Gilat (GILT) Risk Analysis

Failure to protect against cyber-attacks, unauthorized access or network security breaches, inclement weather, natural or man-made disasters, earthquakes, explosions, terrorist attacks, acts of war, floods, fires, computer viruses, power loss, telecommunications or equipment failures, transportation interruptions, accidents or other disruptive events or attempts to harm our systems may cause equipment failures or disrupt our systems, products, networks and operations. Actual and threatened security breaches or disruption, particularly through cyber-attack or cyber intrusion, including by computer hackers, foreign governments and cyber terrorists, have increased in recent years and have become more complex. Criminal hackers may develop and deploy viruses, worms and other malicious software programs, some of which may be specifically designed to attack our products, systems, computers or networks. Additionally, external parties may induce our employees or users of our products to disclose sensitive information in order to gain access to our data or our customers' data. We have been subject, and will likely continue to be subject, to attempts to breach the security of our networks and Information Technology, or IT, infrastructure, and our products and services, through cyber-attack, malware, computer viruses, social engineering, email phishing attacks and other means of unauthorized access. Techniques used in such attempted or actual breaches and cyber-attacks are constantly evolving and generally are not recognized until launched against a target, and in some cases are designed not to be detected and, in fact, may not be detected until a substantial period has elapsed thereafter, or not at all. Accordingly, we may be unable to anticipate these techniques or to implement adequate security barriers or other preventative measures, and thus it is virtually impossible for us to entirely mitigate this risk. Since we provide products and services to communications companies, we may face an added risk of a security breach or other significant disruption to certain of our products used by some of our customers and related customer systems relating to wireless carriers as well as government functions. While none of these actual or attempted attacks has had a material impact on our operations or financial condition, we cannot provide any assurance that our business operations will not be negatively materially affected by such attacks in the future. Any disruption, disabling, or attack affecting our equipment and systems, products and the hardware, software and infrastructure on which we rely could result in a security or privacy breach. Whether such event is physical human error or malfeasance (whether accidental, fraudulent or intentional) or electronic in nature (such as malware, virus, or other malicious code) such an event could result in our inability to operate our facilities or continually operate our networks, which, even if the event is for a limited period of time, may result in significant expenses and/or loss of market share to other competitors in the market. While we maintain insurance coverage for some of these events, which could offset some of the losses, the potential liabilities associated with these events could exceed the insurance coverage we maintain. Any of the events described above could result in litigation and potential liability or fines for us, a material impact to our operations or financial condition, damage our brand and reputation or otherwise harm our business. Regulators globally have adopted privacy regulations and new regulations imposing greater obligations and monetary fines for privacy violations. For example, the General Data Protection Regulation, or GDPR, adopted by the European Union and became effective in 2018. The GDPR establish requirements regarding the handling of personal data, and non-compliance with the GDPR may result in monetary penalties of up to 4% of worldwide revenue. Other examples are the California Consumer Privacy Act, or CCPA, followed by the California Privacy Rights Act, or CPRA, recently enacted, which provides California residents new rights restricting collection, use, and sharing of their “Personal Information” and the Brazilian General Data Protection Law, or LGPD, effective as of September 2020 which provides Brazilian residents new data protection rights, and the Australian Privacy Act and the Australian Privacy Principles.The Israeli Privacy Protection Regulations of 2017 also impose high penalties and sanctions on violations. In addition, violation of applicable local privacy laws may entail criminal consequences. The GDPR, CCPA, CPRA and other changes in laws or regulations associated with the enhanced protection of certain types of sensitive data, such as healthcare data or other personal information, could greatly increase our cost of providing our products and services or even prevent us from offering certain services in jurisdictions that we operate. Further, if we fail to comply with the GDPR, CCPA and other privacy regulations applicable to us we may incur high monetary and other penalties, which may have significant adverse effect on our business.

Our business includes risks, only some of which are covered by our insurance. For example, in our satellite capacity agreements, we do not have a backup for satellite capacity, and we do not have indemnification or insurance in the event that our supplier’s satellite malfunctions or data is lost. Satellites utilize highly complex technology and operate in the harsh environment of space and therefore are subject to significant operational risks while in orbit. The risks include in-orbit equipment failures, malfunctions and other kinds of problems commonly referred to as anomalies. Satellite anomalies include, for example, circuit failures, transponder failures, solar array failures, telemetry transmitter failures, battery cell and other power system failures, satellite control system failures and propulsion system failures. Liabilities in connection with our products, services, managed networks services, premises, construction and deployment projects, or in connection with risks associated with potential cyber-attacks may not be covered by insurance or may be covered only to a limited extent. Our third-party suppliers do not always have back to back liability or insurance coverage to the same extent guaranteed by us towards our customers. In addition, our insurance does not provide coverage for acts of fraud or theft. Our business, financial condition and operating results could be materially adversely affected if we incur significant costs resulting from these exposures.

Although we have signed contracts with Telcos, service providers and other customers in the IFC, commercial and cellular backhaul markets, with a large satellite operator and with a large U.S. system integrator for NGSO communications systems, we may not be successful in our plans to expand our business in these markets. The markets in which we operate, and in particular the IFC market, have been hugely impacted by the COVID-19 Pandemic and we cannot predict at this stage when the market will recover. These markets are relatively new and are highly concentrated with a limited number of players and will require additional expenditures for research and development and sales and marketing. While new players such as Amazon.com, Inc. and SpaceX have entered the NGSO market and while this may present us with business opportunities, their greater resources and integrated offerings (ground and space segments) will affect our position in this market. In addition, the cellular backhaul market with Telcos, the commercial IFC market and the NGSO market may fail to grow in accordance with our expectations. We may also not be able to develop new technologies for those markets on a timely basis. Some of our projects include long and costly development programs, which could incur unexpected delays, or may require additional investment of resources, broader than expected. If we fail to meet the requirements of our development programs in a timely manner, we will incur penalties and other losses, which could have a significant adverse impact on our business and operating results. Barriers to further develop those markets as well as the continued downturn in the commercial aviation and travel markets caused by the COVID-19 could have a material adverse effect on our business and operating results.

The ongoing COVID-19 pandemic continues to have an adverse effect on our industry and the markets in which we operate. We are continuing to closely monitor COVID-19 related impacts on all aspects of our business and geographies, including on our workforce, supply chain and customers. The COVID-19 outbreak has significantly impacted the travel and aviation markets in which our significant Inflight Connectivity, or IFC, customers operate and has resulted in a significant reduction of our business with some of these customers. We have also experienced postponed and delayed orders in certain other areas of our businesses. Further, the guidance of social distancing, lockdowns, quarantines and the requirements to work from home in various key territories such as Israel, Peru, California, Australia, Bulgaria, China and other countries, in addition to greatly reduced travel globally, has resulted in a substantial curtailment of business activities, which has affected and is likely to continue to affect our ability to conduct fieldwork as well as deliver products and services in the areas where restrictions are implemented by the local government. In addition, certain of our sales and support teams are unable to travel or meet with customers and the pandemic threat has caused operating, manufacturing, supply chain and project development delays and disruptions, labor shortages, travel and shipping disruptions and shutdowns (including as a result of government regulation and prevention measures). As a result, we experienced a significant reduction in business in 2020, which, despite a recovery in our business in 2021, has not yet reached its 2019 level. In the twelve months ended December 31, 2021, our revenue was $215 million, compared to $166 million in the comparable period of 2020, and $257 million in the comparable period of 2019. While we expect that the adverse effect of this public health threat will ease as a result of global vaccinations and testing and reduced restrictions on travelling, it is still likely to continue to adversely impact us by its negative impact on our ability to generate revenues due to reduced end-market demand from IFC customers, governments and enterprises and our ability to conduct fieldwork leading to order delays and cancellations. Given the current macro-economic environment and the uncertainties regarding the potential impact of COVID-19 on our business, there can be no assurance that our estimates and assumptions used in the measurement of various assets and liabilities in the consolidated financial statements will prove to be accurate predictions of the future. If our assumptions regarding forecasted cash flows are not achieved, it is possible that an impairment review may be triggered and certain assets in the consolidated financial statements may be impaired. State and local governments are also continuing to take actions related to the pandemic, imposing additional and varying requirements on our industry. We are continuing to evaluate these evolving requirements. We cannot at this stage predict the various impacts they may have on our workforce, our suppliers, or our company. These evolving government requirements, including vaccine mandates, along with broader impacts of the continuing pandemic, could impact our workforce and performance, as well as those of our suppliers.

Since we operate in several countries, we are impacted by currency exchange rates and fluctuations of various currencies. Although partially mitigated by our hedging activities, we are impacted by currency exchange rates and fluctuations thereof in a number of ways, including the following: • A significant portion of our expenses, principally salaries and related personnel expenses, are incurred in NIS, and to a lesser extent, other non-U.S. dollar currencies, whereas the currency we use to report our financial results is the U.S. dollar and a significant portion of our revenue is generated in U.S. dollars. During 2021 and 2020, we witnessed a significant devaluation of the U.S. dollar against the NIS. The continuation of such strengthening of the NIS against the U.S. dollar can considerably increase the U.S. dollar value of our expenses in Israel and our results of operations may be adversely affected. • A portion of our international sales is denominated in currencies other than the U.S. dollar, including but not limited to the Euro, Australian Dollar, Brazilian Real, Peruvian Sol, Russian Ruble, Malaysian Ringgit and the Mexican Peso, therefore we are exposed to the risk of devaluation of such currencies relative to the dollar which could have a negative impact on our revenues. • We have assets and liabilities that are denominated in non-U.S. dollar currencies. Therefore, significant fluctuation in these other currencies could have significant effect on our results. • A portion of our U.S. dollar revenues are derived from customers operating in local currencies which are different from the U.S. dollar. Therefore, devaluation in the local currencies of our customers relative to the U.S. dollar could cause our customers to cancel or decrease orders or delay payment. We are also subject to other foreign currency risks including repatriation restrictions in certain countries, particularly in Latin America. As noted above, from time to time, we enter into hedging transactions to attempt to limit the impact of foreign currency fluctuations. However, the protection provided by such hedging transactions may be partial and leave certain exchange rate-related losses and risks uncovered. Therefore, our business and profitability may be harmed by such exchange rate fluctuations.