EX-99.1 2 exhibit_99-1.htm EXHIBIT 99.1
Exhibit 99.1
 

May 22, 2024
 
Dear Fellow Shareholders:
 
2023 was a momentous year for CyberArk. Demand for our platform accelerated, and we solidified our leadership position in identity security. We believe that our identity security platform is applying the right level of controls across all identities, human or machine, regardless of environment, cloud or hybrid. With our execution in 2023, we enter 2024 in a position of strength, poised to continue to deliver durable growth, profitability, and cash flow.
 

o
Annual Recurring Revenue, or ARR,(1) reached $774 million as of December 31, 2023, increasing 36% year‑over‑year.
 

o
Subscription portion of ARR(1) reached $582 million as of December 31, 2023, increasing 60% year‑over‑year.
 

o
Total revenue of $752 million in 2023, growing 27% year-over-year and accelerating from the 18% revenue growth in 2022 compared to 2021.
 

o
Non-GAAP operating income(1) of $33.5 million, a significant improvement from a non-GAAP loss of $22.4 million in 2022.
 

o
During 2023, the Company’s net cash provided by operating activities was $56.2 million.
 
Identity Security Strategy
 
Our strong performance is a result of strong execution and persistent industry tailwinds, including digital transformation, migration to the cloud, and the rise of artificial intelligence, driving durable demand for our solutions. Throughout 2023, organizations were once again reminded that there is one constant in cyberattacks: all roads lead to identity.

The identity challenge enterprises face is exacerbated because every organization today has a spectrum of identities, from core IT to developers, to machines and across the entire workforce. The number of identities is increasing at an exponential rate, while each of these identities has its own unique level of risk and complexity. This requires different levels of controls, which increases the complexity in the environment, expands the attack surface and amplifies cyber risk. In fact, our research has shown that over 90% of organizations have suffered from an identity-related cyberattack, a significant increase from about 60% in the prior year.
 
In the context of these urgent trends, the critical nature of CyberArk’s identity platform becomes apparent. CyberArk provides a leading platform effectively and securely address the new world security requirements, which center on controls that help us in our mission to secure the world against cyber threats so together we can move fearlessly forward. Our platform addresses a critical customer need, and the threat landscape is keeping identity security a top priority for our customers.
 
Innovation
 
We also continue to be the frontrunner in innovation. In 2023, we launched exciting new solutions like Secure Cloud Access, which applies privilege controls to hybrid and multi-cloud environments with a zero standing privilege approach, and Secure Browser, the first identity-centric web browser.
 
With our groundbreaking innovation and the unique value proposition of our platform, we are driving a platform selling motion that has multiple landing spots for new customers and is delivering faster velocity for existing ones. Our innovation has helped us significantly expand our total addressable market from $20 billion in 2021 to $60 billion today. With our strong performance in 2023 and disciplined investments, we believe we are well positioned to capture a bigger share of the large and growing market opportunity.
 
(1)
See Appendix A for the definitions of Annual Recurring Revenue, Subscription Portion of Annual Recurring Revenue and non-GAAP operating income (loss), as well as a reconciliation of non-GAAP operating income to GAAP operating income


Venafi Acquisition
 
On May 20, 2024, we announced a definitive agreement to acquire Venafi Holdings, Inc. , a leader in machine identity management. The acquisition is expected to close in the second half of 2024, subject to required regulatory approvals, clearances and other customary closing conditions. This acquisition marks a significant milestone for CyberArk, enabling us to further our vision to secure every identity – human and machine – with the right level of privilege controls. We plan to combine Venafi’s best-in-class machine identity management capabilities with CyberArk’s leading identity security capabilities to establish a unified platform for end-to-end machine identity security at enterprise scale. We believe our combined solutions and expertise will uniquely address the growing identity security needs of global enterprises to secure the rapid growth of machine identities. These identities are increasingly leveraged in sophisticated cyberattacks.
 
Venafi is trusted broadly by more than 550 customers including the world’s largest banks, insurers, retailers, airlines and consumer goods businesses. Venafi has built deep relationships with Chief Information Security Officers and Chief Information Officers within these organizations, which aligns perfectly with CyberArk’s go to market motion and should help drive meaningful growth opportunities. CyberArk has more than 8,800 customers, many of whom face challenges related to managing and securing machine identities. In addition, we believe we will be able to leverage our extensive sales force, our channel partner relationships and our global presence to drive strong top line growth. Another anticipated benefit of this acquisition is that Venafi brings a great team of people, who share our commitment to security and to building a strong corporate culture. Venafi is expected to contribute approximately $150 million in annual recurring revenue, and we believe the transaction will be immediately accretive to non-GAAP margins.
 
Conclusion
 
Our top priorities for 2024 are expanding our leadership position in driving identity security growth, delivering cutting-edge innovation and strengthening our industry leading platform, leveraging data and analytics to scale our business – including the use of artificial intelligence and machine learning. With the amazing addition of Eduarda Camacho as our Chief Operating Officer, we are well positioned to deliver outstanding customer experience and value across the customer journey.  Following closing, we will implement our integration plan for the Venafi acquisition.  We believe this opportunity will help us continue to drive strong growth, profitability and cash flow.
 
I am immensely proud of how our global team came together following the attacks of October 7th and the subsequent war in Israel, as our employees and their families, friends, colleagues and entire communities continue to navigate a time of great tragedy, loss, and increased stress. Our culture and core values as a team were, and remain, at the forefront of our collective mind and are what drive our success.
 
As I reflect on our accomplishments in 2023, I am even more enthusiastic about CyberArk’s future in 2024 and beyond.
 
On behalf of the Board, we invite you to attend our 2024 Annual General Meeting of Shareholders to be held at 4:00 p.m. (Israel time) on June 26, 2024, at our corporate headquarters at 9 Hapsagot St., Park Ofer B, Petach‑Tikva, Israel.
 
Thank you for your ongoing support of CyberArk.
 

Ehud (Udi) Mokady



Founder & Executive Chairman of the Board
 
ii

 
CYBERARK SOFTWARE LTD.
 
9 Hapsagot St., Park Ofer B, POB 3143, Petach‑Tikva, 4951040, Israel,
 
+972‑3‑918‑0000
 
May 22, 2024
 
Dear CyberArk Software Ltd. Shareholders:
 
We cordially invite you to attend the 2024 Annual General Meeting of Shareholders (the “Meeting”) of CyberArk Software Ltd. (the “Company”) to be held at 4:00 p.m. (Israel time) on June 26, 2024, at the Company’s offices at 9 Hapsagot St., Park Ofer B, Petach‑Tikva, Israel.
 
The Meeting is being called for the following purposes:
 

(1)
To re‑elect each of Matthew Cohen and François Auque, and to elect Mary Yang, each for a term of approximately three years as a Class I director of the Company, until the Company’s annual general meeting of shareholders to be held in 2027 and until his or her respective successor is duly elected and qualified;
 

(2)
To approve, in accordance with the requirements of the Israeli Companies Law, 5759-1999, a grant of performance share units and restricted share units for 2024 to the Company’s Executive Chairman of the Board, Ehud (Udi) Mokady;
 

(3)
To approve amendments to the form of indemnification agreement for certain office holders of the Company;
 

(4)
To approve certain amendments to the Articles of Association of the Company; and
 

(5)
To approve the re‑appointment of Kost Forer Gabbay & Kasierer, registered public accounting firm, a member firm of Ernst & Young Global, as the Company’s independent registered public accounting firm for the year ending December 31, 2024, and until the Company’s 2025 annual general meeting of shareholders, and to authorize the Board of Directors of the Company (the “Board”) to fix such accounting firm’s annual compensation.
 
Members of the Company’s management will be available at the Meeting to discuss the consolidated financial statements of the Company for the fiscal year ended December 31, 2023.
 
The Board unanimously recommends that you vote in favor of each of the foregoing proposals, which are more fully described in the accompanying proxy statement.
 
We know of no other matters to be submitted at the Meeting other than as specified herein.  If any other business is properly brought before the Meeting, the persons named as proxies may vote in respect thereof in accordance with the recommendation of the Board or, absent such recommendation, using their best judgment.
 
Shareholders of record at the close of business on May 17, 2024, are entitled to vote at the Meeting.
 
Detailed proxy voting instructions are provided both in the proxy statement and on the enclosed proxy card, including for voting by telephone or the Internet.  It is important that your shares be represented and voted at the Meeting.  Accordingly, after reading the accompanying proxy statement, please mark, date, sign and mail the enclosed proxy card as promptly as possible in the enclosed stamped envelope or follow the instructions for voting by telephone or the Internet.  If voting by mail, the proxy must be received by the Company’s transfer agent or at the Company’s registered office at 9 Hapsagot St., Park Ofer B, Petach‑Tikva, Israel, not later than 11:59 p.m. (EDT) on June 25, 2024, to be validly included in the tally of ordinary shares voted at the Meeting.  If you are a shareholder who holds shares in “street name” (i.e., through a bank, broker or other nominee), an earlier deadline may apply to receipt of your proxy card.  An electronic copy of the enclosed proxy materials will also be available for viewing at http://investors.cyberark.com.  The full text of the proposed resolutions, together with the form of proxy card for the Meeting, may also be viewed prior to the Meeting at the registered office of the Company from Sunday to Thursday (excluding holidays), 10:00 a.m. to 5:00 p.m. (Israel time).  The Company’s telephone number at its registered office is +972‑3‑918‑0000.
 

Sincerely,



Ehud (Udi) Mokady

Founder & Executive Chairman of the Board
 

 
CYBERARK SOFTWARE LTD.
 
9 Hapsagot St., Park Ofer B, POB 3143, Petach‑Tikva, 4951040, Israel
 
+972‑3‑918‑0000
 
 
PROXY STATEMENT
 
 
2024 ANNUAL GENERAL MEETING OF SHAREHOLDERS
 
This proxy statement (the “Proxy Statement”) is being furnished in connection with the solicitation of proxies on behalf of the Board of Directors (the “Board”) of CyberArk Software Ltd. (to which we refer as “we,” “us,” “CyberArk” or the “Company”) to be voted at the 2024 Annual General Meeting of Shareholders (the “Meeting”) and at any postponement or adjournment thereof.  The Meeting will be held at 4:00 p.m. (Israel time) on June 26, 2024, at our offices at 9 Hapsagot St., Park Ofer B, Petach‑Tikva, Israel.
 
This Proxy Statement and the enclosed proxy card are being made available on or about May 22, 2024, to holders of the Company’s ordinary shares, nominal (par) value NIS 0.01 per share (“ordinary shares”), as of the close of business on May 17, 2024, the record date for the Meeting (the “Record Date”).  You are entitled to vote at the Meeting if you hold ordinary shares as of the close of business on the Record Date.
 
See “How You Can Vote” below for information on how you can vote your shares at the Meeting.  Our Board urges you to vote your shares so that they will be counted at the Meeting or at any postponements or adjournments of the Meeting.
 
Agenda Items (Proposals)
Board Recommendation
Further Details
1.
To re‑elect each of Matthew Cohen and François Auque, and to elect Mary Yang, each for a term of approximately three years as a Class I director of the Company, until the Company’s annual general meeting of shareholders to be held in 2027 and until his or her respective successor is duly elected and qualified;
FOR each of the
director nominees
Pages 18 to 19
       
2.
To approve, in accordance with the requirements of the Israeli Companies Law, 5759-1999 (the “Companies Law”), a grant of performance share units (“PSUs”) and restricted share units (“RSUs”) for 2024 to the Company’s Executive Chairman of the Board (“Executive Chair”), Ehud (Udi) Mokady;
FOR
Pages 20 to 22
       
3.
To approve amendments to the form of indemnification agreement for certain office holders of the Company;
FOR
Pages 23 to 24
       
4.
To approve certain amendments to the Articles of Association of the Company (the “Articles”); and
FOR
Pages 25 to 26
       
5.
To approve the re‑appointment of Kost Forer Gabbay & Kasierer, registered public accounting firm, a member firm of Ernst & Young Global, as the Company’s independent registered public accounting firm for the year ending December 31, 2024, and until the Company’s 2025 annual general meeting of shareholders, and to authorize the Board to fix such accounting firm’s annual compensation.
FOR
Pages 27 to 28
 
We are not aware of any other matters that will come before the Meeting.  If any other matters are presented properly at the Meeting, the persons designated as proxies intend to vote upon such matters in accordance with the recommendation of the Board or, absent such recommendation, using their best judgment.
 

Quorum
 
On the Record Date, we had 43,146,685 ordinary shares issued and outstanding.  Each ordinary share outstanding as of the close of business on the Record Date is entitled to one vote on each of the proposals to be presented at the Meeting.  Under the Articles, the Meeting will be properly convened if at least two shareholders attend the Meeting in person or sign and return proxies, provided that they hold shares representing at least 25% of the voting power of our Company.  If a quorum is not present within half an hour from the time scheduled for the Meeting, the Meeting will be adjourned for one week (to the same day in the next week, at the same time and place), or to a day, time and place determined by the Chairman of the Meeting (which may be earlier or later than said time).  At such adjourned meeting, the presence of any shareholder in person or by proxy (regardless of the voting power represented by his, her or its shares) will constitute a quorum.
 
Abstentions and “broker non‑votes” (if any) are counted as present for purposes of determining a quorum.
 
Vote Required for Approval of Each of the Proposals
 
The affirmative vote of the holders of a majority of the voting power represented at the Meeting in person or by proxy and voting thereon is necessary for the approval of each of the Proposals to be presented at the Meeting.
 
Except for the purpose of determining a quorum, abstentions from voting and “broker non‑votes” (if any) are not treated as votes cast and are not counted in determining the outcome of any of these proposals.
 
How You Can Vote
 
You can vote either in person at the Meeting or by authorizing another person as your proxy, whether or not you attend the Meeting.  You may vote in any of the manners below:
 

By mail—If you are a shareholder of record, you can submit a proxy by completing, dating, signing and returning your proxy card in the postage‑paid envelope provided.  You should sign your name exactly as it appears on the enclosed proxy card.  If you are signing in a representative capacity (for example, as a guardian, executor, trustee, custodian, attorney or officer of a corporation), please indicate your name and title or capacity.  If you hold shares in “street name,” you have the right to direct your brokerage firm, bank or other similar organization on how to vote your shares, and the brokerage firm, bank or other similar organization is required to vote your shares in accordance with your instructions.  To provide instructions to your brokerage firm, bank or other similar organization by mail, please complete, date, sign and return your voting instruction form in the postage‑paid envelope provided by your brokerage firm, bank or other similar organization;
 

By telephone—If you are a shareholder of record, you can submit a proxy by telephone by calling the toll‑free number listed on the enclosed proxy card, entering your control number located on the enclosed proxy card and following the prompts.  If you hold shares in “street name,” and if the brokerage firm, bank or other similar organization that holds your shares offers telephone voting, you may follow the instructions shown on the enclosed voting instruction form in order to submit a proxy by telephone; or
 

By Internet—If you are a shareholder of record, you can submit a proxy over the Internet by logging on to the website listed on the enclosed proxy card, entering your control number located on the enclosed proxy card and submitting a proxy by following the on‑screen prompts.  If you hold shares in “street name,” and if the brokerage firm, bank or another similar nominee that holds your shares offers Internet voting, you may follow the instructions shown on the enclosed voting instruction form in order to submit your proxy over the Internet.
 
If we determine that a change to a virtual meeting format is advisable or required, an announcement of such change will be published in a Form 6‑K filed with the Securities and Exchange Commission (the “SEC”).
 
2

Shareholders of Record
 
If you are a shareholder of record, that is, your shares are registered directly in your name with our transfer agent, Equiniti Trust Company, LLC, these proxy materials are being sent directly to you by our transfer agent.  As the shareholder of record, you have the right to provide your voting proxy directly to the Corporate Secretary of our Company or to vote in person at the Meeting.  If you do not wish to attend the Meeting and wish to vote your ordinary shares, you should submit a proxy in one of the above‑mentioned manners.  If you have lost or misplaced the proxy card mailed to you, you may request another by calling our proxy solicitor, Innisfree M&A Incorporated, toll‑free at (888) 750‑5834 (from the U.S. or Canada) or at +1 (412) 232‑3651 (from other locations).
 
We will not be able to count a proxy card unless we receive it at our principal executive offices at 9 Hapsagot St., Park Ofer B, POB 3143, Petach‑Tikva, 4951040, Israel, or our registrar and transfer agent receives it in the enclosed envelope, in each case, no later than 11:59 p.m. (EDT) on June 25, 2024.
 
Please follow the instructions on the proxy card.  If you provide specific instructions (by marking a box) regarding the proposals, your shares will be voted as you instruct.  If you sign and return your proxy card without giving specific instructions with respect to a particular proposal, your shares will be voted by the persons named as proxies in accordance with the recommendation of the Board or, absent such recommendation, using their best judgment on any other matters that may properly come before the Meeting.
 
Shareholders Holding in “Street Name”
 
If your ordinary shares are held in a brokerage account or through a bank, trustee or other nominee, you are considered to be the beneficial owner of shares held in “street name.”  Proxy materials are being furnished to you together with a voting instruction form by the broker, bank, trustee or other nominee or an agent hired by the broker, trustee or nominee.  Please follow the instructions on that form to direct your broker, bank, trustee or other nominee how to vote your shares.  Many nominees provide means to vote by telephone or by Internet.  Alternatively, if you wish to attend the Meeting and vote in person, you must obtain a “legal proxy” from the broker, trustee or nominee that holds your shares, giving you the right to vote your shares at the Meeting.
 
Under the rules of the Nasdaq Stock Market LLC (“Nasdaq”), brokers, trustees or other nominees that hold shares in “street name” for clients only have authority to vote on “routine” proposals where they have not received voting instructions from beneficial owners, and a “broker non‑vote” occurs when brokers, trustees or other nominees are unable to vote on “non‑routine” proposals.
 
Thus, if you, as a beneficial owner of the shares, do not provide specific instructions to your broker, trustee or other nominee, your broker, trustee or other nominee will not be allowed to exercise its voting discretion with respect to any “non-routine” proposal.  If your shares are held of record by a broker, trustee or other nominee, we urge you to give instructions to your broker, trustee or other nominee as to how your shares should be voted so that you thereby participate in the voting on these important matters.
 
Who Can Vote
 
You are entitled to receive notice of, and vote at, the Meeting if you are a shareholder of record at the close of business on the Record Date, in person or through a broker, trustee or other nominee that is one of our shareholders of record at such time, or which appear in the participant listing of a securities depository on that date.
 
3

Revocation of a Proxy
 
Shareholders of record may revoke the authority granted by their execution of proxies at any time before the effective exercise thereof by filing with us a written notice of revocation or duly executed proxy bearing a later date, or by voting in person at the Meeting.  Shareholders who hold shares in “street name” should follow the directions of, or contact, the bank, broker or nominee if they desire to revoke or modify previously submitted voting instructions.
 
Shareholder Proposals
 
Any shareholder of the Company who intends to present a proposal at the Meeting must satisfy the requirements of the Companies Law and our Articles.  Under the Articles, only shareholders who hold at least 1% of the Company’s outstanding voting rights are entitled to request that the Board include a proposal in a shareholders’ meeting, provided that such proposal is deemed appropriate by the Board for consideration by shareholders at such meeting.  Such shareholders may present proposals for consideration at the Meeting by submitting their proposals in writing to our Corporate Secretary, Meital Koren, at the following address: CyberArk Software Ltd., 9 Hapsagot St., POB 3143, Petach‑Tikva, 4951040, Israel, or by fax to +972‑3‑9180028, Attn: Meital Koren, Corporate Secretary.  For a shareholder proposal to be considered for inclusion in the Meeting, our Corporate Secretary must receive the written proposal no later than May 29, 2024.
 
Share Ownership
 
Based on public filings and calculated based on our issued and outstanding ordinary shares on the Record Date, to our knowledge, no person beneficially owns more than 5% of our ordinary shares.
 
Solicitation of Proxies
 
Proxies are being made available to shareholders on or about May 22, 2024.  We have retained Innisfree M&A Incorporated to assist with the solicitation of proxies in connection with the Meeting.  Innisfree M&A Incorporated will receive customary fees plus out‑of‑pocket expenses in connection with the performance of its services. Certain officers, directors, employees, and agents of the Company, none of whom will receive additional compensation therefor, may also solicit proxies by telephone, email or other personal contact.  We will bear the cost for the solicitation of the proxies, including postage, printing, and handling, and will reimburse the reasonable expenses of brokerage firms and others for forwarding material to beneficial owners of shares.
 
Voting Results
 
The final voting results will be tallied by the Company’s Corporate Secretary based on the information provided by the Company’s transfer agent or otherwise, and the overall results of the Meeting will be published following the Meeting in a report of foreign private issuer on Form 6‑K that will be furnished to the SEC.
 
Availability of Proxy Materials
 
Copies of the proxy card and this Proxy Statement were furnished to the SEC under cover of a Form 6‑K and are also available at the “Investor Relations” section of our website at http://investors.cyberark.com.  The contents of that website are not a part of this Proxy Statement and are not incorporated by reference herein.
 
Assistance with Voting
 
If you have questions about how to vote your shares, you may contact our proxy solicitor, Innisfree M&A Incorporated, toll‑free at 1 (888) 750‑5834 (from the U.S. or Canada) or at +1 (412) 232‑3651 (from other locations).
 
4

SPECIAL NOTE REGARDING FORWARD‑LOOKING STATEMENTS
 
In addition to historical facts, this Proxy Statement contains forward‑looking statements within the meaning of Section 27A of the U.S. Securities Act of 1933, as amended, Section 21E of the U.S. Securities Exchange Act of 1934, as amended (the “Exchange Act”), and the safe harbor provisions of the U.S. Private Securities Litigation Reform Act of 1995.  These forward‑looking statements express the current beliefs and expectations of the Company’s management.  In some cases, forward-looking statements may be identified by terminology such as “believe,” “may,” “estimate,” “continue,” “anticipate,” “intend,” “should,” “plan,” “expect,” “predict,” “potential” or the negative of these terms or other similar expressions. Such statements involve a number of known and unknown risks and uncertainties that could cause the Company’s future results, levels of activity, performance or achievements to differ materially from the results, levels of activity, performance or achievements expressed or implied by such forward-looking statements. Important factors that could cause or contribute to such differences include risks relating, but not limited to: the ability of the parties to consummate the proposed transaction regarding the Company’s acquisition of Venafi Holdings, Inc. (“Venafi”) in a timely manner or at all; the satisfaction of the conditions precedent to consummation of the proposed transaction, including the ability to secure regulatory approvals on the terms expected, in a timely manner or at all; the potential impact of the announcement of the proposed transaction on the ability of the Company or Venafi to retain and hire key personnel and maintain relationships with customers, suppliers and others with whom the Company or Venafi do business, or on the Company’s or Venafi’s operating results and business generally; disruption of the current plans and operations of the Company and Venafi as a result of the proposed transaction or its announcement, including increased risks of cyberattacks; risks that Venafi’s business will not be integrated successfully into the Company’s operations; risks relating to the Company’s ability to realize anticipated benefits of the combined operations; changes to the drivers of the Company’s growth and the Company’s ability to adapt its solutions to the information security market changes and demands, including artificial intelligence (“AI”); the Company’s ability to acquire new customers and maintain and expand the Company’s revenues from existing customers; intense competition within the information security market; real or perceived security vulnerabilities, gaps, or cybersecurity breaches of the Company, or the Company’s customers’ or partners’ systems, solutions or services; risks related to the Company’s compliance with privacy, data protection and AI laws and regulations; the Company’s ability to successfully operate the business as a subscription company and fluctuation in the quarterly results of operations; the Company’s reliance on third-party cloud providers for its operations and software-as-a-service (“SaaS”) solutions; the Company’s ability to hire, train, retain and motivate qualified personnel; the Company’s ability to effectively execute its sales and marketing strategies; the Company’s ability to find, complete, fully integrate or achieve the expected benefits of additional strategic acquisitions; the Company’s ability to maintain successful relationships with channel partners, or if the Company’s channel partners fail to perform; risks related to sales made to government entities; prolonged economic uncertainties or downturns; the Company’s history of incurring net losses, the Company’s ability to generate sufficient revenue to achieve and sustain profitability and the Company’s ability to generate cash flow from operating activities; regulatory and geopolitical risks associated with the Company’s global sales and operations; risks related to intellectual property claims; fluctuations in currency exchange rates; the ability of the Company’s products to help customers achieve and maintain compliance with government regulations or industry standards; the Company’s ability to protect its proprietary technology and intellectual property rights; risks related to using third-party software, such as open-source software; risks related to stock price volatility or activist shareholders; any failure to retain the Company’s “foreign private issuer” status or the risk that the Company may be classified, for U.S. federal income tax purposes, as a “passive foreign investment company”; risks related to the Company’s Convertible Senior Notes due 2024 (the “Convertible Notes”), including the potential dilution to existing shareholders and the Company’s ability to raise the funds necessary to repurchase the Convertible Notes; changes in tax laws; the Company’s expectation to not pay dividends on the Company’s ordinary shares for the foreseeable future; risks related to the Company’s incorporation and location in Israel, including the ongoing war between Israel and Hamas and conflict in the region; and other factors discussed under the heading “Risk Factors” in the Company’s most recent annual report on Form 20-F filed with the SEC. Forward-looking statements in this proxy statement are made pursuant to the safe harbor provisions contained in the U.S. Private Securities Litigation Reform Act of 1995. These forward-looking statements are made only as of the date hereof, and the Company undertakes no obligation to update or revise the forward-looking statements, whether as a result of new information, future events or otherwise. Additionally, we may provide information, forward-looking or otherwise, herein or in other locations, such as our corporate website that is not necessarily “material” under the U.S. federal securities laws for SEC reporting purposes, but that responds to a range of matters, such as certain ESG standards and frameworks (including standards for the measurement of underlying data), and the interests of various stakeholders.
 
5

COMPENSATION OF CERTAIN OFFICE HOLDERS AND DIRECTORS
 
For information about the compensation, on an individual basis, of our five most highly compensated office holders during or with respect to the year ended December 31, 2023, as required by regulations promulgated under the Companies Law, see “Item 6.B. Compensation—Compensation of Directors and Senior Management” of our annual report on Form 20‑F for the year ended December 31, 2023, filed with the SEC on March 13, 2024, and available on the “Investor Relations” section of our website at http://investors.cyberark.com or through the SEC’s website at www.sec.gov.
 
6

CORPORATE GOVERNANCE
 
Overview
 
CyberArk is committed to effective corporate governance and independent oversight by our Board. Our programs and policies are founded on the guiding principle that the Board is accountable for representing the best interests of our shareholders.  We accomplish that primarily through Board independence, diversity of experience and engagement with shareholders and other key constituents.
 
Shareholder Engagement
 
We believe that effective corporate governance includes regular, constructive conversations with our shareholders, and we value our shareholders’ continued feedback and opinions. All feedback is reviewed and implemented as appropriate for the Company’s strategy, business growth and maturity stage.  As part of our investor relations program, we engage with the vast majority of our institutional shareholders throughout the calendar year in our quarterly earnings calls, investor conferences and investor meetings.  Since 2016, we have annually conducted substantive discussions with shareholders on executive compensation, corporate governance, corporate performance, strategy and, more recently, on our ESG program.  In 2023, for example, we engaged with approximately 80% of our top 25 shareholders, which represented approximately 40% of our outstanding shares.  We have implemented the feedback received during these discussions to enhance our corporate and ESG strategy, as appropriate, including regarding our dilution management, executive compensation methodology and structure, disclosure of diversity metrics, and strengthening our corporate governance practices and environmental program. Maintaining an active dialogue with our shareholders is consistent with our corporate values of open communication and accountability, and we intend to continue these efforts in the future.
 
Board Structure
 
Our Articles provide that we may have no fewer than four and no more than nine directors, as may be fixed from time to time by the Board.  Our Board currently consists of nine directors.  Independence is a key pillar of our corporate governance, and each of our seven current non‑employee directors is independent under Nasdaq corporate governance rules, which require a majority of our directors to be independent.  Our directors are divided into three classes with staggered three‑year terms.  Each class of directors consists of one‑third of the total number of directors constituting the entire Board.  At each annual general meeting of our shareholders, the term of office of only one class of directors expires.  The election or re‑election of such class of directors is for a term of office that expires as of the date of the third annual general meeting following such election or re‑election.  Each director holds office until the annual general meeting of our shareholders in which their term expires, unless they are removed by a vote of 65% of the total voting power of our shareholders at a general meeting of our shareholders or upon the occurrence of certain events, in accordance with the Companies Law and our Articles.  In 2022, the Nominating, Environmental, Sustainability and Governance Committee (the “Nominating and ESG Committee”) and the Board approved a board refreshment program, including committing to introduce a new Board member at least every five years, and rotated the committee membership to include our then-newest Board members, Mr. Auque and Ms.  England, in our Audit and Strategy Committees, respectively. In November 2023, we introduced Mary Yang as a new member to our Board, replacing David Schaeffer, who had served as a member of our Board since May 2014. In May 2024, Ms. England, was appointed to serve as a member of the Board’s Nominating and ESG Committee.
 
7

Board Composition and Qualifications
 
Our Board provides independent oversight of the Company and management.  Our Board consists of diverse, experienced and qualified members.  The Board skills and experience matrix below represents the key skills that our Board identified as particularly valuable to the effective oversight of the Company and the execution of our strategy, as well as diversity characteristics of our directors (one-third of whom are women).  This matrix highlights the depth and breadth of skills of our Board members.
 
 
* As of the date of the Meeting           C = Chairperson              (F) = Financial Expert
 
Board Leadership and Lead Independent Director
 
Mr. Mokady, our founder, who served as our CEO from 2005 until April 2023, has been on the Board since the Company’s inception and has served as chairman of our Board since June 2016.  When the roles of CEO and Chairman of the Board were combined following the approval of our shareholders at such time, our Board appointed a lead independent director (“Lead Director”).  In April 2023, we separated the roles of CEO and Chairman of the Board.  Mr. Mokady assumed the role of Executive Chair, and Matthew Cohen was appointed as CEO and joined the Board.  Even though the roles of CEO and Chairman of the Board are not currently combined, Mr. Mokady continues to be employed by the Company and, as such, he does not qualify as “independent.” Accordingly, in order to facilitate strong, independent Board leadership and ensure effective independent oversight, the Board believes it is in the Company’s best interest to maintain the Lead Director role.
 
Our Lead Director is selected by our non‑executive Board members from among the independent directors of the Board who have served a minimum of one year as a director.  Additionally, if at any meeting of the Board the Lead Director is not present, one of the following individuals, in the order listed, will act as Lead Director for the duration of such meeting: the Chairperson of the Audit Committee, the Chairperson of the Compensation Committee, or an independent member of the Board appointed by a majority of the independent members of the Board present.  Mr. Gadi Tirosh currently serves as our Lead Director.
 
The authorities and responsibilities of the Lead Director include the following:
 

providing leadership to the Board if circumstances arise in which the role of the Executive Chair may be, or may be perceived to be, in conflict with the interests of the Company, and responding to any reported conflicts of interest, or potential conflicts of interest, arising for any director;
 

presiding as chairman of meetings of the Board at which the Executive Chair is not present, including executive sessions of the independent members of the Board;
 
8


serving as a liaison between the CEO and the independent members of the Board;
 

providing feedback on Board meeting agendas, information and ongoing training provided to the Board, and requiring changes to the same;
 

approving meeting schedules to ensure that there is sufficient time for discussion of all agenda items;
 

having the authority to call meetings of the independent members of the Board;
 

being available for consultation and direct communication with shareholders, as appropriate;
 

recommending that the Board retain consultants or advisers that report directly to the Board;
 

conferring with the Executive Chair or CEO on important Board matters and key issues and tasks facing the Company, and ensuring the Board focuses on the same;
 

presiding over the Board’s annual self‑assessment process and the independent directors’ evaluation of the effectiveness of the Executive Chair, CEO and management; and
 

performing such other duties as the Board may from time to time delegate to assist the Board in the fulfillment of its duties.
 
Strong Board Oversight
 
The Nominating and ESG Committee and the Board have implemented the following corporate governance best practices, to ensure strong independent oversight by the Board and its Committees:
 
Separated the Executive Chair and CEO roles
Lead Director with expansive duties and extensive oversight experience
7 of 9 directors are independent
Fully independent Audit, Compensation and Nominating and ESG Committees
Ongoing board refreshment and succession planning ‑
    Board refreshment program with a commitment to add a new board member at least every five years – new directors appointed in 2019, 2021 and 2023
   Thoughtful committee rotations – in 2022, appointed Mr. Auque and Ms. England to the Audit and Strategy Committees, respectively, and in 2024 appointed Ms. England to the Nominating and ESG Committee
 
Ongoing shareholder engagement program
Annual Board and committee evaluations
Executive sessions of Independent Directors
Executive sessions with the Independent Auditors and key employees related to risk management
Annual review of committee charters
Regular internal audits of management responsibilities
Board continuing education program
Independent directors and committees’ direct communication with executive team and key employees
In‑house team led by Head of Internal Audit who reports to Audit Committee
 
 
9

Board Oversight of Risk Management
 
One of the main responsibilities of our Board is to effectively monitor and manage the Company’s evolving risk profile.  Our committees play a vital role in supporting the Board’s risk oversight responsibilities, as follows:

Committee
Risk Oversight Areas of Focus
Audit
•          Our overall risk assessment and strategy for managing enterprise risk
•          Accounting and financial reporting, legal, compliance and privacy
•          Cybersecurity, including product and information security
Compensation
•          Compensation policies and practices related to our directors, CEO, executives and employees
•          Our human capital management and diversity, equity and inclusion strategy
Nominating and ESG
•          ESG program, including corporate governance and environmental stewardship
Strategy
•          Our long‑term business and corporate strategy, including organic and inorganic growth
 
The committees receive regular updates from the relevant functions within the Company responsible for the management and mitigation of the different areas of risk.  In addition, the committees hold closed executive sessions with individual members of CyberArk’s leadership team as well as our internal and external audit functions.  The committee chairs apprise the Board regularly of committee discussions, decisions and actions taken.
 
Board and Committee Effectiveness and Meetings
 
Our Board and committees are committed to conducting their duties effectively and in the best interest of CyberArk and our shareholders.  Our Board performs an annual self‑assessment to evaluate its effectiveness in fulfilling its obligations, which is overseen by the Lead Director and the Nominating and ESG Committee.  As part of the assessment, directors, relevant members of management and outside counsel provide feedback on a variety of topics such as Board and committees’ management, responsibilities, effectiveness and composition.  Our Corporate Secretary summarizes these individual assessments and discusses the results with the Nominating and ESG Committee and the Board. The Board then takes such further action or guides management on key findings, as it deems appropriate.
 
During 2023, our Board met six times and acted once by written consent; our Audit Committee met six times; our Compensation Committee met six times; our Nominating and ESG Committee met three times; and our Strategy Committee met once and acted once by written consent.  Each of the incumbent directors (including all the director nominees listed in Proposal 1) attended at least 75% of our Board meetings and the meetings of each of the committees of the Board on which they served.
 
We recognize the importance of keeping our Board members current on market trends, industry events, and best practices, as well as enhancing their knowledge of the Company’s evolving solution portfolio and identity security platform, go‑to‑market motion and research and development programs.  New Board members undergo our onboarding process, including onboarding guides and tailored trainings.  In addition, we provide continuing director education, which may include internally developed materials, presentations and training, or programs presented by third parties, and encourage our directors to attend CyberArk events such as our annual “IMPACT” customer event.
 
10

Considerations in Evaluating Director Nominees
 
Our Nominating and ESG Committee undertakes an evaluation process of the qualifications of the Board members and identifies potential areas where we may enhance our Board, including size, composition and additional expertise.  We look for Board members with the highest levels of integrity and ethics that align with our corporate values.  Our strong corporate culture has been key to our long‑term success, and we believe the tone is set at the top with our Board.  To represent the best interests of our shareholders, we remain committed to maintaining a Board that is inclusive and endeavors to have varied expertise, experience and diversity – including experience, gender, racial and ethnic diversity – among its members.  We consider director nominees’ suitability for their role also based on the following criteria:
 
BUSINESS EXPERTISE
CONSIDERATIONS
INDUSTRY EXPERIENCE
DIVERSITY
o Corporate governance
o Financial
o Go‑to‑market strategy
o Product management
o Leadership
o M&A
o Risk management
o Strategy
o Sustainability
o Public Company
o Alliances and partnerships
o B2B
o Cloud
o Competitive analysis
o Cybersecurity
o Public sector
o SaaS or Software
o Information Technology
o Cultural background
o Ethnicity
o Gender identity
o Race
o Sexual orientation
o Experience
 
Board Diversity Matrix
 
The table below provides certain information regarding the diversity of our Board as of the date of this Proxy Statement.  Each of the categories listed in the table has the meaning ascribed to it in Nasdaq Listing Rule 5605(f).
 
Country of Principal Executive Offices: Israel
Foreign Private Issuer: Yes
Disclosure Prohibited under Home Country Law: No
Total Number of Directors: 9

 
Female
Male
Non-Binary
Did not Disclose Gender
Part I: Gender Identity
 
Directors
3
6
‑‑
‑‑
Part II: Demographic Background
 
Underrepresented Individual in Home Country Jurisdiction
--
LGBTQ+
‑‑
Did Not Disclose Demographic Background
1

11

DIRECTOR & OFFICE HOLDER COMPENSATION
 
Executive Compensation Program ‑ Methodology & Key Principles
 
Our Compensation Committee and Board have carefully structured our executive compensation program to attract, motivate and retain our key office holders who drive our success, including our Executive Chair and our CEO.
 
Our office holders’ compensation program is designed to promote the Company’s medium‑ and long‑term objectives, business and strategy and create appropriate incentives for our office holders, taking into consideration, among other factors, the size and nature of operations of our Company as well as our competitive environment.  The program’s key principles and governance best practices include:
 
Compensation program is designed to incentivize superior individual excellence and link the compensation of our office holders to the Company’s success and, as a result, to align the interests of our office holders with those of our shareholders
 
Compensation that balances performance targets and time horizons to support the achievement of our financial, strategic and long‑term objectives, while remaining in line with market practices and the principles of our ESG program
 
Annual review of our compensation program to ensure its compliance with applicable laws and regulations, market practices, as well as the Company’s targets and strategy
 
Fully independent Compensation Committee, composed of at least three members
 
Independent, outside consultant support in the design and analysis of our compensation program and advice regarding our executive and non‑employee director compensation
 
Annual equity‑based compensation cap for both our executives and Board members
 
Annual cash bonus payments cap for our executives
 
Continuously enhancing our compensation practices to include a significant performance‑based component in our executives’ compensation. Currently, at least 50% of our executives’ annual equity grant is subject to performance‑based criteria
 
Carefully managing and reducing our equity dilution level (currently below 10%)
 
Prohibiting any transaction in the Company’s shares and derivatives that are speculative or short‑term in nature, create an actual or perceived conflict of interest, or bet against the Company’s future performance or short‑term prospects
 
Recoupment provisions clawback policy for both cash and equity compensation in compliance with new SEC and Nasdaq requirements.
 
Evolution of our Executive Compensation Program
 
We strive to provide a mix of compensation that supports a pay‑for‑performance culture and encourages the retention of key executives who contribute to our corporate results.  Our compensation methodology has been to provide a moderate, fixed and predictable base salary, while putting a greater emphasis on variable compensation – comprised of cash bonuses, and, to a greater extent, equity – to promote the achievement of critical corporate goals and thereby align our management’s interests with those of our shareholders.  We believe that our compensation practices, which have evolved over time, have been effective in incentivizing achievement of key strategic objectives that resulted in long‑term sustainable shareholder value, while keeping compensation packages competitive with the practices applied by other companies in our Peer Group.  For example, in 2021 and 2022, a significant portion of our executives’ compensation was linked to the timely achievement of our business model transition, and key criteria for 2024 compensation relates to the achievement of our profitability and free cash flow generation goals.
 
12

As the Company has grown and matured, our Compensation Committee and Board have likewise evolved our executive compensation program, taking into account shareholder feedback.  Since our initial public offering in 2014, we have continuously enhanced our executive equity grant methodology and practices, in line with progressive compensation trends that prevail among global technology companies, often more mature than ourselves.  For example, the portion of performance‑based equity has increased over time and continues to be relatively high compared to our Peer Group, and we introduced a relative TSR performance metric long before our Peer Group.  According to analysis from Aon’s Human Capital Solutions practice, a division of Aon plc (“Aon”), approximately 53% of our Peer Group grants performance‑based equity awards to their chief executive officers, with 31% of their overall grant value granted as performance‑based equity awards.
 
Performance as a Key Consideration in Annual Compensation Review
 
The Compensation Committee conducts a thorough performance review process of each of our executives on an annual basis, considering, among other factors, the achievement of the specific performance goals that were set for each executive at the beginning of the previous year as well as our CEO’s assessment of the performance of each executive (other than himself and the Executive Chair).  The performance review is used by the Compensation Committee and the Board to determine the extent to which an executive has earned their performance‑based, variable cash and equity compensation for the previous fiscal year.  Further, the performance evaluation serves as a key factor in considering potential updates of an executive’s compensation package.
 
Each year, the Board approves, based on the recommendation of the Compensation Committee, the financial and strategic goals applicable to the executives’ performance‑oriented, variable compensation, based on the Company’s operating plan for that year and its strategic goals for the upcoming years.  These quantitative and, to a lesser extent, qualitative goals are assigned to each executive as part of their annual bonus plan, and a composition of different key, measurable performance indicators for the Company are designated as performance criteria for the purposes of earning PSUs granted by the Company.  All goals are designed to align executive pay with the Company’s medium‑ or long‑term performance, and promote successful achievement of critical milestones in the Company’s growth and the execution of its strategy, thereby supporting the increase of Company and shareholder long‑term value.
 
The Compensation Committee and the Board’s strong track record of setting substantial performance goals designed to pay for performance and align our executives’ interests with those of our shareholders is demonstrated by the PSU performance criteria achievement rates and their applicable earning rates:
 
   
Targets
Performance Criteria Achievement Rate (Weighted Average)
Earning Rate
2020
Annual revenue
Non-GAAP profitability
License-derived revenue
80.0%
60.0%
2021
Annual recurring revenue
Percentage of new license subscription bookings out of total new license bookings, on an annualized basis
111.0%
183.0%
2022
Annual recurring revenue
Total new license bookings, on an annualized basis
99.0%
102.0%
2023
Annual recurring revenue
Operating Margin
181.3%
159.0%
 
 In addition, we link a portion of the compensation of senior members of our executive team to the Company’s performance as compared to other companies in our industry by using relative TSR with at least a three‑year performance period as a performance criterion, thereby directly aligning their interests with those of our shareholders for an extended period of time.  This promotes the consistent performance and long‑term vision of key executives whose decisions will determine the Company’s trajectory in the coming years, as demonstrated below:
 
Year of Grant
Percentile
Earning Rate
2020
49.7%
99.4%
2021
89.7%
200.0%
 
13

Equity Plan Governance
 
Our Compensation Committee and Board have consistently taken a disciplined approach to effectively manage the long‑term dilutive impact of our equity incentive grants and are committed to continue balancing the scope of our equity compensation program with its impact on our earnings per share.  The Compensation Committee and Board regularly review the Company’s equity compensation methodology to ensure it supports the achievement of our financial and strategic objectives and remains in line with market practices, while effectively managing the level of shareholder dilution and increases in our share‑based compensation in proportion to our overall revenue.  Some of the measures we have undertaken to effectively manage dilution include authorizing the reservation of shares for issuance under the Company’s 2014 share incentive plan (the “2014 Plan”) between 2017 and 2024, and under the 2020 Employee Share Purchase Plan (the “2020 ESPP”) between 2020 and 2024, at a rate significantly lower than that otherwise permissible under such plans and reducing the overall number of shares reserved for issuance under the 2014 Plan by 900,000 ordinary shares in June 2019 and by an additional 150,000 ordinary shares on May 1, 2024.  We have continuously enhanced our equity compensation program to weight more towards the grant of PSUs versus time‑based stock options, initially with respect to Mr. Mokady as our CEO at that time, and subsequently for all our executives and other senior managers, including Mr. Cohen, in his previous role as COO and as our current CEO.
 
Outside Consultant Engagement
 
The Compensation Committee has engaged Aon as an independent, outside consultant, to provide it with advice related to our executive and non‑employee director compensation programs and to assist in the design, formulation, analysis, and implementation of our compensation program.  The information provided by Aon relating to the compensation practices of peer companies aids the decision‑making process of the Compensation Committee and Board and supports our ability to inform our shareholders of the Company’s relative positioning on compensation.  The Compensation Committee and Board make their final decisions relating to annual executive compensation in reliance on various considerations, including the information provided by Aon, as applicable, with a focus on the individual performance of our executives.
 
The Company’s current compensation peer group (“Peer Group”) was determined by the Compensation Committee, following Aon’s analysis of appropriate peers, based on sector, revenue and market capitalization, and is comprised of:
 
Alteryx, Inc.
Five9, Inc.
New Relic, Inc.
Tenable Holdings, Inc.
AppFolio, Inc.
GitLab Inc.
Okta, Inc.
Varonis Systems, Inc.
Box, Inc.
Guidewire Software, Inc.
Q2 Holdings, Inc.
Wix.com Ltd.
Cloudflare, Inc.
HashiCorp, Inc.
Qualys, Inc.
Zscaler, Inc.
CrowdStrike Holdings, Inc.
HubSpot, Inc.
Rapid7, Inc.
 
Dynatrace, Inc.
monday.com Ltd.
SentinelOne, Inc.
 
 
As of November 2023 when the Peer Group was determined, the Company’s revenue was at the 31st percentile of the Peer Group revenue for the trailing 12 months, and the Company’s market capitalization was at the 69th percentile of the Peer Group market capitalization.
 
As of May 17, 2024, 2,705,122 ordinary shares underlying share‑based awards were outstanding under the Company’s 2014 Plan and the 2020 ESPP, and 2,045,569 ordinary shares were reserved for future grant under the 2014 Plan and the 2020 ESPP, reflecting a basic dilution rate of 9.9%.  Aon’s survey data reflected that while the Company’s revenue multiples were over the 75th percentile and its three‑year total shareholder return was over the 95th percentile among the Peer Group, its 2023 total equity overhang was positioned favorably below the 25th percentile among the Peer Group.
 
14

Compensation of Non‑Executive Directors
 
As of July 1, 2019, following the approval of our shareholders, our non‑executive directors are entitled to the following compensation:
 
Cash Compensation
 
Annual fees with respect to each 12 months of service in the amounts of:
 
 
Lead Director
Member
Board
US$52,500
US$35,000
 
Additional fees with respect to each 12 months of service on Board committees in the amounts of:
 
Committee
Chairperson
Member
Audit
US$20,000
US$10,000
Compensation
US$12,000
US$6,000
Nominating and ESG
US$8,000
US$4,000
Strategy
US$8,000
US$4,000
 
Directors are also entitled to be reimbursed for reasonable travel, accommodation and other expenses incurred by them in connection with attending Board and committee meetings and performing their functions as directors of the Company.
 
Equity‑Based Compensation
 
Directors are entitled to equity awards of restricted share units in the value of:
 
New Appointment Award
Up to US$350,000
Subsequent Annual Award
US$200,000
 
For more information on director compensation, see Proposal 2 of our 2019 Proxy Statement, filed with the SEC on May 21, 2019, “Item 6.B. Compensation—Compensation of Directors and Senior Management” and “Item 6.C. Board Practices—Compensation of Directors” of our annual report on Form 20‑F for the year ended December 31, 2023, filed with the SEC on March 13, 2024.
 
As part of the 2024 compensation analysis, the Compensation Committee and the Board, with the support of Aon as an independent outside consultant, evaluated the non-employee director compensation program and found it to be appropriate.
 
15

ENVIRONMENTAL, SOCIAL & GOVERNANCE (“ESG”)
 
Overview
 
The principles of ESG are an important part of our broader strategy and values, and we believe that transparent disclosure of the initiatives in our ESG program will allow our stakeholders to be informed about, and educated to give feedback on, our progress.
 
Our ESG approach and disclosures integrate input from internal and external stakeholders and external experts. In 2023, we continued executing our ESG program, which included conducting an ESG impact analysis. The analysis incorporated various stakeholder perspectives, such as employees, shareholders and partners, to help us identify and prioritize our ESG focus areas as well as better understand how ESG factors could impact our business.
 
For more information on our ESG-related activities and to download our annual ESG Report, please visit our website at https://www.cyberark.com/company/esg/. Neither the ESG Report nor the contents of our website are incorporated into this Proxy Statement.
 
ESG Oversight
 
Our approach to ESG is guided by an internal ESG Committee, which is led by the Senior Vice President, Finance and Investor Relations, and comprises members of key business areas including Legal and Compliance, Human Resources, Investor Relations, Information Technology and Product Management. The ESG Committee reports to an Executive Steering Committee that includes the CEO. Ultimately, the ESG Committee is overseen by the Nominating and ESG Committee, which has primary responsibility for overseeing our ESG program, and the full Board. We believe this structure increases the Board’s effectiveness as it oversees our ESG progress, including the establishment of future targets.
 
Other Board committees have oversight responsibilities on certain ESG-related matters that fall within their primary areas of responsibility. The Audit Committee oversees risk management, Accounting and Financial Reporting, Legal, Compliance, Privacy and cybersecurity, and the Compensation Committee oversees compensation practices and policies, Human Capital Management and Diversity, Equity and Inclusion (DEI) matters.
 
ESG Focus Areas
 
Cybersecurity and Data Privacy
 
Cybersecurity is our business. Securing our network, our solutions, our employees, our customers, and our partners is the foundation of our success. At the same time, our internal cybersecurity and privacy programs are critical components of our overall strategy execution. We continue to make ongoing investments in people, processes, and technologies to mitigate risks to our business, build trust and help our customers protect against advanced cyberattacks.
 
 In recognition of the potential impact on our business, we maintain a cybersecurity governance structure at the highest levels of the company. The Board’s Audit Committee has oversight of our cybersecurity risk management program and receives periodic updates of our cybersecurity risks and controls from our management. In addition, our internal Information Security Steering Committee typically meets monthly to discuss key security matters, mitigation plans and progress. The Information Security Steering Committee members include our CEO, Chief Information Officer (CIO), Chief Product Officer (CPO), Chief Legal Officer (CLO) and Chief Information Security Officer (CISO), as well as leaders from our Information Security, R&D and Security Services teams (including Red Team and cyber-attack experts), as needed. Our Service and Product Security Committee (SPSSC) meets periodically to discuss key security matters related to our solutions. The SPSSC includes our CPO, Global Vice President of R&D, Senior Vice President of Product Management, CISO, Senior Legal Counsel and other service and product security leaders in our Product Management and R&D departments.
 
Cybersecurity.
 
Our cybersecurity risk management program is centered on management of risks related to our network, product and cloud security, including security measures and controls to identify, protect, detect, respond to, and recover from cybersecurity risks. We utilize the National Institute of Standards and Technology (NIST) cybersecurity framework as a guide to help assess and improve our program. Our dedicated security teams work to continuously improve our secure development, security operations and threat-mitigation practices. We conduct formal risk assessments and external audits on our corporate network on a regular basis as well as security assessments by qualified third parties. The results of such assessments are presented to and monitored by the Audit Committee. A critical part of our cybersecurity program is internal training and awareness, including mandatory annual training and regular campaigns, exercises and drills. Furthermore, we continue to make ongoing investments in our products and services to help our customers protect against advanced cyberattacks.
 
16

Data Privacy.

The security and privacy of our customers’ data is paramount. We have made significant investments in technical and organizational measures to establish and manage compliance with laws and regulations governing our activities regarding protected data (such as GDPR), which enhance our data protection and cybersecurity. Furthermore, we monitor cybersecurity risks, certifications or assessments at our third-party cloud infrastructure providers and other IT service providers and reevaluate those contractual relationships as appropriate. In 2023, we updated our Privacy Notice and consolidated our Data Protection Customer FAQs, which cover how we handle our customers’ data and encompass all aspects of our SaaS solutions.

For more information, see our 2022 ESG report, published in 2023, and key privacy documents available at www.cyberark.com, none of which are incorporated by reference in this Proxy Statement.
 
Human Capital Management

Our Culture and Talent strategy (also Human Capital Management) is built on four pillars: Attract, Belong, Communicate and Develop – the ABCDs. The ABCD strategy supports the wellbeing, retention, and career development of our people, since our culture continues to be a key ingredient in our success.

For more information, see “Item 6.D. Employees” of our annual report on Form 20-F for the year ended December 31, 2023, filed with the SEC on March 13, 2024.

Environment and Climate

We recognize the importance of environmental stewardship. We are actively working to better understand our carbon footprint. This process will serve as the foundation for exploring opportunities to identify the best ways to reduce our environmental impact. We further engage with our customers and investors, taking into account their input to help us build a strong environmental strategy. Ongoing environmental initiatives include receiving a limited level of assurance of our Scope 1 and Scope 2 greenhouse gas emissions during 2023, education and training sessions for employees on environmental topics, various employee volunteering activities, and our tree planting initiative for every new employee and as part of our employee recognition program.

17

PROPOSAL 1

RE‑ELECTION AND ELECTION OF CLASS I DIRECTORS
 
Background
 
Our shareholders are being asked to re‑elect each of Matthew Cohen and François Auque, and to elect Mary Yang, each as a Class I director.
 
Our directors are divided among the three classes as follows:
 

(1)
our Class I directors are Matthew Cohen, François Auque and Mary Yang, whose current terms expire at the Meeting and upon the election and qualification of their respective successors,
 

(2)
our Class II directors are Gadi Tirosh, Amnon Shoshani and Avril England, whose current terms expire at our 2025 annual general meeting of shareholders and upon the election and qualification of their respective successors, and
 

(3)
our Class III directors are Ehud (Udi) Mokady, Ron Gutler and Kim Perdikou, whose current terms expire at our 2026 annual general meeting of shareholders and upon the election and qualification of their respective successors.
 
Re‑Election and Election of Class I Directors
 
The Nominating and ESG Committee and Board recommended that we nominate each of our current Class I directors, Matthew Cohen and François Auque, for re‑election, and Mary Yang for election, each as a Class I director at the Meeting, and each for a term of approximately three years following the Meeting. The director nominees did not participate in the discussion and applicable vote regarding their respective nominations for election and re‑election, as applicable.
 
Director Nominees’ Qualifications and Independence
 
Each of the director nominees has consented to be named in this Proxy Statement and has advised the Company that they are willing, able and ready to serve as a director if elected.  Additionally, in accordance with the Companies Law, each of the director nominees has certified to us that they meet all the requirements of the Companies Law for election as a director of a public company and possesses the necessary qualifications and has sufficient time to fulfill their duties as directors of the Company, taking into account the size and needs of our Company.  We do not have any arrangements, understandings, or agreements with respect to the election of any of the director nominees at the Meeting. François Auque and Mary Yang are independent under Nasdaq corporate governance rules.
 
Biographies of Director Nominees
 
Set forth below is certain biographical information regarding the background and experience of Mr. Cohen, Ms. Yang and Mr. Auque.  For more information regarding the experience and skills of the director nominees, please refer to the Board Composition and Qualification section above.
 
Matthew Cohen has served as our Chief Executive Officer since April 2023. He previously served as our Chief Operating Officer since December 2020 after serving as our Chief Revenue Officer from December 2019. Prior to joining CyberArk, Mr. Cohen held several leadership positions in PTC Inc. (Nasdaq: PTC). His most recent position was Executive Vice President of Field Operations, from February 2018 to November 2019, where he led the go-to-market strategy and all Sales, Commercial Marketing, Customer Success, Services, and Partner functions. Prior to that he was Executive Vice President, Customer Success and Partners from July 2016 to February 2018, Executive Vice President, Global Services from April 2014 through July 2016, and Divisional Vice President, Global Services from October 2013 to March 2014. Before that, Mr. Cohen held various positions in the company’s Global Services group. Mr. Cohen holds a Bachelor of Arts in Psychology from Harvard University.
 
18

François Auque has served as a member of our board of directors since February 2019. Mr. Auque serves as the deputy chairman of the board of directors and chairman of the Audit and Risk Committee of Rexel SA from May 2019, after being an observer on the board from October 2018. Mr. Auque is a partner at InfraVia Capital Partners, a Private Equity firm based in Paris. Mr. Auque served as the General Partner and Chairman of the Investment Committee of Airbus Ventures, the venture capital arm of Airbus between 2016 and 2018. From 2000 to 2016, Mr. Auque headed the Airbus space division as a member of Airbus Group’s Executive Committee. Between 1991 and 2000, Mr. Auque served as Chief Financial Officer of Aerospatiale (then Aerospatiale-Matra), one of the three founding firms of the European Aeronautic Defense and Space Company (EADS), Europe’s largest aerospace company (currently Airbus). Mr. Auque holds a Master’s in Finance from Ecole des Hautes Etudes Commercials in Paris, France, a Bachelor of Arts in Public Administration from the Paris Institute of Political Studies in Paris, France, and is a graduate in economics from Ecole Nationale d’Administration in Paris, France.
 
Mary Yang has served as a member of our board of directors since November 2023. Ms. Yang serves as a director and audit committee member of Sunnova Energy International Inc. (NYSE:NOVA) since October 2021. Ms. Yang served as Senior Vice President and Chief Strategy Officer of Ciena Corporation (NYSE:CIEN) between 2020 and 2022. Between 2016 and 2020, she served as Vice President, Business and Corporate Development for NIO Inc. (NYSE: NIO). She served as Vice President, Corporate Development and Strategic Alliances for Fortinet Inc. (Nasdaq: FTNT) between 2014 and 2016, and as Global Head of Security Corporate Development for Cisco Systems Inc. (Nasdaq: CSCO) between 2011 and 2014 and as Global Business Development Director between 2008-2011. Ms. Yang holds a Juris Doctorate from Stanford Law School and several academic degrees from Stanford University, including a Master of Business Administration, a Master of Science in Management Science and Engineering and a Bachelor of Arts in Quantitative Economics.
 
Proposed Resolutions: Proposal 1
 
We are proposing that our shareholders adopt the following resolutions at the Meeting:
 

(a)
RESOLVED, that the re‑election of Matthew Cohen as a Class I director of the Company, for a term of approximately three years that expires at the third annual general meeting of shareholders to be held following his re‑election, and until the due election and qualification of his successor, be, and hereby is, approved in all respects.”
 

(b)
RESOLVED, that the re‑election of François Auque as a Class I director of the Company, for a term of approximately three years that expires at the third annual general meeting of shareholders to be held following his re‑election, and until the due election and qualification of his successor, be, and hereby is, approved in all respects.”
 

(c)
RESOLVED, that the election of Mary Yang as a Class I director of the Company, for a term of approximately three years that expires at the third annual general meeting of shareholders to be held following her election, and until the due election and qualification of her successor, be, and hereby is, approved in all respects.”
 
Required Vote: Proposal 1
 
The vote required for the re‑election and election of each of the above‑referenced director nominees is the affirmative vote of the holders of a majority of the voting power present or represented at the Meeting in person or by proxy and voting on such re‑election and election.
 
Board Recommendation
 
The Board unanimously recommends that you vote “FOR” the re‑election of each of Messrs. Cohen and Auque, and the election of Ms. Yang, each as a Class I director.
 
19

PROPOSAL 2

TO APPROVE A GRANT OF EQUITY-BASED COMPENSATION TO THE EXECUTIVE CHAIR OF THE BOARD
 
Background
 
Under the Companies Law, any Israeli public company that seeks to approve terms of compensation of a director is required to obtain the approval of its compensation committee, board of directors and shareholders, in that order.
 
On February 4, 2024 and on February 6, 2024 (the “Date of Grant”), our Compensation Committee and our Board, respectively, approved a grant of Performance Stock Units (“PSUs”) and Restricted Stock Units (“RSUs”) to our Executive Chair, Mr. Mokady, with respect to 2024 (the “2024 EC Grant”), pursuant to our 2014 Plan and applicable award agreements. Our shareholders are being asked to approve the 2024 EC Grant.
 
Methodology
 
The proposed structure of the 2024 EC Grant reflects the feedback received from our shareholders over a multi-year engagement process, using compensation as a strategic and valuable tool that helps ensure executive incentives are directly tied to creating long-term Company value. Our Compensation Committee and Board believe the proposed 2024 EC Grant, which stems from our executive compensation methodology described above, has been designed to align a significant portion of the EC compensation with shareholder interests and long-term value creation.
 
When determining the proposed 2024 EC Grant, the Compensation Committee and Board considered an independent compensation analysis prepared by Aon to ensure it provides a framework that promotes executive-shareholder alignment on achieving long-term Company success and allows for Mr. Mokady’s compensation, as a U.S.-based executive, to remain appropriate and competitive relative to market practices in similar technology companies and in a changing market environment.
 
Executive Leadership Roles and Responsibilities
 
On April 3, 2023, we separated the roles of CEO and Chairman of the Board. Mr. Mokady assumed the role of Executive Chair, and Matthew Cohen was appointed as CEO and joined our Board.
 
Mr. Mokady’s unique experience as the Company’s founder has been, and is expected to remain, important to the execution of the Company’s long-term strategy in the highly competitive identity security market. Mr. Mokady remains actively involved in the Company, and since his transition to the Executive Chair role, has made significant contributions to CyberArk. He actively participated in numerous industry events, engaged regularly with the executive leadership team and employees, and attended corporate events, serving as executive sponsor. He continues to foster the strong relationships he has built over the years and played a pivotal role in key customer and partner relationships, directly contributing to the Company’s growth and successful execution throughout 2023. Furthermore, his efforts were instrumental in raising brand awareness for the Company’s identity security strategy and reinforcing its leadership position in the market. Additionally, he promoted the Company’s distinctive culture and its core values of integrity, creativity and stability, through interactions with the Company’s employees, including new hires.
 
For more information on the Roles and Responsibilities of the Executive Chair, see Proposal 3 of our 2023 Proxy Statement, furnished to the SEC on May 24, 2023.
 
Terms of 2024 EC Grant
 
The following sets forth the value and key terms of the 2024 EC Grant:
 
Value of the Grant
 
In February 2024, the Compensation Committee and Board determined that the appropriate value of the 2024 EC Grant should be $5 million, assuming achievement of the PSU performance goals at target level.
 
The proposed 2024 EC Grant consists of 12,000 PSUs (at target) and 12,000 RSUs, which aligns with our executive compensation practices.  If all PSU performance criteria are achieved at target level, the 2024 EC Grant would constitute 0.06% of the Company’s issued and outstanding ordinary shares as of May 17, 2024.  The number of shares underlying the PSUs and RSUs to be granted was determined in the February 2024 Compensation Committee and Board meetings based on the average closing price of the Company’s shares during the 60 business days prior to the Date of Grant ($208.40).  The foregoing calculation is consistent with the grants made to our executive officers at such time and was designed to manage the impact of share price fluctuation on the dilution rate resulting from such awards.
 
20

Equity Mix
 
The proposed equity mix for the 2024 EC Grant, assuming achievement of target level performance, is as follows:
 
 
RSUs
Business PSUs
Relative TSR PSUs
Percentage
50%
30%
20%
Amount
12,000
7,200
4,800
Approximate Value
$2,500,000
$1,500,000
$1,000,000
 
The Compensation Committee and the Board have carefully evaluated the proposed equity mix and concluded that it is appropriate, also considering it significantly exceeds the practices of our Peer Group. Based on Aon’s analysis, only approximately 53% of our Peer Group include performance-based compensation in their equity programs, and among these companies, the performance-based equity portion constitutes 31% of the total grant value.
 
Performance Period and Criteria
 
Business PSUs
 
Business PSUs will be subject to a one‑year performance period, beginning on January 1, 2024, and ending on December 31, 2024.  The performance criteria are annual recurring revenue and non‑GAAP operating income margin, both of which are viewed as key factors in our long‑term success.  Neither of the Executive Chair’s PSU performance criteria is included in the performance metrics of his annual bonus plan. The achievement rate that would entitle Mr. Mokady to Business PSUs at target level is consistent with the objectives set in the Company’s 2024 operating plan that was approved by our Board in December 2023.  Entitlement based on performance will be determined linearly, based on a straight‑line interpolation between the applicable performance levels.  The threshold performance level for the business PSUs has been set at no less than 85% of the target.  In case of overachievement of the performance criteria, Mr. Mokady will be entitled to up to 200% of the target number of Business PSUs awarded with respect to each performance metric.
 
Relative TSR PSUs
 
The Relative TSR PSUs will be subject to a three‑year performance period, beginning on January 1, 2024 and ending on December 31, 2026.  The performance criterion for Relative TSR PSUs is the Company’s relative stock price performance versus the S&P Software & Services Select Industry Index.
 
The performance levels for the Relative TSR PSUs in the 2024 EC Grant has been set by the Compensation Committee and Board, as follows:
 
 
Percentile
Achievement Rate
Threshold
25th
50%
Target
50th
100%
Overachievement
75th
200%
 
Achievement rate between performance levels will be determined linearly, based on a straight‑line interpolation between the applicable performance levels.
 
21

Vesting Terms
 
The 2024 EC Grant will vest as follows, in each case subject to continued service:
 

RSUs. Will vest over a four-year period. 25% of the RSUs will vest on February 15, 2025, with the remainder vesting on a quarterly basis thereafter, and becoming fully vested on February 15, 2028.
 

Business PSUs. Will vest over a four-year period. Subject to the achievement of the relevant performance criteria, 25% of the earned Business PSUs will vest on February 15, 2025, with the remainder vesting on a quarterly basis thereafter, and becoming fully vested on February 15, 2028.
 

Relative TSR PSUs. Will vest following a three-year period. Subject to the achievement of the relevant performance criteria, earned Relative TSR PSUs will fully vest on February 15, 2027.
 
If the achievement of the relevant performance metrics has not been determined by the Compensation Committee and Board by the above stated vesting dates, the first vesting will occur on the day such determination is made. Based on Aon’s analysis, the proposed vesting is aligned with the practices of our Peer Group. No portion of the 2024 EC Grant will vest prior to the first anniversary of the Date of Grant.
 
Adjustments
 
The Compensation Committee and Board, acting jointly, have the discretion to reasonably adjust (increase or decrease) the PSU performance metrics and their relative weight, to the extent they reasonably determine that such adjustment is necessary to preserve the intended incentives and benefits of the PSUs, in accordance with the terms of our compensation policy.
 
As of the date hereof, the Compensation Committee and Board have not adjusted (or expect to adjust - see below) the terms or performance criteria of any of the PSU awards granted by the Company. In exercising their adjustment discretion, the Compensation Committee and Board will continue to apply a disciplined approach that is intended to promote the best interests of the Company and its shareholders. Any potential adjustment will be carefully considered and may only be applied in order to preserve the original purpose of the grant and the executive performance it was intended to promote.
 
Specifically, the Board and Compensation Committee do not intend to adjust the performance criteria to reflect the pending acquisition of Venafi announced on May 20, 2024. The transaction is expected to close in the second half of 2024, subject to required regulatory approvals, clearances and other customary closing conditions. The closing date, and therefore the impact of the acquisition on our financial results remains undetermined. Accordingly, the Board and Compensation Committee have not and do not intend to adjust the performance criteria applicable to the EC Equity Grant to reflect the proposed acquisition of Venafi. Instead, for purposes of determining the achievement of performance criteria applicable to the EC Equity Grant, the Board and Compensation Committee intend to exclude the acquisition’s impact on the Company’s 2024 financial results, in order to ensure that performance is measured on a like-for-like basis and that the performance criteria is no easier to meet than before the acquisition.
 
Conclusion
 
Our Compensation Committee and Board believe that the proposed 2024 EC Grant is in the best interests of the Company and its shareholders, as it promotes the Company’s objectives, business plan and long‑term strategy.  Failure to offer appropriate compensation to our Executive Chair would potentially pose a material risk to the Company’s short‑ and long‑term success.
 
The shareholder vote on this matter is binding under Israeli law, unlike the advisory “say‑on‑pay” votes found in proxy statements for U.S. domestic companies.  If this Proposal 2 is not approved by the affirmative vote of our shareholders as described herein, the Company will NOT be authorized to award any equity grant to our Executive Chair for 2024.
 
Proposed Resolution: Proposal 2
 
We are proposing that our shareholders adopt the following resolution at the Meeting:
 
RESOLVED, that the 2024 equity award for the Company’s Executive Chair, as described in Proposal 2 of the Proxy Statement, be, and hereby is, approved in all respects.”
 
Required Vote: Proposal 2
 
The vote required for the approval of the 2024 EC Grant is the affirmative vote of the holders of a majority of the voting power present or represented at the Meeting in person or by proxy and voting on this Proposal 2.
 
Board Recommendation
 
The Board unanimously recommends that you vote “FOR” the approval of the 2024 EC Grant to Mr. Mokady.
 
22

PROPOSAL 3

APPROVAL OF AMENDMENTS TO THE FORM OF INDEMNIFICATION AGREEMENT FOR OFFICE HOLDERS OF THE COMPANY
 
Background
 
Under the Companies Law, an Israeli public company that seeks to alter the terms of the indemnification agreement applicable to its “office holders” (as defined under the Companies Law) is required to obtain the approval of the compensation committee, board of directors and shareholders, in that order.

The Company’s form of indemnification agreement was last approved in 2014, and in order to align its terms with the Company’s growth, business trajectory and ongoing market trends, our Compensation Committee and Board have deemed it advisable and in the best interest of the Company to amend the form of our indemnification agreement pursuant to which we undertake to indemnify our current and future office holders, as set forth in the form attached hereto as Appendix B (the “Amended Indemnification Agreement”). The proposed changes are intended to align with market practice for similarly sized Israeli companies listed in the U.S., increase procedural efficiency, support better decision-making, and accordingly enhance shareholder value.
 
Main Amendments
 
The following are the main changes proposed to be implemented in the Amended Indemnification Agreement, if approved by shareholders.
 
Subject
Proposed Amendments to Indemnification Agreement
Rationale
Insurance

Incorporate an obligation to maintain insurance policy and clarify the process for handling claims

Align with previous proposal concerning the Company’s liability insurance coverage approved by shareholders in 2017
 Increase procedural clarity and efficiency
Indemnifiable Events

Broaden terminology beyond Israeli law requirements

Align with market practice for Israeli companies listed in the U.S.

Clarify language regarding applicability for certain type of events
Address growing focus of enforcement measures and litigation

Add language regarding cybersecurity incidents and “distributions” (as defined under the Companies Law) to shareholders
Align with the nature of the Company’s business and operations
Indemnification Amount

Indemnifiable Amount to apply to all indemnifiable persons, in aggregate, during a five-year period

Appropriately reflect the market standard for public Israeli companies of our size listed in the U.S.
Include additional criteria directly linking the Indemnification Amount cap to the Company’s market capitalization

Conclusion

Our Compensation Committee and Board recommended that the shareholders approve the form of Amended Indemnification Agreement for office holders of the Company, attached as Appendix B to this Proxy Statement, effective upon the close of the Meeting, and authorize the execution and delivery of such Indemnification Agreements with certain office holders of the Company following the close of the Meeting or when thereafter elected or appointed as an office holder of the Company.
 
The form of Amended Indemnification Agreement is consistent with our compensation policy. If the shareholders do not approve this Proposal 3, then the current form of indemnification agreement will remain in effect.

23

Proposed Resolutions: Proposal 3
 
We are proposing that our shareholders adopt the following resolution at the Meeting:
 
RESOLVED, to approve the form of Amended Indemnification Agreement, attached as Appendix B to the Proxy Statement, and as described in Proposal 3 of the Proxy Statement.”
 
Required Vote: Proposal 3
 
The vote required for the approval of this Proposal 3 is the affirmative vote of the holders of a majority of the voting power present or represented at the Meeting in person or by proxy and voting on this Proposal 3.
 
Board Recommendation
 
The Board recommends that you vote “FOR” the approval of the Amended Indemnification Agreement.

24

PROPOSAL 4

AMENDMENT OF THE ARTICLES OF ASSOCIATION

Background
 
Under the Companies Law, an Israeli public company that seeks to approve amendment to its articles of association is required to obtain the approval of its shareholders.

The Board has reviewed the proposed amendment to the Articles, as outlined below, and has determined that it is in the best interests of the Company and its shareholders. Our shareholders are being asked to approve the amendment.

Shareholder Proposals

Section 25(a) of our current Articles concerning shareholders’ ability to add a proposal to the agenda of a general meeting reflects the then applicable provisions of the Companies Law and the regulations promulgated thereunder at that time. Accordingly, Section 25(a) of our current Articles reflects that any Company shareholder that holds at least one percent (1%) of the Company’s voting rights may request, subject to the requirements of the Companies Law, that the Board includes a matter for consideration at a shareholders meeting.

On March 12, 2024, certain amendments to the Israeli Companies Regulations (Relief for Companies with Securities Listed for Trading on a Foreign Stock Exchange) (the “Amended Regulations”) became effective. Under the Amended Regulations, a shareholder must hold at least five percent (5%) of a company’s voting rights in order to request that the board of directors add a proposal to the agenda of a general meeting relating to the appointment or removal of a director.

In order to align our Articles with the Amended Regulations, our Board is proposing to amend Section 25(a) of our Articles as follows (deletions in strikethrough text and additions in underline):

“25. SHARHOLEDER PROPOSAL REQUEST


(a)
Any Shareholder or Shareholders of the Company holding at least one percent (1%) the required percentage under the Companies Law of the voting rights of the Company, which entitles such Shareholder(s) to require the Company to include a matter on the agenda of a General Meeting (the “Proposing Shareholder(s)”) may request, subject to the Companies Law, that the Board of Directors include a matter on the agenda of a General Meeting to be held in the future, provided that the Board determines that the matter is appropriate to be considered in a General Meeting (a “Proposal Request”). In order for the Board of Directors to consider a Proposal Request and whether to include the matter stated therein in the agenda of a General Meeting, notice of the Proposal Request must be timely delivered in accordance with applicable laws, and the Proposal Request must comply with the requirement of these Articles (including this Article 25) and any applicable law and stock exchange rules and regulations. The Proposal Request must be in writing, signed by all of the Proposing Shareholder(s) making such request, delivered, either in person or by certified mail, postage prepaid, and received by the Secretary (or, in the absence thereof by the Chief Executive Officer of the Company). To be considered timely, a Proposal Request must be received within the time periods prescribed by applicable law. The announcement of an adjournment or postponement of a General Meeting shall not commence a new time period (or extend any time period) for the delivery of a Proposal Request as described above. In addition to any information required to be included in accordance with applicable law, the Proposal Request must include the following: (i) the name, address, telephone number, fax number and email address of the Proposing Shareholder (or each Proposing Shareholder, as the case may be) and, if an entity, the name(s) of the person(s) that controls or manages such entity; (ii) the number of Shares held by the Proposing Shareholder(s), directly or indirectly (and, if any of such Shares are held indirectly, an explanation of how they are held and by whom), which shall be in such number no less than as is required to qualify as a Proposing Shareholder, accompanied by evidence satisfactory to the Company of the record holding of such Shares by the Proposing Shareholder(s) as of the date of the Proposal Request, and a representation that the Proposing Shareholder(s) intends to appear in person or by proxy at the meeting; (iii) the matter requested to be included on the agenda of a General Meeting, all information related to such matter, the reason that such matter is proposed to be brought before the General Meeting, the complete text of the resolution that the Proposing Shareholder proposes to be voted upon at the General Meeting and, if the Proposing Shareholder wishes to have a position statement in support of the Proposal Request, a copy of such position statement that complies with the requirement of any applicable law (if any), (iv) a description of all arrangements or understandings between the Proposing Shareholders and any other Person(s) (naming such Person or Persons) in connection with the matter that is requested to be included on the agenda and a declaration signed by all Proposing Shareholder(s) of whether any of them has a personal interest in the matter and, if so, a description in reasonable detail of such personal interest; (v) a description of all Derivative Transactions (as defined below) by each Proposing Shareholder(s) during the previous twelve (12) month period, including the date of the transactions and the class, series and number of securities involved in, and the material economic terms of, such Derivative Transactions; and (vi) a declaration that all of the information that is required under the Companies Law and any other applicable law and stock exchange rules and regulations to be provided to the Company in connection with such matter, if any, has been provided to the Company. The Board of Directors, may, in its discretion, to the extent it deems necessary, request that the Proposing Shareholder(s) provide additional information necessary so as to include a matter in the agenda of a General Meeting, as the Board of Directors may reasonably require.

25

A “Derivative Transaction” means any agreement, arrangement, interest or understanding entered into by, or on behalf or for the benefit of, any Proposing Shareholder or any of its affiliates or associates, whether of record or beneficial: (1) the value of which is derived in whole or in part from the value of any class or series of shares or other securities of the Company, (2) which otherwise provides any direct or indirect opportunity to gain or share in any gain derived from a change in the value of securities of the Company, (3) the effect or intent of which is to mitigate loss, manage risk or benefit of security value or price changes, or (4) which provides the right to vote or increase or decrease the voting power of, such Proposing Shareholder, or any of its affiliates or associates, with respect to any shares or other securities of the Company, which agreement, arrangement, interest or understanding may include, without limitation, any option, warrant, debt position, note, bond, convertible security, swap, stock appreciation right, short position, profit interest, hedge, right to dividends, voting agreement, performance-related fee or arrangement to borrow or lend shares (whether or not subject to payment, settlement, exercise or conversion in any such class or series), and any proportionate interest of such Proposing Shareholder in the securities of the Company held by any general or limited partnership, or any limited liability company, of which such Proposing Shareholder is, directly or indirectly, a general partner or managing member.”
 
Proposed Resolutions: Proposal 4
 
We are proposing that our shareholders adopt the following resolution at the Meeting:
 
RESOLVED, to approve the amendment to the Articles, as described in Proposal 4 of the Proxy Statement.”
 
Required Vote: Proposal 4
 
The vote required for the approval of this Proposal 4 is the affirmative vote of the holders of a majority of the voting power present or represented at the Meeting in person or by proxy and voting on this Proposal 4.
 
Board Recommendation
 
The Board recommends that you vote “FOR” the adoption of the foregoing amendment to our Articles.

26

PROPOSAL 5

RE‑APPOINTMENT OF INDEPENDENT AUDITORS AND AUTHORIZATION OF THE BOARD TO
FIX ANNUAL REMUNERATION OF THE INDEPENDENT AUDITORS
 
Background
 
Our shareholders are asked to approve the re‑appointment of our independent auditors and to authorize our Board to approve their annual remuneration for the fiscal year ending December 31, 2024, and for such additional period until the next annual general meeting of shareholders.
 
In June 2023, Kost Forer Gabbay & Kasierer, a member of Ernst & Young Global (“Kost Forer”), was appointed by the Company’s shareholders as the Company’s independent auditors for the fiscal year ended December 31, 2023, and for such additional period until the Meeting.  Each of the Audit Committee and the Board has approved the re‑appointment of Kost Forer as the Company’s independent auditors, subject to approval by the Company’s shareholders, for the fiscal year ending December 31, 2024, and for such additional period until the next annual general meeting of shareholders.  The Company, based upon the recommendation of the Audit Committee and the Board, is submitting for approval the re‑appointment of Kost Forer as its independent auditors for the year ending December 31, 2024 until the annual general meeting to be held in 2025, and the authorization of the Board, following approval and recommendation of the Audit Committee, to determine the compensation of the auditors in accordance with the volume and nature of their services pursuant to their engagement.
 
The following table sets forth the total fees paid by the Company and its subsidiaries to the Company’s independent auditors, Kost Forer, in each of the previous two fiscal years:
 
   
2022
   
2023
 
             
Audit Fees
 
$
872
   
$
1,010
 
Audit‑Related Fees
   
33
     
-
 
Tax Fees
   
749
     
262
 
All Other Fees
   
57
     
45
 
Total
 
$
1,711
   
$
1,317
 
 
“Audit fees” include fees for the audit of our annual financial statements.  This category also includes services that generally the independent accountant provides, such as consents and assistance with and review of documents filed with the SEC.
 
“Audit‑related fees” include fees for assurance and related services that are reasonably related to the performance of the audit and are not reported under audit fees.  These fees primarily include accounting consultations regarding the accounting treatment of matters that occur in the regular course of business, implications of new accounting pronouncements, acquisitions and other accounting issues that occur from time to time.
 
“Tax fees” include fees for professional services rendered by our independent registered public accounting firm for tax compliance and tax advice on actual or contemplated transactions.
 
“All other fees” include fees for services rendered by our independent registered public accounting firm with respect to government incentives and other matters.
 
Our Audit Committee has adopted a pre‑approval policy for the engagement of our independent accountant to perform certain audit and non‑audit services.  Pursuant to this policy, which is designed to assure that such engagements do not impair the independence of our auditors, the Audit Committee pre‑approves each type of audit, audit‑related, tax and other permitted service.  The Audit Committee has delegated the pre‑approval authority with respect to audit, audit‑related, tax and permitted non‑audit services up to a maximum of $25,000 to its chairperson and may in the future delegate such authority to one or more additional members of the Audit Committee, provided that all decisions by that member to pre‑approve any such services must be subsequently reported, for informational purposes only, to the full Audit Committee.  All audit and non‑audit services provided by our auditors in 2022 and 2023 were approved in accordance with our policy.
 
27

Proposed Resolutions: Proposal 5
 
We are proposing that our shareholders adopt the following resolutions at the Meeting:
 
RESOLVED, that the Company’s independent auditors, Kost Forer Gabbay & Kasierer, a member of Ernst & Young Global, be, and hereby are, re‑appointed as the independent auditors of the Company for the fiscal year ending December 31, 2024, and for such additional period until the next annual general meeting of shareholders.”
 
RESOLVED, that the Company’s Board be, and hereby is, authorized to fix the remuneration of the independent auditors in accordance with the volume and nature of their services, such remuneration and the volume and nature of such services to be approved first by the Audit Committee.”
 
Required Vote: Proposal 5
 
The vote required for the approval of this Proposal 5 is the affirmative vote of the holders of a majority of the voting power present or represented at the Meeting in person or by proxy and voting on this Proposal 5.
 
Board Recommendation
 
The Board unanimously recommends that you vote “FOR” the re‑appointment of Kost Forer Gabbay & Kasierer, a member of Ernst & Young Global, as the independent auditors of the Company for the fiscal year ending December 31, 2024, and for such additional period until the next annual general meeting of shareholders, and the authorization of the Board to fix the remuneration of the independent auditors in accordance with the volume and nature of their services as described in this Proposal 5.
 
28

PRESENTATION AND DISCUSSION OF AUDITED ANNUAL FINANCIAL STATEMENTS
 
At the Meeting, the audited consolidated financial statements of the Company for the fiscal year ended December 31, 2023, will be presented.  A copy of the Company’s annual report on Form 20‑F for the year ended December 31, 2023 (including the audited consolidated financial statements for the year ended December 31, 2023) is available for viewing and downloading on the SEC’s website at www.sec.gov as well as on the “Investor Relations” section of our Company’s website at http://investors.cyberark.com.  Alternatively, you may request a printed copy of the annual report on Form 20‑F by fax to our Corporate Secretary, Meital Koren, at +972‑3‑9240111.
 
OTHER MATTERS
 
Our Board does not intend to bring any matters before the Meeting other than those specifically set forth in the Proxy Statement and is not aware of any other matters to be brought before the Meeting by others.  If any other matters properly come before the Meeting, it is the intention of the persons named in the accompanying proxy card to vote such proxy in accordance with the recommendation of the Board or, absent such recommendation, using their best judgment.
 
ADDITIONAL INFORMATION
 
The Company’s annual report on Form 20‑F for the year ended December 31, 2023, filed with the SEC on March 13, 2024, is available on the SEC’s website at www.sec.gov as well as on the “Investor Relations” section of our Company’s website at http://investors.cyberark.com.
 
The Company is subject to the information reporting requirements of the Exchange Act, applicable to foreign private issuers.  The Company fulfills these requirements by filing or furnishing reports with the SEC.  The Company’s filings with the SEC are available to the public on the SEC’s website at www.sec.gov. As a foreign private issuer, the Company is exempt from the rules under the Exchange Act related to the furnishing and content of proxy statements.  The circulation of this Proxy Statement should not be taken as an admission that the Company is subject to those proxy rules.


By order of the Board of Directors:



Donna Rahav,

Chief Legal Officer

Petach‑Tikva, Israel
 
May 22, 2024
 
29

Appendix A
________________________________
 
CYBERARK SOFTWARE LTD.
 
Key Performance Metrics Definitions

and GAAP to Non-GAAP Reconciliation
________________________________
 
Key Performance Indicators and Non-GAAP Financial Measures
 
Annual Recurring Revenue (ARR)
 

ARR is defined as the annualized value of active SaaS, self-hosted subscriptions and their associated maintenance and support services, and maintenance contracts related to the perpetual licenses in effect at the end of the reported period.
 
Subscription Portion of Annual Recurring Revenue
 

Subscription portion of ARR is defined as the annualized value of active SaaS and self-hosted subscription contracts in effect at the end of the reported period. The subscription portion of ARR excludes maintenance contracts related to perpetual licenses.
 
Non-GAAP Financial Measures
 
CyberArk believes that the use of non-GAAP operating income (loss), is helpful to our investors. This financial measure is not a measure of the Company’s financial performance under U.S. GAAP and should not be considered as an alternative to operating loss or any other performance measure derived in accordance with GAAP. Non-GAAP operating income (loss) is calculated as GAAP operating loss excluding share-based compensation expense, impairment of capitalized software development costs, acquisition-related expenses and amortization of intangible assets related to acquisitions.
 
The Company believes that providing this non-GAAP financial measure that is adjusted by share-based compensation expense, impairment of capitalized software development costs, acquisition-related expenses and amortization of intangible assets related to acquisitions allows for more meaningful comparisons of its period to period operating results. Share-based compensation expense has been, and will continue to be for the foreseeable future, a significant recurring expense in the Company’s business and an important part of the compensation provided to its employees. Share-based compensation expense has varying available valuation methodologies, subjective assumptions and a variety of equity instruments that can impact a company’s non-cash expense. The Company believes that expenses related to its acquisitions and amortization of intangible assets related to acquisitions do not reflect the performance of its core business and impact period-to-period comparability.
 
Non-GAAP financial measures may not provide information that is directly comparable to that provided by other companies in the Company’s industry, as other companies in the industry may calculate non-GAAP financial results differently, particularly related to non-recurring, unusual items. In addition, there are limitations in using non-GAAP financial measures as they exclude expenses that may have a material impact on the Company’s reported financial results. The presentation of non-GAAP financial information is not meant to be considered in isolation or as a substitute for the directly comparable financial measures prepared in accordance with U.S. GAAP. CyberArk urges investors to review the reconciliation of non-GAAP operating income (loss) to GAAP operating loss included below and not to rely on any single financial measure to evaluate its business.
 

   
Twelve Months Ended
 
   
December 31,
 
   
2022
   
2023
 
             
 Operating loss
 
$
(152,450
)
 
$
(116,472
)
 Plus:
               
 Share-based compensation (1)
   
120,821
     
140,101
 
 Amortization of share-based compensation capitalized in software development costs (3)
   
346
     
393
 
 Amortization of intangible assets (2)
   
6,655
     
7,364
 
 Acquisition related expenses
   
2,244
     
-
 
 Impairment of capitalized software development costs (3)
   
-
     
2,067
 
                 
 Non-GAAP operating income (loss)
 
$
(22,384
)
 
$
33,453
 
 
   
Twelve Months Ended
 
   
December 31,
 
   
2022
   
2023
 
             
 Cost of revenues - Subscription
 
$
2,264
   
$
4,178
 
 Cost of revenues - Perpetual license
   
143
     
45
 
 Cost of revenues - Maintenance and Professional services
   
12,653
     
13,389
 
 Research and development
   
27,102
     
29,458
 
 Sales and marketing
   
51,099
     
58,790
 
 General and administrative
   
27,560
     
34,241
 
                 
 Total share-based compensation
 
$
120,821
   
$
140,101
 

   
Twelve Months Ended
 
   
December 31,
 
   
2022
   
2023
 
             
 Cost of revenues - Subscription
 
$
5,894
   
$
6,817
 
 Cost of revenues - Perpetual license
   
150
     
-
 
 Sales and marketing
   
611
     
547
 
                 
 Total amortization of intangible assets
 
$
6,655
   
$
7,364
 
                 
(3) Classified as Cost of revenues - Subscription.
               

A - 2

Appendix B
 
AMENDED INDEMNIFICATION AGREEMENT
 
INDEMNIFICATION AGREEMENT
 
 
THIS INDEMNIFICATION AGREEMENT (the “Agreement”), dated as of [________], 2024, is entered into by and between CyberArk Software Ltd. an Israeli company whose address is 9 Hapsagot St., Park Ofer 2, POB 3143, Petach-Tikva, 4951040, Israel (the “Company”), and the director or officer of the Company whose name appears on the signature page hereto (the “Indemnitee”).
 
WHEREAS,
Indemnitee is an Office Holder (“Nosse Misra”), as such term is defined in the Companies Law, 5759–1999, as amended (the Companies Law” and “Office Holder” respectively), of the Company, and, at the request of the Company, may serve in the capacity of an Office Holder of a company controlled by the Company;
 
WHEREAS,
both the Company and Indemnitee recognize the increased risk of litigation and other claims being asserted against Office Holders of companies and that highly competent persons have become more reluctant to serve corporations as directors and officers or in other capacities unless they are provided with adequate protection through insurance or adequate indemnification against inordinate risks of claims and actions against them arising out of their service to, and activities on behalf of, companies;
 
WHEREAS,
the Amended and Restated Articles of Association of the Company (the “Articles of Association”) authorize the Company to indemnify and advance expenses to its Office Holders and provide for insurance and exculpation to its Office Holders, in each case, to the fullest extent permitted by applicable law;
 
WHEREAS,
the Company has determined that (i) the increased difficulty in attracting and retaining competent persons is detrimental to the best interests of the Company’s shareholders and that the Company should act to assure such persons that there will be increased certainty of such protection in the future, and (ii) it is reasonable, prudent and necessary for the Company contractually to obligate itself to indemnify, and to advance expenses on behalf of, such persons to the fullest extent permitted by applicable law, so that they will serve or continue to serve the Company directly or, at the Company’s request, through another entity controlled by the Company, free from undue concern that they will not be so indemnified; and
 
WHEREAS,
in recognition of Indemnitee’s need for substantial protection against personal liability in order to assure Indemnitee’s continued service to the Company directly or, at the Company’s request, through another entity  controlled by the Company, in an effective manner and, in part, in order to provide Indemnitee with specific contractual assurance that the indemnification, insurance and exculpation afforded by the Articles of Association will be available to Indemnitee, the Company wishes to undertake in this Agreement for the indemnification of and the advancing of expenses to Indemnitee to the fullest extent permitted by applicable law and as set forth in this Agreement and provide for insurance and exculpation of Indemnitee as set forth in this Agreement.
 
NOW, THEREFORE, the parties hereto agree as follows:
 

1.
INDEMNIFICATION AND INSURANCE.
 

1.1
The Company hereby undertakes to indemnify Indemnitee to the fullest extent permitted by applicable law for any liability and expense specified in Sections 1.1 through 1.1.4 below, imposed on Indemnitee due to or in connection with an act performed by such Indemnitee, either prior to or after the date hereof, in Indemnitee’s capacity as an Office Holder, including, without limitation, as a director, officer, employee, agent or fiduciary of the Company, any subsidiary thereof or any other corporation, collaboration, partnership, joint venture, trust or other enterprise, in which Indemnitee serves at any time at the request of the Company (the “Corporate Capacity”). The term “act performed in Indemnitee’s capacity as an Office Holder” shall include, without limitation, any act, omission or failure to act and any other circumstances relating to or arising from Indemnitee’s service in a Corporate Capacity. The following shall be hereinafter referred to as “Indemnifiable Events”:
 

1.1.1.
Financial liability imposed on Indemnitee in favor of any person pursuant to a judgment, including a judgment rendered in the context of a settlement or an arbitrator’s award approved by a court. For purposes of Section 1 of this Agreement, the term “person” shall include, without limitation, a natural person, firm, partnership, joint venture, trust, company, corporation, limited liability entity, unincorporated organization, estate, government, municipality, or any political, governmental, regulatory or similar agency or body;
 

1.1.2.
Reasonable Expenses (as defined below) expended by Indemnitee as a result of an investigation or any proceeding instituted against the Indemnitee by an authority that is authorized to conduct such investigation or proceeding, and that was concluded without filing an indictment against the Indemnitee and without imposing on the Indemnitee a financial liability in lieu of a criminal proceeding, or that was concluded without filing an indictment against the Indemnitee but imposing a financial liability in lieu of a criminal proceeding in an offence that does not require proof of mens rea, or in connection with a financial sanction. In this section “conclusion of a proceeding without filing an indictment in a matter in which a criminal investigation has been instigated” and “financial liability in lieu of a criminal proceeding” shall have the meaning assigned to such terms under the Companies Law, and the term “financial sanction” shall mean such term as referred to in Section 260(a)(1a) of the Companies Law;
 

1.1.3.
Reasonable Expenses expended by or imposed on Indemnitee by a court, in a proceeding instituted against Indemnitee by the Company or on its behalf or by another person, or in a criminal charge from which Indemnitee was acquitted or in which Indemnitee convicted of an offence that does not require proof of mens rea; and
 

1.1.4.
Any other event, occurrence, matter or circumstances under any law with respect to which the Company may, or will be able to, indemnify an Office Holder (including, without limitation, in accordance with Section 56h(b)(1) of the Israeli Securities Law 5728-1968 (the “Israeli Securities Law”), if applicable, and Section 50P(b)(2) of the Israeli Economic Competition Law, 5758-1988 (the “Economic Competition Law”)).
 
For the purpose of this Agreement, “Expenses” shall include, without limitation, legal fees and all other costs, expenses and obligations paid or incurred by Indemnitee in connection with investigating, defending, being a witness in or participating in (including on appeal), or preparing to defend, be a witness in or participate in any claim, action, suit, proceeding, alternative dispute resolution mechanism, hearing, inquiry or investigation relating to any matter for which indemnification hereunder may be provided. Expenses shall be considered paid or incurred by Indemnitee at such time as Indemnitee is required to pay or incur such cost or expenses, including upon receipt of an invoice or payment demand. The Company shall pay the Expenses in accordance with the provisions of Section 1.3.
 
B - 2


1.2
Notwithstanding anything herein to the contrary, the Company’s undertaking to indemnify the Indemnitee under Section 1.1 shall only be with respect to events described in Exhibit A hereto (without limitation of the Company's ability to indemnity retroactively, at its discretion and subject to applicable law). The Board of Directors of the Company (the “Board”) has determined that the categories of events listed in Exhibit A are foreseeable in light of the operations of the Company. The maximum amount of indemnification payable by the Company to the Indemnitee under Section 1.1 and other indemnitees under similar indemnification agreements with the Company (the “Indemnifiable Persons”) shall be as set forth in Exhibit A hereto (the “Limit Amount”) for each five year period commencing on [________], and for every subsequent five year period thereafter, and shall apply to all Indemnifiable Persons, in the aggregate. If the Limit Amount is insufficient to cover all the indemnity amounts payable with respect to all Indemnifiable Persons during the relevant five year period, then such amount shall be allocated to such Indemnifiable Persons pro rata according to the percentage of their culpability, as finally determined by a court in the relevant claim, or, absent such determination or in the event such persons are parties to different claims, based on an equal pro rata allocation among such Indemnifiable Persons. The Limit Amount payable by the Company as described in Exhibit A is deemed by the Company to be reasonable in light of the circumstances. The indemnification provided under Section 1.1 herein shall not be subject to the limitations imposed by this Section 1.2 and Exhibit A if and to the extent such limits are not or are no longer required by the Companies Law.
 

1.3
If so requested by Indemnitee in writing, and subject to the Company’s repayment and reimbursements rights set forth in Sections 3 and 5 below, the Company shall pay amounts to cover Indemnitee’s Expenses with respect to which Indemnitee is entitled to be indemnified under Section 1 above, as and when incurred. The payments of such amounts shall be made by the Company directly to the Indemnitee’s legal and other advisors, as soon as practicable, but in any event no later than fifteen (15) days after written demand by such Indemnitee therefor to the Company, and any such payment shall be deemed to constitute indemnification hereunder. As part of the aforementioned undertaking, the Company will make available to Indemnitee any security or guarantee that Indemnitee may be required to post in accordance with an interim decision given by a court, governmental or administrative body, or an arbitrator, including for the purpose of substituting liens imposed on Indemnitee’s assets.
 

1.4
The Company’s obligation to indemnify Indemnitee and advance Expenses in accordance with this Agreement shall be for such period (the “Indemnification Period”) as Indemnitee shall be subject to any actual, possible or threatened claim, action, suit, demand or proceeding or any inquiry or investigation, whether civil, criminal or investigative, arising out of the Indemnitee’s service in the Corporate Capacity as described in Section 1 above, whether or not Indemnitee is still serving in such position.
 

1.5
The Company undertakes that, subject to the mandatory limitations under applicable law, as long as it may be obligated to provide indemnification and advance Expenses under this Agreement, the Company will purchase and maintain in effect directors and officers liability insurance, which will include coverage for the benefit of the Indemnitee, providing coverage in amounts as reasonably determined by the Board; provided that, the Company shall have no obligation to obtain or maintain directors and officers insurance if the Company determines in good faith that such insurance is not reasonably available, or the premium for such insurance is disproportionate to the limits of liability provided, or the coverage provided by such insurance is  limited by exclusions that result in insufficient coverage. The Company hereby undertakes to notify the Indemnitee 30 days prior to the expiration or termination of the directors and officers liability insurance.
 

1.6
The Company undertakes to give prompt written notice of the commencement of any claim hereunder to the insurers in accordance with the procedures set forth in the appliable insurance policy or policies. The Company shall thereafter diligently take all actions reasonably necessary under the circumstances to cause such insurers to indemnify and/or pay, on behalf of Indemnitee, all amounts payable as a result of such action, suit, proceeding, inquiry or official investigation in accordance with the terms of such policy or policies. The above shall not derogate from Company’s authority to freely negotiate or reach any compromise with the insurer which is reasonable at the Company’s sole discretion provided that the Company shall act in good faith and in a diligent manner.
 
B - 3

2.
SPECIFIC LIMITATIONS ON INDEMNIFICATION.
 
Notwithstanding anything to the contrary in this Agreement, the Company shall not indemnify or advance Expenses to Indemnitee with respect to (i) any act, event or circumstance with respect to which it is prohibited to do so under applicable law, or (ii) a counter claim made by the Company or in its name in connection with a claim against the Company filed by the Indemnitee.
 
3.
REPAYMENT OF EXPENSES.
 

3.1
In the event that the Company provides or is required to provide indemnification with respect to Expenses hereunder and at any time thereafter the Company determines, based on advice from its legal counsel, that the Indemnitee was not entitled to such payments, the amounts so indemnified by the Company will be promptly repaid by Indemnitee, unless the Indemnitee disputes the Company’s determination, in which case the Indemnitee’s obligation to repay to the Company shall be postponed until such dispute is resolved.
 

3.2
Indemnitee’s obligation to repay the Company for any Expenses or other sums paid hereunder shall be deemed as a loan given to Indemnitee by the Company subject to the minimum interest rate prescribed by Section 3(9) of the Income Tax Ordinance [New Version], 1961, or any other legislation replacing it, which is not considered a taxable benefit.
 
4.
SUBROGATION.
 
In the event of payment under this Agreement, the Company shall be subrogated to the extent of such payment to all of the rights of recovery of Indemnitee, who shall execute all documents required and shall do everything that may be necessary to secure such rights, including the execution of such documents necessary to enable the Company effectively to bring suit to enforce such rights.
 
5.
REIMBURSEMENT.
 

5.1
Notwithstanding any other provision of this Agreement, to the extent that Indemnitee is a witness or is made (or asked to) respond to discovery requests in any proceeding involving the Company, any subsidiary thereof, any another person in which Indemnitee serves at any time at the request of the Company, its officers or directors, in their Corporate Capacities, to which Indemnitee is not a party, Indemnitee shall be indemnified against all expenses paid or incurred by Indemnitee in connection therewith and in the manner set forth in this Agreement.
 

5.2
The Company shall not be liable under this Agreement to make any payment in connection with any Indemnifiable Event to the extent Indemnitee has otherwise actually received payment under any insurance policy or otherwise (without any obligation of Indemnitee to repay any such amount) of the amounts otherwise indemnifiable hereunder. Any amounts paid to Indemnitee under such insurance policy or otherwise after the Company has indemnified Indemnitee for such liability or Expense shall be repaid to the Company promptly upon receipt by Indemnitee, in accordance with the terms set forth in Section 3.2.
 
B - 4

6.
EFFECTIVENESS.
 
The Company represents and warrants that this Agreement is valid, binding and enforceable in accordance with its terms and was duly adopted and approved by the Company and shall be in full force and effect immediately upon its execution.
 
7.
NOTIFICATION AND DEFENSE OF CLAIM.
 
Indemnitee shall notify the Company of the commencement of any action, suit or proceeding, and of the receipt of any notice or threat that any such legal proceeding has been or shall or may be initiated against Indemnitee (including any proceedings by or against the Company and any subsidiary thereof), promptly upon Indemnitee first becoming so aware; but the omission so to notify the Company will not relieve the Company from any liability which it may have to Indemnitee under this Agreement unless and to the extent that such failure to provide notice prejudices the Company’s ability to defend such action. Notice to the Company shall be directed to the Chief Executive Officer or Chief Financial Officer of the Company at the address shown in the preamble to this Agreement (or such other address as the Company shall designate in writing to Indemnitee). With respect to any such action, suit or proceeding as to which Indemnitee notifies the Company of the commencement thereof and without derogating from Sections 1 and 1.1.5:
 

7.1
The Company will be entitled to participate therein at its own expense.
 

7.2
Except as otherwise provided below, the Company, alone or jointly with any other indemnifying party similarly notified, will be entitled to assume the defense thereof, with counsel selected by the Company. Indemnitee shall have the right to employ his or her own counsel in such action, suit or proceeding, but the fees and expenses of such counsel incurred after notice from the Company of its assumption of the defense thereof shall be at the expense of Indemnitee, unless: (i) the employment of counsel by Indemnitee has been authorized in writing by the Company; (ii) the Company, in good faith, reasonably concluded that there may be a conflict of interest between the Company and Indemnitee in the conduct of the defense of such action; or (iii) the Company has not in fact employed counsel to assume the defense of such action within reasonable time, in which cases the reasonable fees and expenses of Indemnitee’s counsel shall be at the expense of the Company. The Company shall not be entitled to assume the defense of any action, suit or proceeding brought by or on behalf of the Company or as to which Indemnitee and the Company shall have reached the conclusion specified in (ii) above.
 

7.3
The Company shall not be liable to indemnify Indemnitee under this Agreement for any amounts or expenses paid in connection with a settlement of any action, claim or otherwise, effected without the Company’s prior written consent.
 

7.4
The Company shall have the right to conduct the defense as it sees fit in its sole discretion (provided that the Company shall conduct the defense in good faith and in a diligent manner), including the right to settle or compromise any claim or to consent to the entry of any judgment against Indemnitee without the consent of the Indemnitee, provided that, the amount of such settlement, compromise or judgment does not exceed the Limit Amount (if applicable) and is fully indemnifiable pursuant to this Agreement (subject to Section 1.1.2 of this Agreement) and/or applicable law, and any such settlement, compromise or judgment does not  impose any penalty or limitation on Indemnitee without the Indemnitee’s prior written consent. The Indemnitee’s consent shall not be required if the settlement includes a complete release of Indemnitee, does not contain any admission of wrong-doing by Indemnitee, and includes monetary sanctions only as provided above. In the case of criminal proceedings the Company and/or its legal counsel will not have the right to plead guilty or agree to a plea-bargain in the Indemnitee’s name without the Indemnitee’s prior written consent. Neither the Company nor Indemnitee will unreasonably withhold or delay their consent to any proposed settlement.
 
B - 5


7.5
Indemnitee shall fully cooperate with the Company and shall give the Company all information and access to documents, files and to his or her advisors and representatives as shall be within Indemnitee’s power, in every reasonable way as may be required by the Company with respect to any claim which is the subject matter of this Agreement and in the defense of other claims asserted against the Company (other than claims asserted by Indemnitee), provided that the Company shall cover all expenses, costs and fees incidental thereto such that the Indemnitee will not be required to pay or bear such expenses, costs and fees.
 

7.6
If the Company fails to comply with any of its material obligations under this Agreement or in the event that the Company or any other person takes any action to declare this Agreement void or unenforceable, or institutes any action, suit or proceeding to deny or to recover from Indemnitee the benefits intended to be provided to Indemnitee hereunder, except with respect to such actions, suits or proceedings brought by the Company that are resolved in favor of the Company, Indemnitee shall have the right to retain counsel of Indemnitee’s choice, and reasonably acceptable to the Company and at the expense of the Company, to represent Indemnitee in connection with any such matter, to the extent that such matter is within the provisions of Section 1 hereof.
 
8.
EXCULPATION.
 
Subject to the provisions of the Companies Law, the Company hereby releases, in advance, the Office Holder from liability to the Company for any damage that arises from the breach of the Office Holder’s duty of care (within the meaning of such terms under Sections 252 and 253 of the Companies Law), other than breach of the duty of care towards the Company in a distribution (as such term is defined in the Companies Law).
 
9.
NON-EXCLUSIVITY.
 
The rights of the Indemnitee hereunder shall not be deemed exclusive of any other rights Indemnitee may have under the Articles of Association, applicable law or otherwise, and to the extent that during the Indemnification Period the indemnification rights of the then serving directors and officers are more favorable to such directors or officers than the indemnification rights provided under this Agreement to Indemnitee, Indemnitee shall be entitled to the full benefits of such more favorable indemnification rights to the extent permitted by law.
 
10.
PARTIAL INDEMNIFICATION.
 
If Indemnitee is entitled under any provision of this Agreement to indemnification by the Company for some or a portion of the expenses, judgments, fines or penalties actually or reasonably incurred by Indemnitee in connection with any proceedings, but not, however, for the total amount thereof, the Company shall nevertheless indemnify Indemnitee for the portion of such expenses, judgments, fines or penalties to which Indemnitee is entitled under any provision of this Agreement. Subject to the provisions of Section 5 above, any amount received by Indemnitee (under any insurance policy or otherwise) shall not reduce the Limit Amount hereunder and shall not derogate from the Company’s obligation to indemnify the Indemnitee in accordance with the provisions of this Agreement up to the Limit Amount, as set forth in Section 1.1.2.
 
B - 6

11.
BINDING EFFECT.
 
This Agreement shall be binding upon and inure to the benefit of and be enforceable by the parties hereto and their respective successors and permitted assigns. In the event of a merger or consolidation of the Company or a transfer or disposition of all or substantially all of the business or assets of the Company, the Indemnitee shall be entitled to the same indemnification and insurance provisions as the most favorable indemnification and insurance provisions afforded to the then-serving Office Holders of the Company. In the event that in connection with such transaction the Company purchases a directors and officers’ “tail” or “run-off” policy for the benefit of its then serving Office Holders, then such policy shall cover Indemnitee and such coverage shall be deemed to be in satisfaction of the insurance requirements under this Agreement. This Agreement shall continue in effect during the Indemnification Period regardless of whether Indemnitee continues to serve in a Corporate Capacity.
 
Any amendment to the Companies Law, the Israeli Securities Law, the Economic Competition Law or other applicable law adversely affecting the right of the Indemnitee to be indemnified, insured or released pursuant hereto shall be prospective in effect, and shall not affect the Company’s obligation or ability to indemnify or insure the Indemnitee for any act or omission occurring prior to such amendment, unless otherwise provided by applicable law.
 
12.
SEVERABILITY.
 
The provisions of this Agreement shall be deemed severable and the invalidity or unenforceability of any provision shall not affect the validity or enforceability of the other provisions hereof.  If any provision of this Agreement, or the application thereof or any circumstance, is invalid or unenforceable, (a) a suitable and equitable provision shall be substituted therefor in order to carry out, so far as may be valid and enforceable, the intent and purpose of such invalid or unenforceable provision and (b) the remainder of this Agreement and the application of such provision or circumstances shall not be affected by such invalidity or unenforceability, nor shall such invalidity or unenforceability affect the validity or enforceability of such provision, or the application thereof, in any other jurisdiction.
 
13.
NOTICE.
 
All notices and other communications pursuant to this Agreement shall be in writing and shall be deemed provided if delivered personally, telecopied, sent by electronic facsimile, email, reputable overnight courier or mailed by registered or certified mail (return receipt requested), postage prepaid, to the parties at the addresses shown in the preamble to this Agreement, or to such other address as the party to whom notice is to be given may have furnished to the other party hereto in writing in accordance herewith. Any such notice or communication shall be deemed to have been delivered and received (i) in the case of personal delivery, on the date of such delivery, (ii) in the case of telecopier or an electronic facsimile or email, one business day after the date of transmission if confirmation of receipt is received, (iii) in the case of a reputable overnight courier, three business days after deposit with such reputable overnight courier service, and (iv) in the case of mailing, on the seventh business day following that on which the mail containing such communication is posted.
 
14.
GOVERNING LAW; JURISDICTION.
 
This Agreement shall be governed by and construed and enforced in accordance with the laws of the State of Israel, without giving effect to the conflicts of law provisions of those laws. The Company and Indemnitee each hereby irrevocably consent to the exclusive jurisdiction and venue of the courts of Tel Aviv, Israel for all purposes in connection with any action or proceeding which arises out of or relates to this Agreement.
 
B - 7

15.
ENTIRE AGREEMENT.
 
This Agreement represents the entire agreement between the parties and supersedes any other agreements, contracts or understandings between the parties, whether written or oral, with respect to the subject matter of this Agreement.
 
Notwithstanding the foregoing, the indemnification obligation set forth in this Agreement will also apply, subject to the terms, conditions and limitations set forth in this Agreement, with respect to actions committed, in Indemnitee’s capacity as an Office Holder of the Company or of any affiliate, during the period prior to the date of this Agreement.
 
16.
ADVERSE PRESUMPTION.
 
Neither the settlement nor termination of any proceeding nor the failure of the Company to award indemnification or to determine that indemnification is payable shall create an adverse presumption that Indemnitee is not entitled to indemnification hereunder. In addition, the termination of any proceeding by judgment or order (unless such judgment or order provides so specifically) or settlement, shall not create a presumption that Indemnitee did not act in good faith and in a manner which Indemnitee reasonably believed to be in or not opposed to the best interests of the Company or, with respect to any criminal action or proceeding, had reasonable cause to believe that Indemnitee’s action was unlawful.
 
17.
NO MODIFICATION AND NO WAIVER.
 
No supplement, modification or amendment, termination or cancellation of this Agreement shall be binding unless executed in writing by both of the parties hereto. No waiver of any of the provisions of this Agreement shall be deemed or shall constitute a waiver of any other provisions hereof (whether or not similar) nor shall such waiver constitute a continuing waiver. Any waiver shall be in writing.
 
18.
ASSIGNMENTS; NO THIRD PARTY RIGHTS
 
Neither party hereto may assign any of its rights or obligations hereunder except with the express prior written consent of the other party (except in the case of a merger or consolidation of the Company or a transfer or disposition of all or substantially all of the business or assets of the Company,  but subject to Section 11). Nothing herein shall be deemed to create or imply an obligation for the benefit of a third party. Without limitation of the foregoing, nothing herein shall be deemed to create any right of any insurer that provides directors and officers’ liability insurance, to claim, on behalf of Indemnitee, any rights hereunder.
 
19.
SUCCESSORS.
 
Notwithstanding anything to the contrary herein, this Agreement shall continue for the benefit of Indemnitee’s heirs', personal representatives', executors' and administrators' benefit after Indemnitee ceases to be an Office Holder of the Company.
 
B - 8

20.
INTERPRETATION; DEFINITIONS.
 
Unless the context shall otherwise require: words in the singular shall also include the plural, and vice versa; any pronoun shall include the corresponding masculine, feminine and neuter forms; the words “include”, “includes” and “including” shall be deemed to be followed by the phrase “without limitation”; the words “herein”, “hereof” and “hereunder” and words of similar import refer to this Agreement in its entirety and not to any part hereof; all references herein to Sections or clauses shall be deemed references to Sections or clauses of this Agreement; any references to any agreement or other instrument or law, statute or regulation are to it as amended, supplemented or restated, from time to time (and, in the case of any law, to any successor provisions or re-enactment or modification thereof being in force at the time); any reference to “law” shall include any supranational, national, federal, state, local, or foreign statute or law and all rules and regulations promulgated thereunder; any reference to a “day” or a number of “days” (without any explicit reference otherwise, such as to business days) shall be interpreted as a reference to a calendar day or number of calendar days; reference to month or year means according to the Gregorian calendar; reference to a “company”, “corporate body” or “entity” shall include a, partnership, firm, company, corporation, limited liability company, association, joint venture, trust, unincorporated organization, estate, or a government municipality or any political, governmental, regulatory or similar agency or body, and reference to a “person” shall mean any of the foregoing or a natural person.
 
21.
COUNTERPARTS
 
This Agreement may be executed in any number of counterparts, each of which shall be deemed an original and enforceable against the parties actually executing such counterpart, and all of which together shall constitute one and the same instrument; it being understood that parties need not sign the same counterpart. The exchange of an executed Agreement (in counterparts or otherwise) by facsimile or by electronic delivery in pdf format shall be sufficient to bind the parties to the terms and conditions of this Agreement, as an original.
 
[SIGNATURE PAGE TO FOLLOW]
 
B - 9

IN WITNESS WHEREOF, the parties, each acting under due and proper authority, have executed this Indemnification Agreement as of the date first mentioned above, in one or more counterparts.
 
CyberArk Software Ltd.

By:


 

Name and title:



Indemnitee

Name:


 

Signature:


 
B - 10

EXHIBIT A*
 
CATEGORY OF INDEMNIFIABLE EVENT

1.
Matters, events, occurrences or circumstances in connection or associated with employment relationships with employees or consultants or any employee union or similar or comparable organization.

2.
Matters, events, occurrences or circumstances in connection or associated with business relations of any kind between the Company and its employees, independent contractors, customers, suppliers, partners, distributors, agents, resellers, representatives, licensors, licensees, service providers and other business associates.

3.
Negotiations, execution, delivery and performance of agreements of any kind or nature and any decisions or deliberations relating to actions or omissions relating to the foregoing; any acts, omissions or circumstances that do or may constitute or are alleged to constitute anti-competitive acts, acts of commercial wrongdoing, or failure to meet any standard of conduct which is or may be applicable to such acts, omissions or circumstances.

4.
Approval of and recommendation or information provided to shareholders with respect to any and all corporate actions, including the approval of the acts of the Company’s management, their guidance and their supervision, matters relating to the approval of transactions with Office Holders (including, without limitation, all compensation related matters) or shareholders, including controlling persons and claims and allegations of failure to exercise business judgment, reasonable level of proficiency, expertise, care or any other applicable standard, with respect to the foregoing or otherwise with respect to the Company’s business, strategy, operations and prospective outlook, and any discussions, deliberations, reviews or other preparatory or preliminary phases relating to any of the foregoing.

5.
Violation, infringement, misappropriation, dilution and other misuse of copyrights, patents, designs, trade secrets, confidential information, proprietary information and any intellectual property rights, acts in connection with the registration, assertion or protection of rights to intellectual property and the defense of claims related to intellectual property, breach of confidentiality obligations, acts in regard of invasion of privacy or any violation of privacy or privacy related right or regulation, including with respect to databases or handling, collection or use of private information, acts in connection with slander and defamation, and claims in connection with publishing or providing any information, including any filings with any governmental authorities, whether or not required under any applicable laws.

6.
Violations of or failure to comply with securities laws, and any regulations or other rules promulgated thereunder, of any jurisdiction, including without limitation, claims under the U.S. Securities Act of 1933 or the U.S. Exchange Act of 1934 or under the Israeli Securities Law, fraudulent disclosure claims, failure to comply with any securities authority or any stock exchange disclosure or other rules and any other claims relating to relationships with investors, debt holders, shareholders, optionholders, holders of any other equity or debt instrument of the Company, and otherwise with the investment community (including without limitation any such claims relating to a merger, acquisition, change in control transaction, issuance of securities, restructuring, spin out, spin off, divestiture, recapitalization or any other transaction relating to the corporate structure or organization of the Company); claims relating to or arising out of financing arrangements, any breach of financial covenants or other obligations towards investors, lenders or debt holders, class actions, violations of laws requiring the Company to obtain regulatory and governmental licenses, permits and authorizations in any jurisdiction, including in connection with disclosure, offering or other transaction related documents; actions taken in connection with the issuance, purchase, holding or disposition of any type of securities of Company, including, without limitation, the grant of options, warrants or other rights to purchase any of the same or any offering of the Company’s securities (whether on behalf of the Company or on behalf of any holders of securities of the Company) to private investors, underwriters, resellers or to the public, and listing of such securities, or the offer by the Company to purchase securities from the public or from private investors or other holders, and any undertakings, representations, warranties and other obligations related to any of the foregoing or to the Company’s status as a public company or as an issuer of securities.

1

7.          
Liabilities arising in connection with any products or services developed, distributed, rendered, sold, provided, licensed or marketed by the Company or any Affiliate thereof, and any actions or omissions in connection with the distribution, provision, sale, marketing, license or use of such products or services, including without limitation in connection with professional liability and product liability claims or regulatory or reputational matters.

8.          
The offering of securities by the Company (whether on behalf of itself or on behalf of any holder of securities and any other person) to the public and/or to offerees or the offer by the Company to purchase securities from the public and/or from private investors or other holders pursuant to a prospectus, offering documents, agreements, notices, reports, tenders and/or other processes.

9.          
Events, facts or circumstances in connection with change in ownership or in the structure of the Company, its reorganization, dissolution, winding up, any other arrangements concerning creditors rights, merger, change in control, issuances of securities, restructuring, spin out, spin off, divestiture, recapitalization or any other transaction relating to the corporate structure or organization of the Company, and the approval of failure to approve of any corporate actions and any matters relating to corporate governance, capital structure, Articles of Association or other charter or governance documents, appointment or dismissal of Office Holders or compensation thereof and appointment or dismissal of auditors, internal auditor or any other person performing any services for the Company.

10.          
Any claim or demand made in connection with any transaction not in the ordinary course of business of the Company, as well as the sale, lease, purchase or acquisition of, or the receipt or grant of any rights with respect to, any assets or business.

11.          
Any claim or demand made by any third party suffering any personal injury and/or bodily injury or damage to business or personal property or any other type of damage through any act or omission attributed to the Company, or its employees, agents or other persons acting or allegedly acting on its behalf, including, without limitation, failure to make proper safety arrangements for the Company or its employees and liabilities arising from any accidental or continuous damage or harm to the Company’s employees, its contractors, its guests and visitors or any other third party as a result of an accidental or continuous event, or employment conditions, permanent or temporary, in the Company’s offices.

12.          
Any claim or demand made directly or indirectly in connection with complete or partial failure, by the Company or its directors, officers, employees or contractors, to pay, report, keep applicable records or otherwise, of any local or foreign federal, state, county, municipal or city taxes or other taxes or compulsory payments of any nature whatsoever, including, without limitation, income, sales, use, transfer, excise, value added, registration, severance, stamp, occupation, customs, duties, real property, personal property, capital stock, social security, unemployment, disability, payroll or employee withholding or other withholding, including any interest, penalty or addition thereto, whether disputed or not.

13.          
Any administrative, regulatory, judicial or civil actions orders,decrees, suits, demands, demand letters, directives, claims, liens, investigations, proceedings or notices of noncompliance or violation by any governmental entity or other person alleging potential responsibility or liability (including potential responsibility or liability for costs of enforcement investigation, cleanup, governmental response, removal or remediation, for natural resources damages, property damage, personal injuries or penalties or for contribution,  indemnification, cost recovery, compensation or injunctive relief) arising out of, based on or related to (a) the presence of, release, spill, emission, leaning, dumping, pouring, deposit, disposal, discharge, leaching or migration into the environment (each a “Release”) or threatened Release of, or exposure to, any hazardous, toxic, explosive or radioactive substances, wastes or other pollutants, including petroleum or petroleum distillates, asbestos or asbestos-containing material, polychlorinated biphenyls (“PCBs”) or PCB-containing materials or equipment, radon gas, infectious or medical wastes and all other substances or wastes of any nature regulated pursuant to any environmental law, at any location, whether or not owned, operated, leased or managed by the Company or any of its subsidiaries, or (b) circumstances forming the basis of any violation of any environmental law or environmental permit, license, registration or other authorization required under applicable environmental law.

2

14.          
Any administrative, regulatory or judicial actions, orders, decrees, suits, demands, demand letters, directives, claims, liens, investigations, proceedings or notices of noncompliance or violation by any governmental or regulatory entity or authority or any other person alleging the failure to comply with any statute, law, ordinance, rule, regulation, order or decree of any governmental entity applicable to the Company or any of its businesses, assets or operations, or the terms and conditions of any operating certificate or licensing agreement.

15.          
Participation and/or non-participation at the Company’s Board meetings,  expression of opinion or view and/or voting and/or abstention from voting at the Company’s Board meetings, including, in each case, any committee thereof, as well as expression of opinion publicly in connection with the service as an Office Holder.

16.          
Review and approval of the Company’s financial statements and any specific items or matters within, including any action, consent or approval related to or arising from the foregoing, including, without limitations, engagement of or execution of certificates for the benefit of third parties related to the financial statements.

17.          
Violation of laws, rules or regulations requiring the Company to obtain regulatory and governmental licenses, permits and authorizations (including without limitation relating to export, import, encryption, antitrust or competition authorities) or laws related to any governmental grants in any jurisdiction.

18.          
Resolutions and/or actions relating to investments in the Company and/or its subsidiaries and/or affiliated companies and/or investment in corporate or other entities and/or investments in other traded or non-traded securities and/or any other form of investment.

19.          
Liabilities arising out of advertising, including misrepresentations regarding the Company’s products or services and unlawful distribution of emails.

20.          
Management of the Company’s bank accounts, including money management, foreign currency deposits, securities, loans and credit facilities, credit cards, bank guarantees, letters of credit, consultation agreements concerning investments including with portfolio managers, hedging transactions, options, futures, and the like.

3

21.          
All actions, consents and approvals, including any prior discussions, reviews and deliberations, relating to a distribution of dividends, in cash or otherwise, or to any other “distribution” as such term is defined under the Companies Law.

22.          
Any administrative, regulatory, judicial, civil or criminal, actions orders, decrees, suits, demands, demand letters, directives, claims, liens, investigations, proceedings or notices of noncompliance, violation or breaches alleging potential responsibility, liability, loss or damage (including potential responsibility or liability for costs of enforcement, investigation, cleanup, governmental response, removal or remediation, property damage or penalties, or for contribution,  indemnification, cost recovery, compensation or injunctive relief), whether alleged or claimed by customers, partners, vendors, consumers, regulators, shareholders or others, arising out of, based on or related to: (a) cyber security, cyber attacks, data loss or breaches, unauthorized access to information, data, or databases (including but not limited to any personally identifiable information or private health information) and use or disclosure of information contained therein, not preventing or detecting the breach or failing to otherwise disclose or respond to the breach; (b) circumstances forming the basis of any violation of any law, permit, license, registration or other authorization required under applicable law governing data security, data protection, network security, information systems, privacy or any cyber environment (including, users, networks, devices, software, processes, information systems, databases, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks); (c) failure to implement a process, tool, reporting system or control, or failure to monitor or oversee the operation of such a system or process; (d) data destruction, extortion, theft, hacking, and denial of service attacks; losses or liabilities to others caused by errors and omissions, failure to safeguard data or defamation; or (e) security-audit, post-incident public relations and investigative expenses, criminal reward funds, data breach/privacy crisis management (including, management of an incident, investigation, remediation, data subject notification, call management, credit checking for data subjects, legal costs, court attendance and regulatory fines), extortion liability (including, losses due to a threat of extortion, professional fees related to dealing with the extortion), or network security liability (including, losses as a result of denial of access, costs related to data on third-parties and costs related to the theft of data on third-party systems).

 
The Limit Amount for all Indemnifiable Persons during each relevant period referred to in Section 1.2 of the Indemnification Agreement for all events described in this Exhibit A (in Sections 1-22 (inclusive) above), shall be the greater of:
 
(a) twenty-five percent (25%) of the Company’s total shareholders’ equity according to the Company’s most recent financial statements as of the time of the actual payment of indemnification;
(b) US$ 200 million;
(c) ten percent (10%) of the Company Total Market Cap (which shall mean the average closing price of the Company’s ordinary shares over the 30 trading days prior to the actual payment of indemnification multiplied by the total number of issued and outstanding shares of the Company as of the date of actual payment); and
(d) in connection with or arising out of a public offering of the Company’s securities, the aggregate amount of proceeds from the sale by the Company and/or any shareholder of Company’s securities in such offering.
 
*
Any reference in this Exhibit A to the Company shall include the Company and any entity in which the Indemnitee serves in a Corporate Capacity.

4