As a result of our strategy of partnering with other companies for product development, our product delivery schedules could be adversely affected if we experience difficulties with our product development partners.
We partner with certain independent firms and contractors to perform some of our product development activities. We believe our partnering strategy allows us to achieve efficiencies in developing new products and maintaining and enhancing existing product offerings. This strategy creates a dependency on independent developers. Independent developers, including those who currently develop solutions for us in the United States and throughout the world, may not be able or willing to provide development support to us in the future. In addition, use of development resources through consulting relationships, particularly in non-U.S. jurisdictions with developing legal systems, may be adversely impacted by, and expose us to risks relating to, evolving employment, export, and intellectual property laws. These risks could, among other things, expose our intellectual property to misappropriation and result in disruptions to product delivery schedules.
Social and ethical issues relating to the use of artificial intelligence in our offerings may result in reputational harm or liability.
Social and ethical issues relating to the use of new and evolving technologies such as AI in our offerings, may result in reputational harm and liability, and may cause us to incur additional research and development costs to resolve such issues. We are increasingly building AI into many of our offerings. As with many innovations, AI presents risks and challenges that could affect its adoption, and therefore our business. AI presents emerging ethical issues and if we enable or offer solutions that draw controversy due to their perceived or actual impact on society, we may experience brand or reputational harm, competitive harm, or legal liability. Potential government regulation in the space of AI ethics may also increase the burden and cost of research and development in this area, subjecting us to brand or reputational harm, competitive harm, or legal liability. Failure to address AI ethics issues by us or others in our industry could undermine public confidence in AI and slow adoption of AI in our products and services.
Risks Relating to Our Operations
Security incidents may compromise the integrity of our or our customers’ offerings, services, data, or intellectual property, harm our reputation, damage our competitiveness, create additional liability, and adversely impact our financial results.
As we digitize Autodesk and use cloud- and web-based technologies to leverage customer data to deliver the total customer experience, we are exposed to increased security risks and the potential for unauthorized access to, or improper use of, our and our customers’ information. Like other software offerings and systems, ours are vulnerable to security incidents. We devote resources to maintain the security and integrity of our systems, offerings, services, and applications (online, mobile, and desktop). We accomplish this by enhancing security features, conducting penetration tests, code hardening, releasing security vulnerability updates, and accelerating our incident response time. We also provide annual information security training to our employees. Despite these efforts, we may not prevent security incidents, and we may face delays or other difficulties in identifying, responding to, or remediating security incidents.
Hackers regularly have targeted our systems, offerings, services, and applications, and we expect them to do so in the future. Security incidents could disrupt the proper functioning of our systems, solutions, or services; cause errors in the output of our customers’ work; allow unauthorized access to sensitive data or intellectual property, including proprietary or confidential information of ours or our customers; or cause other destructive outcomes. The risk of a security incident, particularly through cyber attack or cyber intrusion, including by computer hackers, foreign governments, and cyber terrorists, has increased as the number, intensity, and sophistication of attempted attacks and intrusions from around the world have increased. These threats include identity theft, unauthorized access, DNS attacks, wireless network attacks, viruses and worms, advanced persistent threat (APT), application-centric attacks, peer-to-peer attacks, phishing, malicious file uploads, backdoor trojans, and distributed denial of service (DDoS) attacks. For example, in December 2020 it was widely
S-23