NCC Group plc ($NCC)

Good morning, and thank you for joining us online today. Let me start by outlining the structure of the presentation, which myself and Guy Ellis, CFO will take you through. As usual, I will start by providing some of the highlights for what has been a good first half of the year. I'll then spend some time going through a look back over our H1 performance and some of the highlights before handing over to Guy, who will talk you through the financial detail of H1 performance. Finally, I'll spend a little bit more time talking about our areas of focus for the remainder of the financial year and the forward outlook for the business. We've done an incredible amount of hard work and the team have shown outstanding commitment. And it's that commitment, which has put us in the position we're now in with a simpler, more focused business and a winning amazing projects globally. We've made significant progress in delivering our vision despite headwinds. We have simplified the business and executed divestments of several assets, and I'm very pleased to confirm, as you'll have seen, that we completed the sale of S code on the 29th of May. And as a result, we are now a much more clearly focused and pure-play cybersecurity business. The strategic review of the Cyber business is now complete. The Board intends to commence a GBP 170 million tender offer, followed by a new GBP 15 million share buyback, subject to due process to create significant distributable reserves through a capital reduction. Improving momentum in the cyber business has seen 3 quarters of consecutive growth, including double-digit organic growth in the U.K. in H1 2026. We've seen record H1 gross margin of 38.4%. 3 of our 4 markets have grown. And in fact, all capabilities grew in the first half. As we planned, the mix is changing with combined consulting and managed services revenue now 55% of our cyber revenue overall. Managed Services has continued to grow increasing by 4.7% to GBP 40 million on a constant currency basis versus H1 2025 and by 2.8% compared with H2 2025. I would like to start by just setting some context. Many will be familiar with the journey we have been on. But for those new to our business, I think it's helpful to frame some of the changes we have been making. The group has been through a significant period of change over the past few years. Operationally, in its market focus whilst also navigating a period of turbulence. Now let me recap of some of the journey NCC has been on and the significant often difficult changes that we've made. In 2023, we made a strategic pivot. We sharpened our focus on clients and their strategic problems, not to transactional projects. This required building broader capabilities to deliver a more consultative approach to client interactions and importantly, greater internal connectivity to ensure we could bring the truly outstanding talent we have globally to support clients irrespective of where they were headquartered or operated. We set some goals to change our revenue mix with a focus of managed services, we invested in new capabilities that had market relevance, such as identity management, operational technology, both of which resonated with critical infrastructure. We aimed to build a consulting revenue stream that was a discipline and mindset that brought together our world-class technical expertise. We implemented a globally connected operating model, giving us the ability to manage delivery across all of our markets. And we executed a strategy of operational simplification, divesting businesses, improving our balance sheet with a focus on shareholder value. That has resulted in the NCC today being a focused, pure-play cybersecurity business. The reset phase is complete, and the emphasis now is on execution, delivery and value creation. The team have demonstrated their ability to undertake an exceptional amount of change. But why was it important to realign the group? We believe there are some fundamentals that make the cybersecurity services market attractive and that the group is well positioned and indeed actually uniquely well positioned to capitalize on. First, the continued digitization of business, government and supply chains is expanding the tax surface. AI is accelerating that trend further and which we've discussed this at length on various platforms over the past few months. Second, the threat environment is becoming more complex and more persistent. The number and sophistication of cyber attacks continues to increase, driven by factors including geopolitics, the growing ability to monetize cybercrime and the scale of enabled global connectivity. As a result, operational resilience is now a board priority across both the public and private sectors. Finally, organizations are operating in a more complex regulatory environment and continue to face a shortage of skilled cyber professionals, increasing lines on trusted external partners. So taking all of that together, these factors point to market where demand for cybersecurity is structural, not cyclical, and it continues to grow. Now AI is obviously a disruptor, but also, we believe, an opportunity. Now we're not complacent, but technology is always evolving. Our view is that AI is ultimately more of an opportunity than a threat. It works with our existing service model, not against it and indeed raises some very interesting and exciting opportunities. AI will disrupt commoditized single dimension or point solutions. Now this comes as no surprise. It's like every other automation initiative in technological history to say anything else wouldn't be credible. However, there are 2 other important aspects. Firstly, AI allows us to automate elements such as scanning, analysis and reporting, which improves productivity and speed. The need for assurance doesn't go away. Humans have to be in the loop and human-led assurance still matters, particularly with judgment, regulatory interpretation and complex environments are involved. When we combine AI-driven productivity with our global delivery model, we create a structural cost to deliver advantage. AI strengthens our economics, supports outcome-based models like testing as a service and reinforces rather than disrupt our core proposition. Secondly, it's clear that already that AI is deployed in an environment at pace often without control. It's also an environment where the architecture was often not designed for it. As a result, AI creates new vulnerabilities and the opportunity for us to provide new services, which we have already launched. Currently, automation alone does not replace judgment and regulators increasingly mandate independent human oversight. Now that dynamic plays to our strength as a trusted, people-powered, cyber partner someone has to write the prompt. Now let me just take you through some of the ways NCC is currently engaging with AI today. We are combining large language models and capabilities with deep technical expertise to simulate, exploits and prompt base attacks. We are stress testing resilience across a range of scenarios in global organizations, including supporting the testing of some of these frontier models. We're shaping policy, for example, giving testimony in the House of Lords and contributing to the U.K.'s national cyber strategy and guiding that debate. Underlined by our expertise, we have completed paid reports to independently review both Google's private AI compute system, which lets mobile devices use powerful cloud-based AI while still protecting user privacy and meters WhatsUp message summarization service, which adds AI-generated summaries without exposing message contact to meter. The power of the collective is our differentiator key things, secure coding and assurance, broader advisory, nonhuman identity, shadow AI, all play a massive part. We are the go-to experts for the media. We published 50 AI cyber research papers since 2019 alone. In the last year, we have treated over 130 times on the media, including the BBC and Forbes on the topic of AI, which all supports our positioning as a trusted voice and therefore, sales opportunities in the market. As a provider of technical thought leadership on this topic, providing expert perspectives helping businesses navigate their response in a highly complex and evolving environment, more broadly, we see being able to contribute to improving gross margin through efficiency. To reiterate, this is about reinforcing our brand as a leader as a trusted voice supporting our sales engine. Now we're not a broad IT services or a software company with cyber as one of our many offerings. Cyber is the core of what we do, and that is what underpins our relevance in a structurally growing market that focuses and translates directly into differentiation. We combine deep technical expertise with proprietary insight and the delivery model that is both people-led and technology-enabled. In turn, this allows us to support clients across the full cyber life cycle, not just through individual engagements, but as long-term partners. And this is where our model matters. Now we've built those capabilities and I'd like to just show you how we plan to take those to market. Now we shared our 1420 strategy at the Capital Markets event in March, which is available to watch on demand via our website. Essentially, it sets out how we create client value over time, starting with immediate problem solving to establish trust, expanding our footprint across the portfolio, and ultimately, embedding our services as a core part of our clients' operations. We have an extensive vertical spread across markets with no dependency on one vertical, which may be affected by external factors. We have in our key accounts, a long tenure as a trusted partner. In H1, we've seen that increase by a further 4%. Importantly, if we look at our top 100 clients, they take on average 2.84 of our capabilities. We are, therefore, not reliant on them purchasing a single solution. This also means that there is a significant commercial opportunity just by uplifting the number of capabilities used with our top 100 clients give us a potential 34% uplift. Managed service has been a key element of our strategy from the outset to ensure a greater percentage of recurring revenue, and we see that continuing to grow as well as increasing as a portion of overall revenue. In H1 2026, it is now 33.8%. Gross revenue retention has increased from 78% to 85%, meaning we are keeping significantly more our existing revenue base with reduced leakage from churn or downsell. Importantly, this is driven by stronger customer stickiness and renewal performance even before any contribution from upsell or growth. Now clearly, link churn has reduced from 22% to 15%, reflecting better customer stability and fewer downgrades. Net retention rate has increased from 89% to 94% reinforcing our ability to expand within the existing customer base. Now the point here is to illustrate momentum comparing our revenue decline in the prior year versus the revenue growth momentum in the first half of this current financial year. It's clear from this by bringing together the world's leading capability and a refreshed and focused go-to-market strategy, it is beginning to have results. In the half, we have seen all services grow, including technical assurance services, which just highlights the continuing relevance of this skill set, notwithstanding some challenges remaining in North America, which I will talk to next. As a consequence, revenue momentum has broadly improved across the board. The group has now had 3 quarters of consecutive growth in the cyber business and particularly impressive has been the double-digit organic growth in the U.K. in H1. One final point I'd like to highlight is that the proportion of revenue in North America is now compared with Europe. And with that, let's take a look at the specifics of North American revenue. When looking at North America, the issues are very clear and well understood. There has been a well-reported structural change in our large technology clients buying patterns. Our North American client base uses skills predominantly from our technical assurance capability. And what clients require and how they use suppliers has changed for reasons ranging from increased in-sourcing, greater automation, consolidation of suppliers, projects ending or simply a reduction in spend due to other investments being made. However, as you can see, while there is a clear reduction in volume and the requirement for technical assurance skill sets, from those large technology clients. The remaining business has seen only a modest decline. We have begun a journey to refocus our go-to-market efforts in North America in a couple of dimensions. Firstly, specific attention on bringing the credentials and expertise we have in the U.K. in areas such as operational technology and critical infrastructure to support client conversations. Secondly, we have invested in specific vertical leadership. We have in H1 appointed a leader for financial services, which has shown some early successes. Now this is linked to success we're already seeing in delivering complex projects supporting AI readiness in response to the announcements around Mythos as an example. We plan further investment in similar vertical leadership in North America in H2. Now what gives me confidence to be an organization that is the trusted adviser to governments and organizations is the depth and breadth of the skills and quality of our people and also the range of partnerships we have developed to build the ecosystem to deliver projects for our clients. Just to give you some of examples we have in H1 received numerous awards and recognition, including from independent analysts such as Forrester. Our people are go-to sources of expertise in areas of policy setting. Our award-winning government affairs team is actively involved in setting policy and direction at a national level, such as the reform of the computer misuse Act. Our engagement with the U.K. Minister for Digital Economy underscores our increasing role in shaping National Cyber policy and positions us as a key partner in delivering the forthcoming National Cyber Action Plan. A key element of our strategy is always building the right technology partnerships and particularly where AI is a contributor to how we deliver those services. I've already touched on some of those early on. It's very positive to see that the team is being recognized by Horizon 3 as their global partner for the second year in a row. In the area of identity and access management, our partnerships have continued to grow. We are now the most accredited European technical partner with Delinia. And I'm very pleased that for the 14th year, we continue to engage with high-profile comic relief campaign underlying our commitment to creating a secure digital future for all. Now let me emphasize what really gives me that confidence as a pure-play cyber business. It's all of these factors driven by our people and it's why we believe we are trusted to deliver such highly complex and technical services. Now with that, I'm going to hand over to Guy for the financial review.

Thank you, Mike. Before I go into the detail, let me just pull out the headline messages at group level. First of all, we're seeing a clear improvement in the quality performance in the continuing business. Revenue is growing on a like-for-like basis. Margins are improving, and that is flowing through to materially stronger profitability. Secondly, it's not just revenue growth, but the improvement in margin profitability reflects that this is becoming a more focused, more efficient and better aligned business as to the model we set out. And finally, we've seen a meaningful step forward at the bottom line, alongside a strengthening underlying cash position. Note that the prior year operating profit and profit before tax benefited from an GBP 11.3 million profit on disposal of the Fox Crypto business, and that flowed through in individually significant items as well as trading from the FOX crypto business of GBP 2.8 million last year. Excluding these items from the prior year, like-for-like operating profit increased by GBP 6 million the like-for-like profit before tax increased by GBP 8.2 million. So the overall takeaway is straightforward. The continuing group has momentum and it's in a stronger position operationally, financially and strategically. Turning to the group income statement. This is where we can see that improvement coming through in more detail. And importantly, we can start to see the drivers behind it. Firstly, revenue growth reflects continued momentum in the core business. So total revenue was up 4.1 percentage points year-on-year, with cyber leading the way, up 5.7 percentage points. Escode was down 1.2 percentage points year-on-year on a reported basis. Both businesses though both divisions grew on a like-for-like basis, and we'll walk through that in more detail shortly. So this is a more focused group with cyber now at the center and that is increasingly reflected in the quality of revenues. Margin improvement was driven by better mix of work and stronger operational discipline, in both cyber and code in the first half. So it's not just growth, it's growth in the right areas. And thirdly, while cost base has increased, which is mainly due to foreign exchange movements of GBP 0.6 million and non-repeating IFRS benefits in H1 '25 of GBP 0.8 million, with operating efficiencies from business simplification offsetting inflation. The growth in EBITDA shows the benefit of that model overall started to come through. So group adjusted EBITDA was GBP 2.5 million, up GBP 5.1 million year-on-year. GBP 4.7 million of that came from an improvement within cyber. So overall, this shows that the strategy is now translating to financial profile of the business with an improving quality of revenue, stronger margins and a more scalable model. This is how we measure the delivery of the strategy we've set out. The framework will be familiar to people, but importantly, it's now aligned to a simpler pure-play cyber business as we outlined at our Capital Markets event in March this year. At its core, it's built around 4 priorities. So scaling the business to drive growth in key accounts, expanding in priority markets and increasing the proportion of recurring revenue. strengthen the business, improving client engagement, share of voice and colleague engagement, all of these underpin long-term performance, simplifying the operator model is leveraging our global delivery platform and AI to improve utilization, drive margin progression and remove inefficiencies, including stranded costs as we separate the Escode business. And finally, creating value through improved EBITDA. Strong cash conversions, disciplined capital allocation and maintaining financial flexibility. This is not a theoretical framework. It's the set of levers that we're actively managing on an ongoing basis to translate the strategy into consistent performance and value creation. And as Mike has already touched on some of the highlights, the first half demonstrate this in action. As Mike has described, we've seen a strengthening in revenue momentum across the business. Profit conversion was very strong with record gross margins of 38.4%, a result of the maturation of the global resourcing model increasing use of AI. We've talked about improved pricing as well as other efficiencies. We are on track to deliver the gross margin efficiencies required for the pure-play business to deliver a mid-teens EBITDA by the end of FY '28. The 5.7% revenue increase and gross margin gains drove EBITDA in cyber to grow 130% or GBP 4.7 million compared to the same period in the prior year. While our clients don't buy in capability per se, this slide is useful to let you see what's happening within the cyber business at a capability level. Mike has already highlighted the consistently excellent performance across the capabilities with a year-on-year and half-to-half improvement in technical assurance, particularly notable. Consulting and implementation was a get star performer again. And whilst we're annualizing on a phenomenal half 2 in the prior year now, we do expect mid-single-digit growth in the second half of FY '26. This validates the sales strategy that Mike as well as our Chief Commercial Officer, Peter Farley, set out the Capital Markets event early this spring. Before we move on, let's just have just a brief comment on Escode the business has now been successfully transferred to its new owners with completion on the 29th of May. So our full year accounts will reflect 8 months of Escode ownership in this year. Escode has been a high-quality and resilient part of the group, and I'd like to recognize and thank the teams have supported both its performance and the transition. We wish the new owners every success as they take the business forward. For NCC, this marks the completion of the portfolio reset. It allows us to focus fully on our pure-play cyber strategy, although we'll need to continue to report the revenue for the full period of FY '26 due to completion point in the second half and its contribution towards this year's results. Okay. So net debt. On the left-hand side, you can see here, net debt movement in the first half. We started the half with GBP 13.1 million of net cash in the group and finished the period with a net debt of GBP 10.2 million. We've returned GBP 33 million to shareholders via the share buyback announced on the 21st of January 2026. A further GBP 7 million of buyback was executed after the half year closed on the 31st of March. Across that total GBP 40 million share buyback, we purchased 31 million shares at an average price of GBP 1.28 to the share buyback. It's effectively a circa 9% discount on the current share price. On the right-hand side, you can see the net debt movements to date in the second half. We have paid the final FY '25 dividend, together with the share buyback prior to the receipt of the Escode proceeds. This leaves us the strong net cash position at the end of May of GBP 230 million. There are obviously a number of important disclosures included in the RNS release this morning. And I think it's worth drawing out and reiterating some of these, so the Escode proceeds net of GBP 10 million of costs of GBP 252.8 million, and we will recognize a gain on the disposal in the second half of this year's accounts. There will, of course, be items that individually significant in the half -- second half as a result of the Escode transaction and execution and completion of the cyber strategy. We have announced our intention to return GBP 185 million of shareholders from Escode proceeds. GBP 170 million of this will be via tender offer and GBP 15 million in via a subsequent share buyback. This is obviously in addition to the GBP 40 million share buyback program we've executed through the spring of this year. Per normal course of business, we would expect to conclude the capital reduction process and issue a circular for the tender offer around the end of July. At the conclusion of the tender offer, the Board will announce the ongoing dividend policy. While I cannot confirm the details today, I can state that it's the Board's intention to maintain an ongoing dividend, albeit at a lower level than the existing dividend while we execute business improvements to deliver mid-teens EBITDA business by the end of FY '28. Mike's going to touch on that shortly. And with that, back to you, Mike.

I would like to conclude with a summary of why we believe there is a stronger than ever investment case for NCC. At the highest level, the key point is that NCC is now a focused pure-play cybersecurity and resilience business. As I've already said, with the completion of the Escode sale, that strategic reset is complete, and the group is now fully aligned behind that opportunity. We operate in a large and durable market where demand is increasingly driven by structural factors, including rising threat levels, regulatory pressure and the growing importance of resilient spend. Our differentiation comes from a combination of the of these deep technical domains, our proprietary insights and the trust we have built with clients and governments over many years. We are also building a more scalable operating model with a more joined up go-to-market approach, increased and improved revenue mix and increasing visibility in the business. We're able to share insight and bring the best of NCC to support clients irrespective of where our talent is or where the client operates. And bringing that together, we see clear potential to create value through continued execution, both through operational improvement and over time, a rerating that reflects a simpler, more focused and higher-quality cyber business. We have delivered significant change in the business, but recognize there is more to do. This is how we measure the delivery of the strategy we've set. The framework will be familiar, but importantly, is now aligned to a simpler pure-play cyber business, and as we outlined in our capital market events in March this year. At its core, it's built around 4 priorities, which you will have heard throughout the presentation and as Guy outlined previously. Firstly, scaling the business to drive growth in key accounts, expanding in priority markets and increasing the proportion of recurring revenue. strengthening the business by improving our delivery processes, investing in the things that matter to clients, importantly, simplifying the operating model leveraging our global delivery platform and AI to improve utilization, drive margin progression and remove inefficiencies, including some of the stranded costs. And finally, creating value through improved EBITDA strong cash conversion, disciplined capital allocation and maintaining financial flexibility. Now the framework is not theoretical, it is the set of levers we are actively managing to translate the strategy in consistent performance and value creation. In summary, we have executed a major pivot, simplify the business and had 3 quarters of growth. We've got record gross margin percentage. We are far more resilient business and are returning capital to shareholders. I'm certainly proud of what the team has achieved, and I would like to say thank you to all of them for all their hard work, but we're not complacent. Indeed, there's a lot more that we have to do. . So turning to the outlook. Adjusted EBITDA is anticipated to grow ahead of revenue with margins in the range of 5.5% to 7.5% for the year. Looking ahead, the Board remains confident in delivering its medium-term objectives, including mid-teens EBITDA for cyber as we continue to improve operational discipline and execute the transformation of the business. And that concludes our presentation this morning. And I'd like to open up now for any questions you may have.

[Operator Instructions] So our first question, you talked about the Firewheel. Are there proof points that you can share that demonstrate this is working?

Excellent question. Thank you. There are probably -- 2 -- I mean, 2 points I'd highlight in terms of why the fire wheel is effective. Firstly, it's that move away from purely transactional type projects. A good indicator of that I would highlight is the average order value. So larger, more complex deals, quite often using a number of capabilities from within the business rather than individual point solutions. . But if I look at average order value versus FY '25, we've seen a 23% increase in value and also a 40% increase in volume. So larger deals and more of them, which is incredibly positive. As I say, it's not always about individual products leading to other products or solutions. It is about multidisciplinary teams. However, Again, there are some really good indicators how 1 entry point is leading to an engagement with a client, which requires support in other dimensions. So to give an example of that, incident response is probably the most obvious responding to a breach, helping a client through a complex situation, usually a crisis. Our incident responders often who are on retainer, we've seen a 10% increase in instant response engagements leading to managed services. And I think that's a fantastic indicator of an ongoing conversation with a client multidisciplinary, multicapabilities involved leading to a longer set of term relationships.

Thank you. Next question, a couple of groups together. What's the confidence like in terms of H2 in terms of market dynamics?

Well, I think clear that's the ultimate question. There are a number of things that give us confidence, actually. And I'd sort of break it down. If we look at the broader market and our client base, -- if I look at -- there's a number of lumber metrics I'll probably pull out. First, if you look at our client base, we have 92% of our bookings come from existing clients. So we really do have that foundational element. We're not out hunting in the market. We do have an amazing client base, which actually leads also to our 1420 strategy and why that is so pivotal. What gives us confidence, I think, as we then look forward is of our top 10 clients, we've seen sales increase versus FY '25 of 9% so again, big clients, increasing sales at -- so again, that's highly efficient. If you look at our top 20 clients, we've seen our sales increase versus FY '25 of 11%. So again, been in there, being embedded gives us visibility of the pipeline in a way we've probably historically never had. And now I think 68% of our bookings are from our top 25 accounts. So again, we're very, very focused. But I think ultimately, sales in H1 of this year are up versus H1 in '25. So that, again, gives us some greater confidence about the forward trajectory of the business.

Next question is from Andrew Ripper at Pamiliberum. How much do you expect to spend in order to realize the EUR 25 million savings, would you expect to reinvest some of these? Or are they expected to all drop through to the bottom line in getting to the mid-teens margin target?

So if I take that. Thanks, Andrew. So we expect to realize about GBP 25 million of savings come the end of FY '28. So that's about GBP 7 million in this year and then the remainder spread over the remaining 2 years -- we're expecting that cost broadly on a pound-for-pound basis. We've got plans around all those items, and that will flow out broadly over the time period in line with when we get the savings back out. They will clearly go from a -- those reorganization costs will hit it below the line from an ISI perspective. So that's where we will report those, but obviously, we'll have strong rigor around making sure that operational activities as get charged into above the line and it's purely or it goes below the line.

Next question is from Damindu at Plant. U.S. gross margins remain below 30% versus 40% in the U.K. and Europe. You talked about how you'll focus more on some under-indexed verticals like financial service, what levers are available beyond growing to increase utilization to make American margins better. Is it growing higher-margin offers like managed services? Or is it looking at resourcing in NA to make it more efficient?

Just a bit of maths first on that first -- they're not unfortunately directly comparable margins because a relatively -- a proportion of American work gets delivered out of the U.K., Spain or particularly in Manila now. and the transfer pricing arrangements between the markets means that the U.S. margin, the North American margin gets penalized for that. and actually say it's done in mid the margin benefit drops into Asia Pac or to the U.K., the margin benefit from an end-to-end point of view, some of it drops into the U.K. So they're not direct comparable. Notwithstanding that, there is definitely opportunity for margin expansion, which will now talk...

I was just going to go exactly the same place. I think, Deminda you've called out exactly the sort of areas we're focusing on. So I think, firstly, there is a focus on high-value type opportunities. I did mention, I think, some marquee wins we've had actually in the states, particularly in the financial services sector. supporting AI readiness post Mythos. So those are clearly helping support and increase in margins. The second area, I think, is, as guys helpfully mention the the way we deliver globally to make sure that actually we use the capabilities we've got around the world to execute. So rather than it being all about just North America margins, it is about how it supports the overall group. But there are then not only the verticals but also changing the mix of services. And as you'll see from the data we flashed up on the slide, there are certainly a number of areas where we believe there is expansion. Managed services is one. We have had some early successes, but again, having to invest in the right overlay sales capability and also in some of our consulting offerings, which I think has had a contributing factor in terms of some of the improvements. So there are a number of levers, all of which, to Guy's point, it's not a clear like-for-like. So I think we have a path ahead.

A follow-up question from Andrew. What do you expect organic growth to be in H2? And how confident are you of an acceleration of growth in FY '27, how significant are the larger strategic client opportunities and can you elaborate on the pipeline, et cetera?

I think I might have covered some of that in terms of the pipeline. I think again, we only launched our 1420 strategy. in H1. We've seen the, I think, the positive impact of that, which again gives us the degree of confidence going forward. We have made a significant change in terms of the way we go to market in terms of the propositions of which we are talking to clients about, which are multidisciplinary. Again, it's not all about 1 skill set or 1 capability. It's multidisciplinary. That has also started to drive much more expansive conversations in what is an amazing client base where we already know that we get recurring sales from. So I think putting all those factors together, it gives us a forward look, which I think there is an awful lot to play for. Nothing is guaranteed. We can't control the macro geopolitical situation. But I think certainly in terms of our execution, we're very clear what we've got to do and I think very much focused and confident about that.

Next question comes from and it seems that pen testing is still 40% of your revenue, and you rightly highlighted it as commoditized and can be automated by AI. How do you intend to manage these structural pressures and should we expect it to decline over time?

So I differentiate between commoditized types of projects and the skill set. I think there are 2 quite different things. So there is, as always, in technology, ever-increasing degrees of automation. AI is the latest manifestation of that within the pen testing space. So we do see some elements of pen testing being increasingly AI-driven. We've adapted to that. So for example, a large amount of our infrastructure testing is already using AI. We then provide skilled oversight and humans in the loop, I think, is the phrase I would use. That's been expanded into the Rave-like web up testing. So I think we're at the forefront of some of that. The need for assurance is not going away. I think if anything, I think I'd argue it's going to increase. AI is already demonstrating the need for guardrails. And there are very few organizations in this world that we've -- and certainly the clients and have talked about our client base who have the guardrails and the confidence that actually they are moving forward with a huge degree of confidence around AI. I think that's where we play. That's what gives us such confidence that we remain incredibly relevant. That's why we differentiate from product project and product type to actually our skill sets where our skill set remain incredibly relevant.

Next question comes from Julian Investec business, looking to a total GBP 25 million cost out efficiency. This signals more change to come. Can you outline how this will not disrupt but drive a positive accelerator to the top line and bottom line performance going forward?

So if I'll have a go on that. Mike can chip in. So we have taken, I guess, a lot of costs and a lot of efficiency benefit over the last 3 years. It's not something that's just happened or just about to start. So I think we've got a team and a business now, which has become very adept at adapting and moving forward and making itself stronger and more efficient. The -- we have an inflection point now with the Escode business separating. And as we finalize the separation that means that we can get far more out of our existing core systems and bring a lot of efficiencies and bluntly make people's jobs much, much easier to do. And if I give an example around the kind of journey we're on for that, if it were to go back 3 years ago, we didn't have a commercial finance function at all. We now have a commercial finance function, which is embedded in the business, did a lot of great work from a forecasting and decision support perspective, but has to do phenomenal amounts of manual work because of the Workday systems that we've got have not been optimized by us in the way that they should be to be able to send people to spend more time business, improving decision-making and being more efficient. So there are examples of things where actually a lot of the change that we're talking about here making people's jobs easier to do, more engaging and will actually drive efficiency and cost out of the business at the same time. It is also piggybacking off the fact that we now have a globalized resourcing model which is able to think about it with the delivery arena from a gross margin point of view as we increase machine learning and AI in some of the areas of managed services as well as testing now much easier. We can deploy those things globally, whereas if you went back 3 years ago, those processes and those client offerings were not globalized, and therefore, it wouldn't have been possible to the optimization of that and won't go.

So I think I'd also just emphasize to Guy's point, the inherent complexity that was in the business. And we have now been able to through -- if we take the divestments we've made, there's a mixture to S code, very different business to a professional services cybersecurity company. We had a fraud product business. We had a very high-end crypto products business. These are all very, very different that had inherent added inherent complexity in our systems we now have as part of this, the opportunity to address overly complex IT systems. So that again is, I think, is a major point. And we do have a team and a set of plans. Those plans are visible, socialized and a much more highly resilient business than maybe we had historically.

Another question from mine. You've disclosed that lifting average capabilities sold from 1.5 to 2 would deliver 35% incremental revenue from existing clients. Those are compelling numbers, and we know you're working hard to elevate the sales team to do this. One needs to happen on the client side. Do they need to source from fewer providers? Will it share? Or do they need bigger budgets are expansion?

Well, I think I touched on this again with the -- we already have the client base. And I think it is about a change in terms of how we have client conversations. So we now have, again, guys sort of inferred some of this. We've got single processes. So we've got a single sales operation functions, which can now share collateral centrally to the sales team globally. We can share credentials. We can do -- we can roll out single training to the sales team. So there's an upskilling opportunity that naturally occurs as a result of the pivot we've made around our 1420 strategy, about the propositions we take to market. And that gives us the, I think, the opportunity to be able to go into those clients and elevate and win market share because we've already got the clients. So it is about repositioning and winning market share, which I think we've got a pretty good track record of.

Next question comes from Ross Edison Group. Can you talk about how the strategic importance of managed services relationships might change in the delivery of future cyber solutions and the factors driving this? .

I think if I -- it comes back to the skill sets element, many organizations would look at cybersecurity of it being incredibly important but difficult to retain the skill sets and capability to actually be able to manage it effectively. So it's not their core business is the fundamental element. A big part of that, and particularly in an AI context, where we are addressing threats and vulnerabilities at machine speed, you need the right level of capability in-house and to deliver that you can't build your own teams quite often for most organizations, unless you're particularly large. So managed services becomes fundamental. And I think when clients then look at who is a trusted provider with deep insight long track record, stable recognized businesses with intellectual property and visibility of this topic I think that's one of the reasons why we believe that we're very well positioned, maybe vis-a-vis some other organizations out there because this is our core business. It isn't just a process. We are -- we bring insight and that intelligence to play. So that's why Managed Services, I think, is so fundamentally important. And why we've seen the growth in that as a proportion of our overall revenue.

Another question from -- any anecdotes you can provide about internally used AI tools. Do you have, for example, access to the best entropic models that might not be available to everyone? Do you plan to customize these tools to make the more bespoke to you?

That is a great question. Thank you, Damindu. I'm now going to be very careful what I say from a client confidentiality perspective. We are not part of glass win. I'll say, that's obviously a matter of public record. However, we do work extensively with a number of clients globally in aspects relating to some of these frontier models. We do use internally AI extensively already. And I've talked about some of the public elements that we were -- the partnerships that we've got around that. . So AI is absolutely front and center to our future strategy and the way we're executing and we are very close because of some of the clients that we work with, with in terms of how these frontier models will affect cybersecurity going forward.

Another one for Domindi. You've said the second half has started well. Can you put some color around that? Are you seeing acceleration in any specific segment or geography?

I think if it was to pull out some specific themes in terms of client demands, AI readiness is without doubt right at the very top of client conversations and that covers a number of aspects. It's around whether the governance and guardrails within an organization for the deployment of AI are sufficient. And most organizations are really struggling to tackle that. There is definitely, as we've seen, the announcements around Mythos and the the shortening of the identification of vulnerabilities and the actual use of exploits shortening to almost hours has -- is now increasingly having an impact on patching cycles and operational internal processes. So quarterly patching cycles are now no longer viable. What does that mean in terms of operational processes, which we're helping clients with extensively. Interestingly, there's a really developing set of conversations happening around digital assets and how do you provide assurance over that. And the general sort of operationalization of security remediation naturally is very much a topic of client concern as they look to to change how they adapt to what is -- I think it's a fairly -- it's a paradigm shift to use a very old Internet term. So there's quite a lot. And then, of course, there's the usual things, third-party supply chain, we see remains highly relevant and obviously, cloud adoption and how that plays out in terms of the new AI era.

Final 1 from Domindi. Utilization improved to 76% from 70% in FY '25. Where do you see the structural ceiling for utilization in cybersecurity services business?

I think there's probably -- so we utilization is 1 metric. We also talk internally about how we're driving revenue per fee earner. We certainly see the historically, the history would show that sort of knocking more than 80% out consistently across -- on a business average starts becoming unsustainable for people, people start suffering Bernex, they've got other activities we've got to complete at the same time. There is some of the real benefits, I think as Damian was sit here, our Chief Operations operator, talk about actually is as you start using your syst colleagues with machine learning and more AI, actually, they're able to carry out more activity. So it's part of the utilization, but some of the ceiling on the gross margin is also then about actually the efficiency of how people can work through a daytime as well. So we're conscious on working on both things. There is -- we inevitably -- as is always the case and always will be the case. We see hotspots. So inside that 76% there are some functions and areas of expertise, which will always run at a higher level and some of which will run at a lower level. And that probably has -- so sorry, it's not sort of very direct tons 76% is probably not another 15% in that, but there's some benefit in actually how people operate within the scope of their day as much as just working more data.

And I do think this does talk to the heart of the changes that I think are affecting professional services industries. How do you -- is utilization the right measure going forward? Projects are changing. It's more outcome based. We're certainly focusing very heavily on more subscription type activities, so not directly time to sort of time and materials. That will obviously increasingly make -- will create a change in the way we measure some of the success of our productivity. .

Thank you. We have no further questions on the webcast. So I'll hand over to you, Mike, for any closing remarks.

Thank you very much. I would just like to conclude with maybe 2 things. Firstly, as Guy said, we wish our Escode colleagues the success -- every success in the future and more particularly to all of our colleagues internally who helped on that process. Thank you very much for all of the hard work and also to all colleagues generally for the efforts that has to made H1, I think a very solid -- a solid start to the year. I'm very much confident and looking forward to the second half. Thank you very much.