and business continuity/disaster recovery (84 percent). Meanwhile, areas like threat management (81 percent) and regulatory compliance (80 percent) are cited less frequently." Among SMBs, data security is at the top of the list of issues deemed important (87 percent), with application security close behind (80 percent), Forrester says. Among technologies, outsourced security services, data loss prevention, and identity and access management are at the top of the list to receive more attention in 2009. "Managed security services are growing, driven by skill needs and cost savings," the enterprise report says. "The two top drivers among firms for using a managed security service provider are the demand for a specialized skill set (29 percent) and the need to reduce costs (28 percent). While email/Web content filtering is the most popular managed security service today, the greatest promise for [managed security services] growth in the coming 12 months is in vulnerability assessment and in host event log monitoring and management." Pasted from <http://www.darkreading.com/security/management/showArticle.jhtml?articleID=212700661> DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 51 CONFIDENTIAL Web 2.0 brings set of security concerns By Tom Sullivan Security: As companies continue adopting new Web 2.0 technologies including online collaboration, social networking, file sharing, a new report from Forrester Research found that Web 2.0 security concerns abound. Web 2.0 security concerns abound Filed under: Security A lack of comprehensive security tools designed to stop Web-based threats continues to be a problem among businesses, according to a new survey published by Forrester Research and Secure Computing on Monday According to the study -- which was based on interviews conducted by Forrester with roughly 150 IT pros -- companies of all sizes continue to adopt a larger number of Web-based applications, in particular so-called Web 2.0 technologies such as online collaboration and file-sharing tools, yet few have done anything to protect themselves against the growing volume of attacks that seek to piggyback on the systems. First off, even though most companies (97 percent) consider themselves prepared for malware threats, a majority (79 percent) admit that they are still falling prey to attacks on a "frequent basis," with a relatively large number (68 percent) conceding that they have "room for improvement." At the same time, companies clearly recognize the potential for Web 2.0 applications to become channels through which they might have sensitive or valuable data walk out the proverbial door. Roughly 92 percent of the respondents said that outbound data leakage prevention (DLP) is a part of their Web-filtering strategy, with 58 percent ranking it as an "extremely important" business concern. In terms of aligning their defenses, companies seem less responsive. Forrester said that "most" enterprises are still dependent on security tools designed to keep traditional attacks at bay, while few have made the move to begin defending against newer threats. Overall, only 33 percent of those interviewed for the study said that they have data leakage prevention capabilities in place today, while 57 percent of those surveyed indicated a belief that restricting access to social networking and rich media sites could "visibly increase" employee productivity. "We have found that most companies that have implemented any kind of Web protection have only installed URL filtering and signature scanning," Chenxi Wang, a Forrester researcher involved with the study said in a report summary. "Malware writers are now using the Web as a primary vehicle to propagate a plethora of new threats undeterred by traditional security means. The need for more effective Web protection has never been greater." Among the recommendations offered to companies in the report to help close the apparent gap: -Employ new technologies that do a better job handling Web 2.0 threats, including reputation services, blended attack protection, behavior-monitoring tools, outbound content control systems and applications-usage controls. Pasted from <http://weblog.infoworld.com/zeroday/archives/2007/10/web_20_security.html> Spammers Giving Up? By Betsy Schiffman Bill Gates was wildly optimistic when he said in 2004 that the problem of spam would be "solved" by 2006. The volume of junk e-mail transmitted worldwide is still enormous. But a remarkable trend is underfoot, according to Brad Taylor, a staff software engineer at Google: The number of spam attempts -- that is, the number of junk messages sent out by spammers -- is flat for the first time in years. Other experts disagree with Google, pointing out that overall spam attempts continue to rise. By most estimates, tens of billions of spam messages are sent daily. Chenxi Wang, an analyst at Forrester Research, scoffs at the idea that spam attempts could be on the decline. "I'm seeing that the overall trend is up," Wang says. "We're not seeing a drastic increase, though. And we're also seeing an increase of targeted spam instead of blanket spam that hits everybody in a large population. Today, for instance, you see spam messages on saving (on) prescription drugs targeted to seniors." For its part, Yahoo, too, says the overall amount of spam transmitted is on the rise. Regardless of the overall spam attempts, David Daniels, vice president of Jupiter Research, predicts the number of spam messages that actually reach a typical inbox will remain roughly flat over the next three years. And for most people, that's what really matters. "We're forecasting that the number of spam messages that annually reach the average inbox will hit 4,351 in 2007. For 2010, we think that number will essentially be flat at 4,403. The growth will be very, very small," Daniels says. New anti-spam technologies are also always under development, and there are new anti-spam services and technologies becoming available to consumers and enterprises It's by no means a perfect system, though. And spammers are, if nothing else, persistent. In a bizarre twist, Daniels thinks that instead of receiving spam offers from penny-stock pushers, mailboxes will increasingly be filled with marketing messages that we choose to receive, such as promotional e-mails from a favorite clothing store or a bank. He thinks the average number of messages from marketers that individuals receive annually will grow from 2,715 in 2007 to 3,335 in 2010. "We expect people to spend as much time on e-mail as they have, but we think people will receive more e-mail from legitimate marketers. So there will be more competition to get consumers’ attention in the inbox, but it will be more like competition between The Gap and J.C. Penney as opposed to The Gap and a Viagra salesman." Pasted from <http://www.wired.com/print/techbiz/it/news/2007/11/google_spam> DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 52 CONFIDENTIAL WHITE PAPER - Web Security SaaS: The Next Generation of Web Security April 2008 IDC OPINION The demand for more comprehensive Web security solutions has been fueled by the increasing sophistication of Web-based threats that reach far beyond productivity, bandwidth, and liability issues. The Web has become the new threat vector of choice for hackers and cybercriminals to distribute malware and perpetrate identity theft, financial fraud, and corporate espionage. As most organizations struggle to be protected against traditional email-borne malware, the Web has become an added burden as an additional latest target for hackers to launch various types of malware attacks. As a growing number of Web 2.0 applications make their way into the enterprise, they bring with them even more security concerns and attack vectors. A recent IDC study found that two-thirds of organizations are currently using at least one Web 2.0 application (source: Web 2.0 Applications Are Already in the Enterprise: Key Findings from IDC's AppStats Survey, IDC #208944, October 2007). Organizations of all sizes are trying to combat the problem with a multilayered defense. However, the resources required to manage multiple security products can often overwhelm an IT department in the enterprise business environment irrespective of size. Many SMB organizations lack the in-house capabilities to keep up with the evolving threat landscape. These factors are driving the growing interest in security as a service (SaaS) protection. The adoption of SaaS in the messaging security market has grown explosively over the past few years. IDC believes many SMB organizations will leverage the same SaaS benefits to address their Web security needs as well. In fact, a recent IDC survey found that Web security SaaS has the highest planned adoption rate (approximately 14%) over the next 18 months in business environments. Above the Clouds: A Berkeley View of Cloud Computing Electrical Engineering and Computer Sciences-University of California at Berkeley Technical Report No. UCB/EECS-2009-28 http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-28.html February 10, 2009 Executive Summary Cloud Computing, the long-held dream of computing as a utility, has the potential to transform a large part of the IT industry, making software even more attractive as a service and shaping the way IT hardware is designed and purchased. Developers with innovative ideas for new Internet services no longer require the large capital outlays in hardware to deploy their service or the human expense to operate it. They need not be concerned about overprovisioning for a service whose popularity does not meet their predictions, thus wasting costly resources, or underprovisioning for one that becomes wildly popular, thus missing potential customers and revenue. Moreover, companies with large batch-oriented tasks can get results as quickly as their programs can scale, since using 1000 servers for one hour costs no more than using one server for 1000 hours. This elasticity of resources, without paying a premium for large scale, is unprecedented in the history of IT. Cloud Computing refers to both the applications delivered as services over the Internet and the hardware and systems software in the datacenters that provide those services. The services themselves have long been referred to as Software as a Service (SaaS). The datacenter hardware and software is what we will call a Cloud. Thus, Cloud Computing is the sum of SaaS and Utility Computing. People can be users or providers of SaaS, or users or providers of Utility Computing. We focus on SaaS Providers (Cloud Users) and Cloud Providers, which have received less attention than SaaS Users. From a hardware point of view, three aspects are new in Cloud Computing. 1. The benefit of infinite computing resources available on demand, thereby eliminating the need for Cloud Computing users to plan far ahead for provisioning. 2. The elimination of an up-front commitment by Cloud users, thereby allowing companies to start small and increase hardware resources only when there is an increase in their needs. 3. The ability to pay for use of computing resources on a short-term basis as needed (e.g., processors by the hour and storage by the day) and release them as needed, thereby rewarding conservation by letting machines and storage go when they are no longer useful. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 53 CONFIDENTIAL The following presents excerpts of an eBRIEFING paper published by COMPUTERWORLD - September 2008 COMPUTERWORLD - September 2008 Cyber Security as a Service MakesSense Today Trends of the Future: Outsourced Cyber Security Service eliminates the agony of email and Web threats management. Key reasons to Adopt SaaS Security Corporate IT teams are waging a significant security battle on two fronts these days: stopping attacks via the Web and through email. They are tirelessly trying to protect their networks against known and unknown viruses, spyware and phishing attacks. However, the more complex these threats become, the more infrastructure companies have to bring in-house, sending capital expenditures through the roof. It’s a battle that Aaron Zuccolin, manager of information systems at the Canadian law firm Watson Goepel Maledy LLP, estimates that 80% to 90% of his Vancouver, B.C.-based firm’s email is spam. [Enterprise security] is a fool’s game to manage in-house because you can spend thousands of dollars on hardware, software and personnel and still not lower your risk.” Aaron Zuccolin - MANAGER of INFORMATION SYSTEMS, WATSON GOEPEL MALEDY LLP “Trying to manage that volume day-to-day in-house would be ridiculous,” he says. “Enterprise security is highly variable in terms of the threats you have to deal with, the solutions that are out there to deal with them, and the complexity you want to endure as you scale. Instead, like many of his peers today, Zuccolin has opted for a security software-as-a-service (SaaS) strategy, a software application delivery model where applications are hosted on the Internet and clients pay for usage rather than infrastructure and licensing. By offloading his email security to a provider, Zuccolin says he can focus his team on developing policies and procedures that mitigate the overall data privacy risk. Chenxi Wang, principal analyst at Forrester Research Inc., says that SaaS offerings will become more prevalent over the next few years as services continue to mature and organizations see SaaS as viable for more than just legacy business applications. “Companies are getting more comfortable with SaaS in general—it’s becoming more of a norm. They’re realizing the benefit of outsourcing commoditized solutions, like security, to specialists so they can stay focused on their core business,” she says. In fact, companies are seeing drawbacks to owning and managing their own security infrastructure. For instance, on-premise security software and appliances can create a single point of failure. They can also be hard to scale as threats increase, slow to respond to new threats, and a drain on internal IT resources. [Companies] are realizing the benefit of out-sourcing commoditized solutions, like security, to specialists so they can stay focused on their core business.” CHENXI WANG - PRINCIPAL ANALYST, FORRESTER RESEARCH INC Security SaaS solves Benefits of Outsourcing Security… and/or why SaaS makes sense: Provides improved manageability In most organizations today, security revolves around building and managing either hardware and software or appliances. IT teams must spend a major portion of their time focusing on licensing, updates, performance and availability for a host of security systems strewn about the enterprise. They also struggle with implementation and setup costs, as well as compatibility issues. This leaves little time for managing what’s most important—the revenue oriented business processes that enhance corporate growth, profits and efficiency of the core business. With SaaS, companies can eliminate the burden of managing infrastructure and focus on developing and enforcing streamlined policies. They can also direct responses to overall threats via a single console, rather than having to tweak configurations at distributed locations. Zuccolin says this holistic view has made it easier and more effective for him to combat spam, spyware, virus and phishing threats. “We’re more strategic now. We’ve gotten rid of the mundane work so we can focus on our overall security policies such as lowering our risk and disaster recovery,” Zuccolin says; “in fact, we can focus more on business analytics and problem solving.” Features guaranteed SLAs One of the biggest benefits to SaaS is knowing that the provider has promised to uphold a service-level agreement (SLA). SLAs traditionally guarantee a higher level of performance, availability, uptime and security than IT teams are able to deliver in-house. Most SLAs offer a way for companies to access reports that feature details on threat mitigation, throughput and responsetime performance, as well as other key metrics. SLAs also offer a clear understanding of the different levels of support customers will receive based on the threat priority level. “With SLAs, you put escalation procedures in place so you know what to expect when an abnormal situation happens. You also know that things will be taken care of, and when they’re not, who to call,” Wang says. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 54 CONFIDENTIAL Affords flexibility and scalability Trying to keep up with the demands of protecting email and Web security can be impossible—literally. Consider that in most cases, IT teams must physically build out their networks to handle corporate growth. And as the network expands, so does the need, and additional cost, for IT staff to manage it. SaaS enables IT teams to easily and transparently scale security to match business needs. For instance, they can quickly add a group of users that resulted from a corporate merger or beef up scanning to protect the organization from unwanted Web content. They can also make sure that mobile users have the same security on-and off- network—a difficult challenge with on-premise solutions. Provides high-quality security by Full-Time security experts It would take a larger IT team, than most companies have, to continually address the security challenges organizations face today, according to Wang. As an example, she points to the fact that 711,912 new malware threats were reported in 2007, which translates into 1,950 new malware attacks each day. She adds that the Web is becoming increasingly more dangerous, with growing numbers of search queries resulting in exposure to malicious attack URL sites. To adequately combat most of these threats, IT teams need immediate and detailed knowledge of emerging attack vectors. One or two staff members devoted part-time to security can’t possibly detect and mitigate these risks quickly enough to ward off serious damage. Wang says that less than half of respondents to a 2007 Forrester survey reported using any kind of real-time protection such as behavior-based detection, outbound content protection, heuristics detection, content inspection, reputation filters or URL filtering. Integrated Threat Management With SaaS, companies don’t have to be security experts. Instead, they can depend on the global based expertise of a provider that is constantly monitoring and combating new threats to the network. Using signature, behavior and heuristic analysis in tandem with access and policy controls, a SaaS provider can quickly thwart spam, virus, spyware and phishing attacks within email as well as detect inappropriate content and malware on Web sites that users visit. And since this protection is in the cloud, CyberSec providers can eliminate the threat before it impacts the network. Thereby, companies avoid sluggish system performance, reduced employee productivity and other business disruptions that spam causes. Cloud-based protection also gives providers a holistic view of potential threats so they know how to protect customers from attacks that have affected other organizations. Zuccolin says security SaaS gives him immediate access to updates without having the typical delay required to download and test a patch. He considers it the fastest response to zero-day threats. Reduces bandwidth requirements and improves network performance SaaS is not only a cost-saver, but also a resource-saver, according to Wang. She says that offloading email and Web security takes a lot of pressure off the enterprise to handle traffic generated by spam. For instance, if a company builds its network to support 15 million inbound email messages per day and 14 million are purely junk, that’s a lot of money wasted trying to deal with the volume on-premise. “After you move to an in-the-cloud offering, you only need to support a million messages per day on your own network so bandwidth consumption is drastically reduced,” she says. By ridding the network of that extra burden, companies can also see a boost in performance along with real cost savings. SaaS provides defense-in-depth security Security experts recommend that companies have a multilayered approach to security, but buying and managing the infrastructure required to do that can be cost-prohibitive. Security SaaS enables IT teams to have a layered approach without all the headaches. Web security SaaS can handle fast processing of connection-level filtering and provide an on-premise solution delivering more in-depth content analysis. That first layer lightens the load the on-premise solution has to inspect, enhancing the network’s speed and overall security. Zuccolin says he uses his email security SaaS as an additional layer to ensure outbound email is free of unwanted content and intellectual property so his company is seen as a good corporate citizen. Enhances cost savings surrounding security One of the biggest issues for many organizations is determining if security SaaS adds to the bottom line. As mentioned previously, by eliminating the need for infrastructure and the personnel to manage that infrastructure, SaaS offers immediate savings. In a 2007 study, market research firm Gartner Inc. found that SaaS secure Web gateway solutions cost as much as $40 less per user than appliances. Companies realize these savings by having a subscription model with predictable costs. Companies can also see cost benefits from needing less storage and bandwidth since a lot of spam and other false content is handled offnetwork. SaaS lowers help desk costs as well because IT teams spend less time fixing damage caused by spam, viruses, malware and other attacks. By using a comprehensive security SaaS solution, organizations can avoid the incurred costs of a data breach. A survey by the Ponemon Institute LLC found that 74% of respondents reported a loss of customers, 59% faced potential litigation, 33% faced potential fines, and 32% experienced a decline in share value. As these reasons prove, SaaS is definitely the best option for tackling even the toughest Web and email security challenges. Not only do IT teams get to hand off routine security infrastructure tasks, but they also get instant and scalable access to top-notch security protection across the entire organization. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 55 CONFIDENTIAL DigiTar Technology Scaling & Financial Impact Plans: Scaling is a function of load balancing ahead of, and after, each major operations phase of the overall processing operation (“Silo”– see attached Silo overview on Page 8 above). This gives DigiTar’s architecture the ability to accept/add-in additional capability and capacity at any phase that is becoming saturated without shutting down the operations nor requiring redesign of the process flow. With the addition of distributed (locally or geographically) data centers, we establish “Back-Hauls” connectivity between the sites and share message loads on multiple systems. The resource requirements increase as the number of customers increase. The amalgamation of traffic from all customers is the peak load capacity requirements exhibited at each hour in the 24 hour processing day. However, the global client base systemically spreads the peaks loads across multiple time zones so that the algebraic sum of all customers traffic never occurs a “one time”. Rather, there are multiple peak points that occur when first the USA business is “awake” and then tapers off to be replaced by Asia-Japan-India peaks which are subsequently replaced by European client traffic. After 24 hours, the process repeats itself. DigiTar supports a Global business market opportunity, currently from our primary data centers in the USA via Fiber Optic and Satellite connectivity through cyber space routers that interconnect the bulk of the business markets. In the future, additional data centers in Europe, Asia and the USA will be interconnected (via Back-hauls) so as to continue the “Designed-in” philosophy of infinite load balancing architecture. This provides not only capacity as needed and dynamically on demand, but also delivers continuous uptime and reliability of service to the customer regardless of his actual geographic location. Globally, the latency of a message from India being processed in DigiTar’s USA facilities and returned to a recipient in India (traveling more than 25,000 miles round trip) is less than 2 seconds worst case and typically averages 800mSec to 1300mSec including processing time at DigiTar. This is equal to travelling around the world in approximately 1 second. But since the data is digital bits/bytes between computers, and not voice between persons, a 1 to 2 second latency is not noticed nor offensive. In local regional processing, the latency averages 100300mSec from sender thru DigiTar and delivery to recipient. The cost vs message processing rates graphs (shown below) assume a decline over time in ASP (average selling price/user) and the margins are calculated based upon modeled production capacity resource assets applied, at a needed message rate for the peak loads anticipated, plus the burden of personnel and corporate allocations associated with R&D, Marketing, Operations and G&A. We believe DigiTar is uniquely positioned to support uninterrupted growth of the client base and scaling unequaled by the competition. We also know DigiTar can process faster than the competition by several orders of magnitude. “How do we know this?” Message latency! Postini’s message latency in the USA, processing USA clients, averages 30 to 45 sec best case. Several DigiTar clients, in particular Law Firms, dropped Postini after latencies of 30minutes occurred on a consistent basis. “Why does this occur?” Both Postini and MessageLabs use “fixed assignments” of clients to be processed on specific systems. If the assigned system is or becomes loaded, everyone suffers a massive slow down in their messages. When a client complains about the latency, both Postini and MessageLabs have to relocate the entire clients’ activity and storage elements to another system which more lightly loaded. This is a scheduled activity (sometimes delayed several days) that occurs late at night when the traffic is small and the lost messages problem is minimal. Attorneys are very impatient and DigiTar has heard many “unacceptable Latency” stories from new Law Firm clients who previously used Postini and MessageLabs. Lower latency per message means more messages processed on any given resource. More messages processed/sec means more revenue per production resource assets applied. Hence the focus in the attached graphs on message rates as the key index of everything in this business. Likewise, Cost per user is a function of the number of eMessages you can process at a time (Messages/Second). At DigiTar we have a very detailed processing through-put simulation model which calculates the resources required in the processing “Silo” (Equipment, Bandwidth, Software Support Licenses, People, and more) for a given processing rate planned. We developed this simulation model 3 years ago and keep it up to date on a Qtrly basis. It changes primarily due to advances in component architecture hardware (SUN, Cisco, Juniper, Brocade, etc.) and changes in fixed/variable costs such as facilities and Bandwidth utilization. The graphs are the output of a multi-rate-simulation analysis completed just recently for the update business plan. Cost per user is a function of the number of eMessages you can process at a time (Messages/Second). At DigiTar we have a very detailed processing through-put simulation model which calculates the resources required in the processing “Silo” (Equipment, Bandwidth, Software Support Licenses, People, and more) for a given processing rate planned. We developed this simulation model 3 years ago and keep it up to date on a Qtrly basis. It changes primarily due to advances in component architecture hardware (SUN, Cisco, Juniper, Brocade, etc.) and changes in fixed/variable costs such as facilities and Bandwidth utilization. The graphs are the output of a multi-rate-simulation analysis completed just recently for the update business plan. DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 56 CONFIDENTIAL DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 57 CONFIDENTIAL DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8 58 CONFIDENTIAL DigiTar AG www.digitar.eu +1.208.343.8520 USA +41.44.586.8520 Europe +81 (0) 3 5468 7373Japan 20090622 1.8