incidents and lead to third-party claims that our product failures have caused damages to our customers. This risk is enhanced
by the increasingly connected nature of our products and the role they play in managing building systems.
The potential consequences of a material cybersecurity incident include financial loss, reputational damage, adverse health,
safety, and environmental consequences, exposure to legal claims or enforcement actions, theft of intellectual property, fines
levied by the Federal Trade Commission or other governmental organizations, diminution in the value of our investment in
research, development and engineering, and increased cybersecurity protection and remediation costs, which in turn could
materially and adversely affect our competitiveness and results of operations.
Data privacy, identity protection and information security compliance may require significant resources and presents
certain risks.
We collect, store, have access to and otherwise process certain confidential or sensitive data, including proprietary business
information, personal data or other information that is subject to privacy and security laws, regulations and/or customer-
imposed controls. Despite our efforts to protect such data, our business and our products may be vulnerable to material security
breaches, theft, misplaced or lost data, programming errors, or errors that could potentially lead to compromising such data,
improper use of our products, systems, software solutions or networks, unauthorized access, use, disclosure, modification or
destruction of information, defective products, production downtimes and operational disruptions. A significant actual or
perceived risk of theft, loss, fraudulent use or misuse of customer, employee or other data, whether by us, our suppliers, channel
partners, customers or other third parties, as a result of employee error or malfeasance, or as a result of the imaging, software,
security and other products we incorporate into our products, as well as non-compliance with applicable industry standards or
our contractual or other legal obligations or privacy and information security policies regarding such data, could result in costs,
fines, litigation or regulatory actions, or could lead customers to select the products and services of our competitors. Any such
event could harm our reputation, cause unfavorable publicity or otherwise adversely affect certain potential customers’
perception of the security and reliability of our services as well as our credibility and reputation, which could result in lost sales.
In addition, we operate in an environment in which there are different and potentially conflicting data privacy laws in effect in
the various U.S. states and foreign jurisdictions in which we operate and we must understand and comply with each law and
standard in each of these jurisdictions while ensuring the data is secure. For example, proposed regulations restricting the use of
biometric security technology could impact the products and solutions offered by our security business. Government
enforcement actions can be costly and interrupt the regular operation of our business, and violations of data privacy laws can
result in fines, reputational damage and civil lawsuits, any of which may adversely affect our business, reputation and financial
statements.
Failure to increase organizational effectiveness through organizational improvements may reduce our profitability or
adversely impact our business.
Our results of operations, financial condition and cash flows are dependent upon our ability to drive organizational
improvement. We seek to drive improvements through a variety of actions, including integration activities, digital
transformation, business portfolio reviews, productivity initiatives, functionalization, executive management changes, and
business and operating model assessments. Risks associated with these actions include delays in execution, additional
unexpected costs, realization of fewer than estimated productivity improvements, and adverse effects on employee morale. We
may not realize the full operational or financial benefits we expect, the recognition of these benefits may be delayed, and these
actions may potentially disrupt our operations. In addition, our failure to effectively manage organizational changes may lead to
increased attrition and harm our ability to attract and retain key talent.
Infringement or expiration of our intellectual property rights, or allegations that we have infringed upon the intellectual
property rights of third parties, could negatively affect us.
We rely on a combination of trademarks, trade secrets, patents, copyrights, know-how, confidentiality provisions and licensing
arrangements to establish and protect our proprietary rights. We cannot guarantee, however, that the steps we have taken to
protect our intellectual property will be adequate to prevent infringement of our rights or misappropriation or theft of our
technology, trade secrets or know-how. For example, effective patent, trademark, copyright and trade secret protection may be
unavailable or limited in some of the countries in which we operate. In addition, while we generally enter into confidentiality
agreements with our employees and third parties to protect our trade secrets, know-how, business strategy and other proprietary
information, such confidentiality agreements could be breached or otherwise may not provide meaningful protection for our
trade secrets and know-how related to the design, manufacture or operation of our products. From time to time we resort to
litigation to protect our intellectual property rights. Such proceedings can be burdensome and costly, and we may not prevail.
Further, adequate remedies may not be available in the event of an unauthorized use or disclosure of our trade secrets and
manufacturing expertise. Finally, for those products in our portfolio that rely on patent protection, once a patent has expired, the
15