Corero Network Security plc (NYA1.F) Earnings Call Transcript & Summary

Welcome, everybody. We have two presenters today for the Corero Network Security. I have Phil Richards and Carl Herberger. Gentlemen?

Thank you very much. Thanks, [ Fran ]. I'm Carl Herberger, the CEO of Corero; and we have Phil Richards, who is the CFO of Corero. Today, we'll be talking about cybersecurity, which is what we do. What we do is a segment of cybersecurity that deals with cyberattacks to the availability of companies. It's probably something that you're already investing in, in one way, form or function. It's probably something that your company that you're sitting at today needs if it doesn't already have it. And it's possible that you're already leveraging Corero technology as part of that solution. We'll talk about that today, but it's a big part of many people's corporate cybersecurity protection strategies. With that, the obligatory safe harbor statement, and we'll go on to who is Corero. Corero is a leading provider and in many ways a unique provider of DDoS software and hardware solutions in the marketplace that really fuels a big piece of the availability or service availability protection industry within the cybersecurity space. We deliver highly intelligent and automated solutions that perform detection and mitigation, in many cases, sub seconds because of the nature of the threat and the nature of the protections. And we do this, in many ways, through very large business partners that we sell through our solutions. Although you may not have heard of Corero, you probably have heard of many of the companies that we sell through like Juniper Networks, GTT and Akamai. And we actually provide something that's very powerful to service providers. We provide an almost no-risk revenue stream. So a big piece of our business is providing a capability to service providers to keep their customers up and have their customers add more protection sets to their portfolio, providing for a couple of things. One is it gives them more revenue. The second piece of it is it gives them an acknowledgment from the company client who doesn't pick it up, the idea that they forewent the protection, which is also very big in today's world. We're headquartered in London. We have offices in the U.S. and Boston. I'm clearly an American. We'll talk more about my background. And our center of innovation is in Scotland. Nearly everything that we do produce product-wise these days is in the Edinburgh offices. And we're listed both on the AIM and the OTCQB. And the OTCQB is a fairly new evolution to us just this year.

Thanks, Carl. So what happened in '23? We're not going to deal with it too much. It was a great year, but we've got greater things to come. So this is just a snapshot of where we were in last year, and our year-end is the 31st of December. So we cemented our partnership with Akamai, as Carl was talking about, one of the largest provider, players in that space in the world, which gives us great obviously product credibility but also a humongous expansion potential because of the amount of AEs they have. They have 10-plus times the capacity that we have to sell through our product. So it's fantastic. And that keeps on and on delivering, and we had a press release only earlier out this year with the new product update we did together with Akamai for a hybrid car and on-premise solution as well, which you can look at in one of our RNSs. One of the main things we did was actually bring Carl onboard. Now we -- Carl came from one of the key competitors, company called Radware, where he spent 10 years building up their cybersecurity portfolio in the U.S., building up from $3 million to $250 million, plus or minus a couple of pennies here and there. So that was a real key for us. And it's great having someone onboard who really understands the market, but not only knows that but who knows where the contracts are, who knows when the renewals are up, who knows the best selling people in the market. We've got a great pay book, so we can really go after that space with renewed vigor. So that's been fantastic. Having someone based States-side as well, which is where 70% of our revenues are, super important for us. So this has all been really, really good in our evolution. We also have our SmartWall ONE platform, which is an updated service and the way that we integrate all of our products in one platform now and a product update, 12.0, during the year. We secured a $1 million-plus contract with a new channel partner customer, TechEnabler, in Brazil, although this has all been superseded by the big contract signed in 2024. So this $1 million is looking less impressive because of the numbers that we're putting out already in '24. And we're continuing to grow our products. We had a -- and the revenue sources, our ARR growth, I'll talk a bit about the numbers later on, but it was a great year in '23. But really what it did was set us up for '24. That was the real message here. So our business in numbers, just an overview of where we are at, at the moment, as at the end of December. So we did $22.3 million in revenue, up 11% year-on-year. Adjusted EBITDA -- and we only adjust out for -- it's an FX revaluation on a loan, which is now gone, so we won't be adjusting out for anything in EBITDA going forward. We were up 30% year-on-year adjusted EBITDA. ARR was up 17% to $16.9 million. And the great thing about this is, is it effectively almost covers our entire cost base just by our ARR alone, let alone any additional we're adding on every year. 90% gross margin, very high gross margins. Our product is both software, but we can deliver on hardware, but the hardware is not where we make the money. It's through the software stuff, and the hardware is just a means through which we deliver our product, hence, very high gross margins on this. We have a really, really high customer retention rate. They love the product. They also love the service, 97%. And when we lose any customers, it's predominantly because they've been bought out by someone who's already got an incumbent or there's been some other happening there. It's not been anything to do with the product. Got about 80 people worldwide, predominantly U.S., U.K., also in Europe, LatAm, APAC. So we're spread across the world, but mainly U.K. and U.S. is where our focus is. And we have a significant global footprint, and we'll talk a little bit more about how we get into these markets globally in the next few slides. But these are the key numbers. And I think another one, which isn't on here, I'll talk about -- a bit about later on is we're significantly cash generative, got over $5 million, but we've got a lot more than $5 million in the bank now. But as at the end of the year, we had $5.2 million in the bank, no debt, cash generative. So it's been a really good year and we're looking to build on that.

So what is this market, this DDoS market, the service availability market? It's this idea of being able to make sure that people can't get attacked and be taken or rendered disrupted, unavailable or somehow denied their service. And if you think about anything today, you can't do anything without an app. You can't go anywhere and even profess who you are without that capability. So this protection is everything in today's world. It's the way people navigate. It's the way that they actually find their levers. It's everything in everybody's business. It's today a $3.6 billion industry dominated by 2 players that have large share in the neighborhood of 30% to 40% each. I came from one of those players. They're an older set of technology relative to us, and we're essentially representing a challenger brand, both with technology and capability, against them. It's one of the reasons why I came on over to Corero. So we'll talk more about our next-generation capabilities and why we're disruptive. But we're not just disruptive on the tech, but we're seriously disruptive on the price. We are generally 50% less than anybody else in the marketplace. And when you have a market that is growing about 20% CAGR, depending on who you read, it's somewhere between 15% and 25% per year. It's, by good estimates, supposed to grow to $8 billion industry by 2029. So we have significant places to go to be able to actually penetrate and execute on our addressable market. This market is kind of simple. I think of it often people make it quite complicated because the tech requires to be quite complicated to be able to solve these problems, but it's really not that different than water filtration. If you think about your home and you drinking your own water, you have your own determination of whether or not you trust the water from the utilities company who does filter your water. But you also know that probably if you were to take a look at your water after it comes out of the tap and you look at it under a microscope, you might probably be surprised what you find or what you see. And you may might not find that to be a good enough scrub from the water company. And there's many reasons for it. The water goes through from the top, goes through conduit to get to your tap, and there are many reasons you can pick up bad things along the way. It's the same with IT and tech. Your telecom company may or may not filter. Your service provider for your applications may or may not filter. Odds are that if they are filtering, it's quite course filtering. In other words, there's a lot of leakage coming through. The idea that you can actually perform what you need to do in today's world as we go forward with more and more sensitive applications and capabilities and connectivity requirements requires local scrubbing. One is called the scrubbing center and that's the, if you will, utilities-based scrubbing; and one is called a premise-based scrub. We make those filters. So we make both of them. There are very few companies that actually make that tech that can go into those environments in a ubiquitous way. But we do something else that's different, and that's what's really the special sauce from us. We can actually provide for no disruption in your water flow, in your internet flow, in your traffic -- network traffic flow and your application flow. We buy programming, the conduit that you use today, the network devices that are resident and other devices you have to be able to do our dropping command at time of need. And that results in a tremendous reduction in cost, and it results in a tremendous increase in responsiveness and a tremendous decrease in the ability for our company to have complex operations. So it's really a fantastic solution in a marketplace that's yearning for less price and better solutions. Why? The threat environment, it's like everything else in security. The threat environment has been growing, and it's a constant cat and mouse game. In the past, just 10 years ago, a DDoS attack was probably -- could be launched from a kid in a basement that just knew a lot about tech. Today, there's now cartels that build applications like these that you can not know much about anything and be able to leverage these tools, these weapons that have been used to actually be commercialized for people who are up to bad news. So in other words, there's an industry that's building bad weaponry that people can use when they want to take down another company. One as an example is Mirai. It's a botnet. You probably have heard of it. It's reached celebrity status. It's been around in an evolution for about 10 years. It gives you a portfolio, a Chinese menu of things that you can do, and you need to know very, very little, if anything, at all, to be able to launch attacks off of the Mirai botnet. Hajime is a botnet that's very interesting in that it's purported to be the largest botnet. A botnet is device that is actually enslaved by a computer program somewhere and often is the case that the device doesn't even realize -- the owner of the device doesn't even realize that they're actually enslaved as part of an automated bot. So this Hajime is supposed to have at least 1 million devices enslaved, which provides for a platform for a lot of volume-based attacks. And Hajime hasn't been used yet, so nobody really knows what the botnet is being used to be built for. People suggest the nation state capability. BrickerBots, very interesting, and that is another bot that's designed to "brick" a device, and it's been used many times now. And if you're vulnerable to it, it's very, very heinous in that your device will no longer resuscitate. So whereas many DDoS devices and attacks are sort of perishable, they kind of go away over time, for many reasons, BrickerBot, once it actually hits your device, the device actually goes dead and is not resuscitable. What is a DDoS attack and how do they work? It's really an engineering discussion, and it's about a resource that is exhausted. So that's a fancy word to basically say, when you get on to a highway and there's too many cars there and it's all stopped, that's like a DDoS attack in your real world. If you go on to a subway and there's too many people on the subway train, that's the similar analogy in the real world to a DDoS attack. When you have a website that hangs, it has a resource problem, and DDoS attacks are designed to have a small request that generates a large technical reply. And that disparity between the request and the reply is a large piece of the problem and it's an engineering problem that we can actually characterize and we know how to characterize the malicious requests and the interest in a malicious reply and how to mitigate those problems. But like the water, as I suggested, this market has different people that buy it and different concerns. One is in the cloud, in the scrubbing center, and then one is at the tap at the local companies' facilities, and that's called on-premises. If you do both, which is acknowledged engineering-wise everywhere as the highest quality scrub, that's called [ a hybrid ]. And we provide all these capabilities, where you'll find some DDoS companies just do the tech. Some just do the cloud scrub or scrubbing center capability, the utility scrub. And few do the hybrid capability because it's complicated, but it is acknowledged the highest scrub that's out there. We get our business done technically around the world through partners. And we have a lot of very powerful partners now that use us as the top of their line card when a company has a problem in this space. And we're selling largely through these partners to get 2 very strong relationships that they have with managed service providers and Internet service providers and so forth. We've done a lot of press on a lot of the companies that we most recently have been onboarding, and many of these deal sizes are at least $0.25 million, but they're now approaching and many are into -- well into the 7 digits. And this small company seems to know how to do 7-digit deals pretty regularly, pretty routinely, pretty quarterly. So it's a very nice piece for me coming into the company to watch how the sales team knows how to actually build upon a very strong value proposition within a company. Hand it on over to Phil.

So I've talked about most of these numbers before, but just to put them up on a more graphical basis, so you can see the growth story for us over the last 5 years. So we've had significant growth in ARR is probably the most consistent growth on that with a CAGR of over 20% going through from $7.2 million 5 years, going now to $16.9 million and beyond that going forwards as well. We've got a very [ high consistent ] and high growth margins, cash inflow [ now ] cash generative and positive adjusted EBITDA and the revenue growth going up to $22 million. Now the analysts have us growing at about 15% for this year, but it's 1 where we think that's slightly on the conservative side. But it's really been a phenomenal story and one that we're looking to build upon, but for us, our main metric is ARR obviously because that's the one that we get measured on, and that's the one that we'll keep making sure that we're generating cash going forwards as well. So a little bit of our capital structure. Who owns us? What's our market cap? So this fluctuates quite a lot. Our share prices almost doubled in the last 4, 5 months. So the market cap number has changed quite significantly. So we're listed in the U.K. So our listing is in pounds and pence. So our market cap at the moment is around about GBP 61 million, actually slightly updated from this, even though that was only a few days ago. So that's what, just over $70 million. Got about 500 million shares outstanding. We don't have any warrants. We don't have any RSUs. We have some options. We don't have any convertible notes. And we have cash of -- yes, well, as I said, at the end of the year, $5.2 million, but that's significantly up from there at the moment. In terms of shareholder distribution, we have 1 insider who is our Chairman, who owns 36.8% of the company and on top of that, we have a management team that own a few percent as well. We have other significant shareholders, about 53% and the retail is about 10% on our shares as well. And we have decent volumes traded through every day. Actually, we have quite a few hundred thousand now trading on a daily basis, which is great. And it's really -- the volume has really picked up in the last few months, which has been fantastic for us. And they have the share price, as you can see. So it was down at 5.5p, and we're now at 12p. So it's all going in the right direction for us, which is great. But it certainly wasn't always the case a few years ago if you look at what we did, but now with steps we've taken, Carl coming onboard, the story is absolutely fantastic as far as I'm concerned. So here's just another graphical analysis of what we look at with our ARR and how it's grown over the last 5 years. And the story is one of just consistent growth, continuously delivering on that as well. So where are we actually getting our revenue from? Well, as I said before, about 70% U.S. market is where we get revenue from, and then the rest of the world is about 30%. And that's quite evenly distributed between LatAm, APAC, U.K., Europe, Australasia. And that's obviously something that we're looking to grow across the board. We've just brought in a new member of staff, an AE in APAC to really tackle that market. We've just brought someone in for the LatAm market as well. We signed a TechEnabler deal for LatAm. So we're looking to expand across all of these markets. And Akamai gives us huge amounts of access into markets we could never have gotten into before. The first 2 deals we signed with Akamai were in geographical locations that we have never done deals in before, so that has been absolutely fantastic as well, the way we've been able to expand our network. There are actually very little lifting of our own. It's all Akamai doing it. We just provide the products at the end of the day. So where do we make our money from? Well, we have a SaaS business and we have a traditional CapEx business. And for us, we design it and tailor it to what the customer wants. Some of the old legacy IT companies still want the CapEx model. Some of the more -- slightly more progressive thinking ones want a little more OpEx. So we can slice and dice as people want. So at the moment, it's about just over 25% of our revenue coming up to probably more -- coming up to 30% is on our SaaS model. So pure SaaS, we call it DDPaaS, DDoS Protection as a Service. So that's just a pure SaaS model normally over a 3-year term. Then we have our legacy CapEx, which is where we provide upfront software plus hardware if they need it, term license. And then you have support and maintenance bolted onto that. And they roughly -- if you look at it, they roughly correlate 1/3, 1/3, 1/3, plus or minus, right? And that's how our revenue is broken up in 2023. So that's when you look at our ARR. Well, ARR, significant component of it is the DDPaaS stuff, but you've also got the support and maintenance, which is the tail end of our CapEx contracts that we recognize over the term of those contracts as well.

All right. So we -- just recognizing the time, and I'll go through this just a little bit. We changed a bunch of things coming into this year in terms of the way they were attacking the market. And mostly, the big change is we're going very aggressively after the 2 established brands and their renewals. There's about $500 million of renewals that happen every single year in this space between those 2 companies and a few others that provide capability. And before this year, we hadn't actually addressed this as a target execution sales strategy. So it's one of the very significant sales strategies that we're going after. And we've actually already reaped a lot of success for it so far this year. Publicly speaking, we actually provided for a $1.8 million deal with a company called TierPoint, where we replaced their incumbent, 1 of the big 2 incumbent providers. So that's a big strategy for us. We don't have to win all the renewals. And at $500 million, we can just win just a few of them, and we'll show a lot of growth in our capabilities. These renewals could be quite large. They can be 8 digits. It's not uncommon, right? And so one good takeout for us could actually make our whole year actually because we're at that stage. We're expanding more on the sales partnerships and the global alliances. We know how to sell through, and a lot of people have taken strong notice on that. Juniper is a very strong -- Juniper Networks, very big, one of the biggest network providers in the world. They only sell our solution in their solution for DDoS when somebody needs networking DDoS in a solution. So companies like that. You'll find more announcements and more capability. And that just expands our total addressable market because they're in businesses and have relationships that we would never have at the size company that we are. And it more or less removes SG&A because they just handle the wholesale, which is great for us. We're order takers. We are building more products to sell to our happy customers, which we in -- heretofore was just a single product company. So even though we had 97% extremely happy customers, it's very easy to go Google and see that. we didn't have any way to take a real advantage of that because we didn't have any portfolio to upsell. And we're now innovating big time to be able to provide for more capability. We've made some product announcements this year. And then we're doing geographic reach. The truth is, is that one of the major providers in the space is an Israeli company, and they're, geographically speaking, in this -- and I used to run this business for 10 years, so I know it. They're disadvantaged in certain geographies in the world. So in certain geographies in the world, they're looking for additional providers because there's really only 1, maybe 1.5 that they actually have a selection. It's almost a monopoly. So we're going successfully into the Middle East and into Indochina and to areas where there's some disadvantage by some of our competitors. And that's been basically the largest part of the strategy. Phil?

So how are we looking for this year already? Well, we released our hot off the press a few days ago, the commercial update, where we announced we already made more than $8 million worth of bookings for the year so far. It's been a really, really great start to the year, ripping out and replacing an incumbent for a $1.8 million deal in TierPoint, as Carl said, $2 million plus renewal contracts and expansion. So that's -- the great thing with our renewals is that they're not just renewals. They're also -- normally, we're upselling. We're normally expanding, normally there because the companies that we provide the solution for, they don't stand still. They grow. They grow both in activity, geographical footprint, traffic, all of that, and therefore, we continue to sell more and more through to them as well. And Carl, do you want to just wrap up what else we do?

Yes. So the why are we here and what's the big why now is that we think the company is seriously poised, and I know you've probably been hearing this all day long, but seriously poised to take advantage as a challenger in an industry that has a tremendous amount of spend that's already going on. We don't have to educate. We don't have to talk about the problem. It's just a question of having us on the pick list and a sales execution side of the house. We know we can do this at scale with the largest providers in the world. We know that we can make a lot of money, and we can be seriously underpriced relative to the overpriced incumbents that are out there. So for us, we believe that the highway is just about grabbing these renewals there and continuing to get new customers, of course, down the road. We think, if we are even able to just carve out a piece of this strategy this year, that our growth rate will be taking share from the industry handsomely. Moreover, the 2 providers that are out in the industry, they're not loved by their customers. They're looking for different strategies that are out there. So I'll leave it open for questions. I know we have 5 minutes. Yes, sir?

[indiscernible]

The analyst call is at 15%, but I would say that if we're -- if it's growing 20%, that you should expect us to expect to be taking share. And I think that that's a good number.

[indiscernible]

As a general rule of thumb, it's, I would say, on average, 50% less, right? But it can be 25% less if they want a hardware solution and so forth. But if it's pure software, especially if they're taking advantage of their networking devices, it can be at least 50% less. Yes. So it's compelling in a world where IT budgets really are under strain in many cases. yes. So even if they like or casually like their current provider, the financials will provide us an ability to get at least in front of the purchasing manager and be on the pick list and it's a very sound strategy. By the way, this strategy has been worked. This is how Cloudflare started. This is how A10 started. And if you're familiar with this, this strategy has played out in IT over and over and over again to massive value creation.

[indiscernible]

Yes, it's a great question. So a big piece of what makes us unique is that we will manage the premise-based device entirely, the software and hardware. And if you build a business, we will manage your business for you. So often, as you're onboarding customers with our tech, we are your interface for that -- actually onboarding those customers. The answer to your question is like swapping out a filter in an environment. There's perhaps some disruption that goes on because you're in the middle of the conduit. That has to go on, but once you're in the middle of it, it just works. Our solution is largely automated. So the answer is with the energy of their IT team, it can be less than a day that we're up and running. Any other questions? We don't actually have a presentation after this. So believe it or not, we can actually hang out for a couple of more questions if you wanted, and we'll be around tonight. I'm supposed to be answering -- repeating the questions. How did we get traded in the States was the question. We got traded in the States -- the motivation for that, to be honest with you, is twofold. One was it's difficult for Americans to actually purchase AIM stock, AIM-listed stock. I'll give you an example. I bought a lot of this company's stock on my way in. I'm a -- Charles Schwab account, you might have heard of it, company, and it was almost impossible for me to actually make. So we wanted to open up an opportunity for U.S.-based people with -- investors and our employees the ability to actually share in our growth. And this is an easy way to do it. So that's really the answer to that. So this is our first foray into the U.S. stock markets, and it was really just a trend. It's a conduit for U.S. investors to be able to get into our portfolio, which was really largely hard in the past.

[indiscernible]

So the question is who is the key decision maker on this. It can have a few names, and it depends on the size of the company and the sophistication of -- sometimes we deal with the CEO. If they're looking for just protection sets, so infrastructure protection, it's often somebody who has a network architect, network engineer, security engineer, and it can be the Chief Security Officer and it can be the VP of Operations. So those are classic titles. But more often than not, we're dealing with product managers and solution managers and service managers that are trying to sell the service out into the marketplace. So it's very common that we're dealing with the go-to-market teams and they want to take our technology to go make money essentially and build it into their portfolios. Any other questions? We have some leave behinds, by the way, in case you want them. Yes.

[indiscernible]

Can you repeat the question?

Yes. So this is a question about the average contract size and the support maintenance part of that. Is that how I understood that?

Yes.

Yes. Okay. Perfect. Yes. So average contract is about 2 to 3 years. Our average size is normally -- it's actually creeping up every year, but it starts about $250,000. North of that is our average contract size. As I said, it's actually expanding significantly and growing. In terms of the support and maintenance part of that, it very much depends on what part of the product they're doing. But if they're going for a CapEx deal, your rule of thumb is normally about 70-30, something like that upfront versus support maintenance depending on the precise nature of the support and maintenance going on from there. That's a decent rule of thumb. Does that answer your question? Great. Thank you very much, everyone. Thank you.