Trend Micro Incorporated (4704) Earnings Call Transcript & Summary

Good morning, everyone. Welcome to Trend Micro Investor Day. Last year, at the Investor Day I used this chart to explain how Trend Micro is transforming our business from a packaged software into a platform SaaS platform company. And I explained that the pink line, which is our very profitable packaged software with renewal revenue as a percentage of our total commercial revenue versus the red line, which is our new first year SaaS subscription revenue as a percentage of the total revenue. And this red line is the most costly revenue acquisition and that's where in the previous few years, the transformation causing Trend Micro's profit margin decline. But starting last year, when the subscription renewal revenue. The blue line start to take place and occupy more percentage of the total enterprise renewal revenue. The profit margin will come back. And this last year, 2024, I think we -- Trend Micro prove that this SaaS platform business transformation has been taking effect and is a scalable and profitable growth market that we can take on and therefore, starting from next year, we will focus on more of our growth engine. Talking about cybersecurity growth. It always evolved with the IT infrastructure change. For the past 35 years, Trend Micro has been going through all the IT infrastructure change, and that change also affect how the cybersecurity organization in customer site is changing. It changed into a security operation center that oversees all of the IT assets security. But this IT operations and security operations balance is actually a very difficult thing to do. Because IT operation is focusing on the sustainability, stability and the requirement is like [ 599.999 ], no downtime. Whilst security operation is focusing on meantime to detect, meantime to respond. Everything needs to be quick, quick, quick. We are raising behind the threat actors and these balance is not taking care carefully, then it would be sadly this year's largest global IT outbreak was caused by a security update from one of the security vendor. And I think that is alarm for everyone that we need to remember cybersecurity is for the IT operation to operate mostly. So IT operation is changing, especially in this AIH or the IT infrastructure change, user behavior change and the threat actor change will impact how we design our cybersecurity product and solution. If you look at how AI is going to change the IT infrastructure, just think about when we're starting to have the Gen AI, we will break all the data silo between the sales, marketing, the HR, the customer data, all of this data need to be exposed to the Gen AI to enable it to generate the new intelligence for the modern-day business operation. But this change might cause a lot of time, accidentally, a simple salesperson will expose the R&D architecture design, while the simple R&D people will assess the HR data. So data infrastructure change and also user behavior change. GenAI will enable everybody from top to down, was able to use AI, I think last we know, at least in Japan, 97% of the enterprise customers say they already enable somehow for their employees to use AI technology. And that would cause like incidentally sensitivity data was exposed to open AI, public AI, or the device was this prompt injection. All of this would cause new security problem. And not to mention the threat actors, they definitely are using AI. The phishing e-mail is much more targeted. It's hard to detect, the fake voice imitation. All of this impact not only enterprise, small business and consumer, altogether is changing the cybersecurity and that's why we believe in today's already very complicated attack surface when you adding Gen AI and changing the AI operation, we need to rethink how to do cybersecurity. Of course, in the past 20 years, cybersecurity vendor is not sitting in dark. We kept on evolving from endpoint security to EDR to XDR to the combined SOC modernization, all of this, we have been doing it. However, no matter how we do it, we were mostly looking at the log lot, the alert and try to tracing in behind, we were just after the fact, detect and respond. And that is causing a lot of problems. If you look at the investment in security stack right now is heavily invested in reactive technology. Only about 5% to 10% is able to do what we call proactive forward-looking proactive security and that caused what is today's reality, today's reality is expanding attach service. However, we still lake of all the security experts and the silo of the tech stack and disjointed team that is still causing all the problem for cybersecurity. So well, just this year is my 20 years as a cybersecurity company, CEO. I don't know if that tenure is credit or debit to the balance sheet of Trend Micro. But for 20 years, I had a dream as a cybersecurity expert. The dream, I name it the project is called minority reports, and that project is trying to do we need to stop the cyber crime before they take place just like the future cup. How to do that? We need to be able to have the full visibility of the attack surface so that we can turn the security into visibility. How to do that? Today, we will be able to use the native sensor that Trend Micro has a lot of them. But most importantly, connect with all of the third-party log, ingest them, and we will be able to use all of this data meaningfully utilizing AI and then we can turn this total visibility into decisions that we can make. And that decision is based on risk. Risk equal to the likelihood of assets being attached times the impact when it was going down, the crown jewel, right? So if we would be able to decide that risk factor, then we can make a sensible decision how we will detect and allocate our resources, prioritize them over on our specific customers' specific IT infrastructure and environment. This risk score would combined with how important the asset is and what is the vulnerability sitting on there, how serious the vulnerability is and what is the relationship between all of these different assets. And therefore, we apply our threat knowledge, our understanding of how the attacker were attacked, and we will be able to predict from the attacker's point of view and say, this is the most likely attack path. Once we can predict that attack, then we can turn that decision into action. The action is mitigation and that mitigation is not just the passion and response. You can do it in before, before the attack really happened, you allocate what is the most important places that you issue. Prioritize your patch to apply your own or where is the network segmentation and track filtering that need to be tightened up. All this mitigation is like, what is the better, the best meantime to detect and meantime to respond minus, right? Negative time, you prepare before it happened. All this can happen today with Trend Micro Vision One platform, and that is a proactive cybersecurity platform, where we can use our 35 years' knowledge of how attacker will attack and take outside-in-view of your attack service. And then combined with our XDR, SIEM and SOAR technology that we will be able to map out what is your customers customer-specific environment and therefore, enable our customers, take proactive actions so that their risk will be reduced. That is what we are very excited about our Vision One and the attack service and that will continue to empower our enterprise business transformation. As you can see now, our mostly Vision One attached customers resubscription revenue already is 33%. And next year, we will continue to grow our first year new subscription revenue. So that 2 lines will continue to grow, and that will make our business both profitable and also growth. Not only that, not only on the enterprise, but also in our consumer product, we are utilizing our deep analysis, and we are enabling our consumer customers to take care of scam problem. The scam check app that we just announced is a full platform for protecting consumers from scam, from deep fake, from SMS filtering the tax message filtering and the web filtering, all of that is consumer attack service are fully protected by Trend Micro. And this also is consumer business transformation. I will just take a small example, not more, but our ANZ, Australia and New Zealand business, where we have the consumer business. Now we already have 15% of the sales of our packaging in this market is the non-AV, it's only scam. We are talking about a scam business and 70% of the sales is 80 plus scam. So altogether, you can see mostly, we already transformed 85% of our customers utilizing our new scam services, and we believe scam is the biggest problem now in consumer, and we will start to do this transformation. Business wise, this scam check before our VirusBuster business is mainly on the PC, but on the [ PM check ], this attachment to the smartphone devices and it's mainly the subscription model. So in average right now is about $5 to $6 per month per device. That's our consumer, so you probably will ask me if 20 years ago, you already have the vision, why wait 20 years to come to this proaction security is all because AI is making it possible now. For 20 years, the data plans continue to evolve, the analytical plan need to enable us to make meaning of all these huge data and structured data. And then finally, we can apply the control plane on to it so that you can have customized view of your own data, your own attack service. This is why we now can do it by utilizing Gen AI. A lot of people might think what and why Trend Micro can do it? Actually, if you think about Gen AI, it's the difference between Gen AI and previous rule-based machine learning is Gen AI is able to understand the data, the meaning of the unstructured data and Trend Micro's business, antivirus on the whole security stack, network firewall is on the port level. IPS is on the on the protocol level and antivirus is actually on the data, on the content level. We need to understand the content of the network traffic what's inside a spam mail? What's inside a file that contain virus. Those are the content level. And that's why Trend Micro has invested heavily onto this content analysis data and structured data analysis. Since 2005, my project called minority report was already using FPGA trying to solve that problem, and then we implement using GPU in our server protect products. And all of this is our accumulated knowledge and understand of why we need to use AI to do security. Not only that, we did invest a lot of our talents, and we continue, we recruit and train and energize our engineering that had very good knowledge about how to use AI. So it's really not like we just jump on the wagon because it's hot topic about AI. So we're doing the AI. It's actually we invest in AI, and we know how to use to solve cybersecurity problem. That is why we are very proud that we say all of our products now are powered by something we call Cybertron it's cybersecurity AI, and this AI that can think like cybersecurity expert. Later on, we have our privilege to have our Chief Architect, Jason that will explain about this Cybertron, how we design this Cybertron and it's the power behind or Trend Micro's product. So you might also ask me, right, okay, you do this, but how about all the cybersecurity company, why only Trend Micro can do it, I will say, Trend Micro is the only cybersecurity vendor that is the leader in every of this security stack from e-mail security, endpoint security, IoT security, vulnerability management. CNAPP, we actually are on the CNAPP market, we #1 in the market share. All of this, we are in the leader quadrant. What it means is we have enough customer experience on each of those stacks, and we have enough knowledge of all of these different e-mail threats or endpoint attack or server in the cloud attack, all of this knowledge need to be connected together so that we can do -- connect the dots to predict the attack path. So cybersecurity is a [indiscernible]. It's not a point that you can do. And Trend Micro is the only cybersecurity company that are in the leader quadrant of all of this necessary point. That is why Trend Micro can do it, but even more important is why Trend Micro can break all this product silo and integrate it into a true data plan control plan. That is because of Trend Micro's organization is a very unique organization. I'm very proud of Trend Micro's overall, organization architecture that we call Web Review, where we can share our knowledge, see this ambition and willing to be the breach to connect all the dot together. I think that is the real core competence of a cybersecurity company. And so today, we will have our global HR head, Claudia, also explain about what is that core competence lying behind that the Cybertron that would enable Trend Micro to do. So I'd like to say, I believe this proactive cybersecurity is needed and is finally can be done now. And that is the real solution. It's a paradigm, new paradigm change for cybersecurity. We can finally be proactive and break that difficult balance between the IT operation and the cybersecurity need to preemptively provide our customer the best security, proactive security starts right here right now at Trend Micro.

My name is Jason Yueh. I'm the Senior Distinguished Technologist of Trend Micro. Today, I'm here to give you a presentation of what Trend Cybertron is. Well, we know AI is a powerful tool. But we need to know the problem we are solving first before we talk about tool. So before we dive into Cybertron, let's see how the cybersecurity industry evolve and how the AI fit into those solutions along the way. As Eva mentioned, the cybersecurity solution evolved from reactive but essential protection feature, to detection and response and to proactive security. The problem -- the complexity of the problem we are dealing with also evolve from finally this decision like malicious or not based on specific content like files or e-mails, to suspicious activities in the great area that require detection and response to do further investigation to proactive risk management prioritized based on the holistic security posture and also business context. So as you can tell, the more right-hand side is the more context we need to correlate and more uncertainty we need to deal with. And we humans are good at dealing with those uncertainties and correlated context, right? How AI fit into the solution. As we know, the supervised machine learning is good at classification problem. For example, rasomeware detection, malicious or not. On the other hand, the supervised machine learning can help us to find those suspicious activity anomaly activities. However, those 2 machining technologies cannot correlate the unstructured context, Eva talked about before, which is required when we deal with a problem with ambiguity and uncertainty. That's exactly why we want to use generative aI to think, to corelate, to pivot and validate, that's the [ humor ]. Okay. So Eva talk about the importance of the security that fits and AI is no exception. So by using the AI that fits, we can greatly improve the productivity of the SOC team and mitigate the problem of the staff or skill shortage, okay? And Trend Cybertron is to solve that problem. Trend Cybertron is the cybersecurity specialized AI that identifies your risks and secures your future. This cybersecurity specialized AI is powered by our 35-plus years of cybersecurity experiences across file, web, e-mail, network, mobile, AI and more. It's also powered by our campaign intelligence covering APT groups, cyber crimes, attack techniques and of course, our #1 ZDI vulnerability intelligence. And we are also AI veterans, as Eva mentioned, we're starting to use supervised machine learning for anti-spam problem back in 2005. And then we move on to do the ransomware or phishing detection using machine learning, anomaly behavior detection. To recently, we use generative AI to build a companion AI assistant to boost the SOC performance. And also, we use generative AI to prioritize all the risk to make your cybersecurity more resilient. So by combining those 2 powers together, Trend Cybertron is the most powerful cybersecurity specialized AI in this industry, okay? So now we know Trend Cybertron is powerful, but how exactly Trend Cybertron can identify your risks and secure your future. Well, we know AI is powerful, but we also know the visibility data is actually the foundation, right? Without the visibility data, AI is likely to generate hallucination. So I'm so proud that Trend Vision One, we have the most unmatched visibility in this industry. We have the broadest coverage of our Trend Micro native sensors from endpoint, identity, e-mail, cloud network data, AI and more. And we also support those third-party locks to maximize the value of your current investment. Not only we have those unmatched visibility, Eva mentioned that we are also the leaders and the most trusted vendor in those categories. So you may have a question, so how Trend Cybertron can well utilize those intelligence data or the visibility data we have? To answer that question, we need to know how Cybertron works. So the Cybertron large language model is fine-tuned by our cybersecurity intelligence data, our Vision One knowledge and also the Vision One data schema. That's why the Cybertron [ ASRM ] model can understand our intelligence data better and understand the Vision One data better. Note that our responsible AI policy does not allow us to use customer data to train or to fine-tune our [ ASRM ] model. Here, there is no customer data involved when we train the model. In addition to the model, we also built an agent. The Cybertron AI agent served as a proxy of the Cybertron model to the real world, it has 2 main capabilities. The first one is about planning. When dealing with the cybersecurity problem, the Cybertron agent working together with the model can break down a sophisticated cybersecurity question or problem into several smaller steps, divide and conquer. The second capability is learn to how to use the tools when executing each step of the plan. For example, we can use the tools to query the latest intelligence from our repository. We know that we have new threats every day, right? And you don't want to train or fine-tune your large language model every day. We can also use tools to query the visibility data we have in the Vision One data lake, and we can implement proper access control and business logic here to well protect the customer data. For sure, we can also use tools to take remediation actions. And the agent together with working with model can also do the further validation and summarization before we return the answer to the customer. So that's exactly why the Cybertron agent and model working together, we can much better -- do the much better planning when we solve the cybersecurity problem, and we can use those tools provided by Vision One much, much better than those foundation models. And we are not using a single agent to solve all the problems. Here is a diagram demonstrating how we -- how the multiple agents can play different roles and collaborate with each other to solve much more complex problems. Okay. Now we know how Cybertron works. So let's walk through some use cases to give you more solid ideas. The first use case is about XDR story. Let's say I'm a CISO. I want to know if I'm a victim of a latest campaign, let's say, Sea Haze, [indiscernible] Sea Haze is actually a campaign name. All I need to do is to key in this question into the Vision One Companion AI assistant powered by Cybertron. So once the Vision One Companion Assistant got this question, the Cybertron will do the planning and break down this question into, for example, 4 smaller steps. The first step is, of course, to query the latest intelligence from our repository using the campaign name Sea Haze. Once we have the threat intelligence, the AI will learn, hey, let me try to do a sweeping query using one of the IOC of the CMC address. And this time, it's an IP address to query the Vision One visibility data. And this time, there is no hit, no result return. And the AI will learn, will pivot just like a human, Oh, if I query IP, there is no return. How about let me query another tool name. The Gh0st RAT is actually another tool name used by this campaign. And this time, there are result returned. But the AI will do more. It will try to pull more context. For example, those observed attack techniques on those impacted devices, which is OAT means here observed attack techniques. And the AI can get more context. Once AI has all those information, including the context, the Cybertron will learn how to do the further evaluation to make sure that this finding is actually relevant to the campaign Sea Haze. And if Cybertron think, oh, it's a possible hit, then it will again use tools to take the suggestive actions and then compile all the findings into a report and return it to the CISO. So this is an XDR story. This explains exactly how the Cybertron works like a human. Let's see another use case for the proactive security. How Cybertron can make your cybersecurity more resilient for the future attacks. We know we have tons of visibility data. So the Vision One can build a massive comprehensive asset graph together with the associated risk events. Then we can try to identify the most vulnerable entry points and also those most variable critical assets. So we can build a possible attack path in between those vulnerable entry points and those variable assets. But the problem is usually most of the time, those attack paths are simply too many to deal with. We need better prioritization. That's where the Cybertron came into play. By using the Cybertron and those tools, we can calculate the risk score, as Eva mentioned, by evaluating the likelihood and impact of each attack path. For example, I'll give you one example of what the likelihood means. For example, we have 2 vulnerabilities. One is remote core execution. The other one is local privilege escalation. We know that remote core execution is much easier to leverage for lateral movement than a local privilege escalation vulnerability because if you want to use the local privilege escalation vulnerability, you need to find the other way to compromise the endpoint first. So that's not that easy to use. So that's one example how we evaluate the likelihood. As to the impact, it's quite straightforward. It's the number or the importance of the critical assets, this particular attack path these to. So once we have the risk score calculated, we can now prioritize all the attack path according to the risk score and then prioritize the event -- where the risk event associated with those attack paths and take the suggested remediation action accordingly. So by removing or by remediate those most risky attack path, we make your cybersecurity much, much more resilient for the future attacks. So just a quick sum up. The Trend Cybertron is the cybersecurity specialized AI that identifies your risk and secures your future by the unmatched visibility, the AI-driven prioritization and remediation. All right. So that's all for my presentation. Thank you.

Thank you, Eva and Jason from dream to reality. You can't help but be excited about this game-changing technology. Can you see my charts okay? One year ago, we had an investor conference, and we laid out a plan that we referred to as balanced growth. What we said we would do is we would focus in on some capital allocation. We issue a special dividend, initiate a share buyback, maintain our existing dividend policy as well as take a very methodical and calculating approach to looking at our operating expenses and finding efficiencies overall. And we would do all of that while driving the topline business as well. We call this balanced growth, and I'm so happy to report that we've been executing on that flawlessly. If we think about the market landscape, you just heard Jason talk about what we are doing with AI. All companies are exploring how to leverage AI. And we believe strongly that, that is really going to help us from a business standpoint because companies need to think about how to protect it. So the AI increase in spending will overflow onto us as well. We're also seeing another dynamic and Gartner supports this, where many customers are thinking and rationalizing the number of security vendors that they're working with. They're increasingly taking a platform approach and positions us really well with the strength of our Vision One platform. And then finally, in terms of priorities, we can look at the top 12 priorities and trend has the capabilities in all of those priorities. So we feel like we're well lined up from a market standpoint. It's not just us saying great things about our platform, whether it's endpoint, cloud, network, and this new category called attack surface risk management, we are in the leaders quadrant in everything. We've got a proven track record of driving revenue growth, and you can see this over a 10-year period, and that will continue. We're going to finish this year with about 80% of our business coming from the enterprise part and 20% from consumer. In terms of year-to-date, why I was so bold and said that we've been executing flawlessly, we are in a good spot. Net sales for year-to-date are up 10%. Operating margin increased almost 50%. Now we're running 20% overall operating margins. Enterprise growth has been good fueled by our success with our Vision One platform. Consumer, we laid out a strategy that talked about increasing our margins, and you can see that we have been doing that by increasing the overall ARPU. We also laid out sort of a high-level income statement to give you an idea of where we thought we would be moving towards. And you can see our 2024 estimates as well as a gray column there that shows the progress that we've made year-to-date. Nice improvement in reducing our overall cost of goods sold from a sales and marketing standpoint, we really identified that in getting this entire platform adopted, we implemented kind of a flywheel approach and if you're familiar with flywheels, it takes some effort to actually get the flywheel moving, and we had introduced a number of overlay teams in order to push and get that going. And the big change that we made on the sales and marketing side is identified that the overlays were no longer required because we have momentum now with the adoption of our platform. You can see that we're maintaining our R&D investment. We fundamentally believe cybersecurity needs to have a substantial amount of R&D investment, and we're continuing that and then on the G&A side, we really found quite a bit of operational savings with facilities and tools and also related to some contract manufacturing. So we feel like we're in a spot quite nicely in order to hit our 2027 objectives. Let's talk about the 2 different businesses from an enterprise standpoint, Eva and Jason both talked about our overall Vision One platform. We have these 11 modules within it. Each one of these is a sellable component. So we're fixated on landing within a customer, the Vision One platform and then expanding across with more and more module adoption. From an enterprise standpoint, we divide it up into large enterprise and small enterprise. And you can see that the growth has actually been coming from the large enterprise. But we remain convinced that there's growth in small enterprise. It's not like small enterprise does not have cybersecurity challenges as well. So what we're doing there is we're actually in October of this year, we announced that we have commercial available product. We've introduced our Vision One platform to MSP partners that sell to small enterprises. We believe those small enterprises can also benefit from all this wonderful powerful technology that we have in Vision One and that by going through the MSP partners, that is the way to get it to them. We have over 100 MSP partners now that have been enabled and are starting to sell. And we know that whenever we land with a customer, we end up with 2x the ASP. So it's a really big focus of us of ours, and we think that, that's really going to help us on the small enterprise in 2025. In the larger enterprise, we have a very big installed base. And I've said on many calls that we've been very, very focusing on how do we make sure that our installed base is realizing the potential of our overall platform, and we're doing the best that we possibly can on stopping those threat actors. The reason why we've been fixated on it is because the addressable market inside our installed base is still $6.4 billion. So I know that there's a lot of business that exists inside our installed base. What we did was we started to look at our installed base and segmented it based on how much business is the customer already giving us today. And you can see we've done a really good job of landing Vision One with our strategic customers. Those are customers that are giving us over $100,000 in ARR every year. So that model and making sure that we're getting as many of them. We're doing a pretty good job at commercial as well at getting Vision One attached, where we have some work to do is around the volume enterprise. Vision One attach is sitting at 37% and we're starting to see Vision One attach actually increase. So 780 new Vision One customers year-to-date, but in the last quarter alone, it was 350. So we're really starting to get better at getting Vision One attached. And we know that when we do, we do a really nice job of expanding from there. When we look at the 11 modules, we have lots of potential that exists within our installed base with half of our installed base has one module. But we have been making progress. If I look at the module growth that we've had over the last couple of years, we're actually up at an average of 4.7 modules when Vision One is deployed. So it's been increasing nicely. And you can see with the bright red that it's the 4-plus modules. So we've been doing a really nice job of expanding within our customers that we have. There's one module in particular that is sort of the wrapper around Cybertron and what the capabilities that Jason talked about. And this is the module that gives us that proactive and predicted ability for customers to actually figure out what they should be focused in on. As Jason said, we prioritize it for them, and we offer up recommendations in terms of mitigating factors. Well, what we learned is that when this module is deployed, actually we do a much better job of expansion, and we're up at 6.4 modules on average when ASRM is actually deployed. So you can imagine that we are absolutely fixated on leading with the ASRM module because we know that, that really does help drive broader and deeper platform adoption. One thing new for this year and Eva kind of teased it upfront, while we've been very focused in on the installed base, we feel like with this revolutionary new technology that we have with ASRM, with Cybertron, with everything that's going on around platform consolidation, it is time for us to go after new logos. We tend to actually try to attach ourselves to the infrastructure players. And we have a proven track record of doing that with AWS, we're up at $2.1 billion that we have driven by partnering with AWS over the last decade. What's new is that we've now added support for Microsoft and for GCP, we're also leveraging MSSP channels. So IBM and Kyndryl both have large cybersecurity practices, and we're increasingly working with those partners, and they will be bringing us new opportunities. And then finally, if you've been following us at all, you will have seen that we are doing a lot around attaching ourselves to all things in video. They're the AI market leader. They have a very comprehensive ecosystem and working with that ecosystem, we are figuring out how we can get ourselves attached there. So these are examples of how we feel very good that we can go beyond our installed base and start getting our platform adopted by new logos. So you will see more of that in 2025. On the consumer side, this is the breakdown of the business. We actually have it divided up into 2 different regions. Japan being 74% and the rest of world at 26% and like I said, our strategy has been, up until recently, our strategy has been very much a margin focused. And the way we've been doing that is to really zero in on the retail on the different channels to market that we have, making them as efficient as possible and coming up with ways of driving that ARPU up. Going forward, though, we are going to see increased growth as a priority. And we think that all things scam, this is the transformation that's going on inside the consumer cybersecurity business, where endpoint protection is fine. You do have to have it, but increasingly, consumers are much, much more worried about scam. And we, with the power of our AI technology have been able to actually leverage that and come up with ways of helping out consumer customers. So we also feel like there will be more growth here. In terms of the road to 2027, it remains completely intact. I'm showing the ARR view of this world with $1.7 billion in ARR by 2027 on the enterprise side, $400 million of ARR on the consumer side. And we're truthfully in a very good spot relative to margin. We're already running the 20% margin, we've got some incremental savings that we will see in 2025 with some infrastructure changes that we've made in terms of our cloud spend and also some of our more expensive tools that we've adopted over the years. We're cleaning a lot of that up. So we feel like that's going to carry us as we grow the top line, we'll be in a really good spot to hit this 2027 target of 30% operating margins. Closing, we've got the platform and really, it's great to show on the left, our AI-powered platform, really, we should also be including our Cybertron, that core technology that we have, which is being leveraged by many of the modules built into Vision One, it's also being leveraged by our consumer offering. We like this approach of a balanced performance. So we are going to focus in on some increased growth as we go into 2025 in both our operating margin and some top line and we are fixated on driving shareholder value and making sure that we are also giving back to shareholders. So with our 100% net income distribution that we're planning for 2025. Thank you, everyone. Look forward to the questions at the end.

This is Omikawa speaking. So this is Japan business. Just to make sure, and as we have been mentioning, we have a percentage by region, Japan, 32%. And globally, Trend Micro is strong in enterprise. And we also talked about SMB another part of the business that we have. But in Japan, we have a business well balanced in all areas. So VirusBuster for a consumer that is 49%. And I'll be coming back to this 30% enterprise and SMB accounts for 21% of our business in Japan. So in the volume area, we are enjoying a good business. And this we have already shared in the past but for enterprise, we want to promote cybersecurity platform. This is ongoing. And as we have talked about, we will accelerate. And for SMBs safe and security in business continuity and growth. So like it was mentioned through MSPs, we would like to do our business. And for the consumers this is beyond device security. And I'll come back to this point later. But when it comes to Japanese market, with economic security and supply chain risks. And also regulation is somewhat behind in Japan. But there are Japanese companies who have presence overseas in EU and U.S., and they are ahead of Japan. So and when we -- sorry, I should have turned on my video. Okay. So it's now working. So for enterprise, this is for large companies with employees of 500 people and more, there are central government, local government and SMBs, if this is below 500 people. And then when we look at the market, we have about 7,000 companies in enterprise and out of which 58.1% are Trend Micro users. Whereas for SMB, so we excluded those companies with people for and below also between that size, there are 690,000 companies, and we have 37.1% of that market. So we have opportunity to grow. So we would like to drive our effort in that space. So now this is the policy for enterprise. Vision One, we want to promote further our trend Vision One. So it says modern SOC. We will enhance ROI with cybersecurity platform. So there are a lot of reference overseas. So we would like to share those references with our potential customers, so that we can penetrate more into our existing users. And also we want to focus on new logos next year as well. whereas for SMB market, SCR ASRM promotion. As Kevin mentioned earlier, or SMBs, by industry, they have compliance and security requirements that have been laid out by their parent companies. So that's the trend we see in U.S. -- sorry, in Japan. So ASRM and Vision One requirement is rising. And from last year, we started XDR for SMBs. And the reaction has been very good. Many customers are starting to use our XDR. So we will continue this momentum and work on existing customer as well as approach a new potential customers with our partners. And AI has been discussed a lot today. So Eva mentioned about 97%. And with CIO lounge, we did a lot of interviews this year. And as a result, 77%, especially in software and telecom industry, 97% of organizations are accepting or approving the use of Gen AI in their work. So there seems to be a lot of investment by the government and other companies, but the user side is also expanding and they're embracing AI. So we do receive a lot of comments when it comes to AI and many companies have started to say that Trend Micro is quite ahead in terms of using Gen AI in security. So I'm sure this will be a follow-in for us into next year. And next is for consumer. Yes. Trend Micro check beyond device security. So especially in Japan, there are a lot of scams and frauds, it's a social issue. So we would like to focus this and we launched this from August of this year, and our user is increasing. And now we are charging a monthly basis. So the business has been expanding, and we're trying to exploit channels, develop channels as well. So we want to diversify the channels that can provide anti-scam solutions. So we wanted to provide value through this as well. And global anti-scam alliance. We -- this is an alliance we belong to and also JC3 that Japanese Police is involved. We are also involved and also council for anti-phishing in Japan. We are a member of these associations and organizations. And we provide our comments and solutions to these associations and also, we are working with the police where, of course, the public has trust on, and we also have a long relationship with local governments. So together, we are enlightening the public So that is why in 2025, we want to start using new partners. And online is another channel that we hope to leverage. So this will be not in antivirus, but against this new social issue of anti scam, we would like to better support our users.

Okay. This is Negi speaking. Yes, we would like to spare time for questions. So I will just talk about the perspective of the investors, Trend Micro, what is it thinking of? I would like to just answer that question. Return to shareholders. In February, we gave you this explanation, but our basic policies that from net profit we would spend them all to return to investors and the payout ratio is 70%, and the rest will be used for share buyback. And so high dividend as return is what you can expect going forward. So I ask for your support. That's all, thank you.

Okay. Yes. So we -- while we are talking about you're Trend Micro transform from our products stand-alone company to a platform company, and we are transforming also our business model to ARR. So that's the time we also need to think about -- rethink what will be the organization be able to support our transformation to this new era. Yes. So in Trend Micro, we call this a new organization as a radio web organization. And I will take you through what is radio web organization. At the time, I think the challenge we encounter is as a platform company. We like to have the minority report to support our customer to see to have the total visibility on the data on their security posture. The challenge we encounter is we have a data silo without this data connected, how can we have total visibility but we start to realize the data silo is actually coming from our organizational design by products that's hinder people to collaborate and hinder us to share the data. But of course, no matter what type of organizational decide, there is always pros and cons fundamentally is the people. Can we -- how do we empower our people, how do we shift our people's mentality be able to support and also work as a platform company, platform organization. So that's the fundamental challenge we want to solve. And you go back to our philosophy, we talk about every company want to optimize their performance, and we all believe, especially in trend, we believe, everybody has the potential. Everybody are unique, everybody are different. So we are the company to unlock everybody's potential and to remove the interference. So we start to think our current organization could be an interference. We interfere, we limit people to share the data. But fundamentally, we inherit, we limit people to unlock, to contribute to this platform transformation. That's why we start to introduce the radio web, we start to rethink what will be our organizational design. So along the way, there are a few principles we keep in mind when we decide this new organization. So in this platform, in its AI era, we need to be a very, very responsive, very, very agile organization. We cannot afford to go with a very traditional hierarchy layers approach. So we think about what will be the agile and face bonding organization so we can embrace the challenge, embrace the competition, embrace the speed. And by doing so, we feel this is very important. We have all this -- we need to communicate very transparently, and we need to communicate very directly to all trenders around the company. So everybody hear the same message, everybody hear the same directions and everybody can empower to make their decision. They are all experts, they make their decision, right, so they can contribute to this transformation. And when we run very fast, it won't be perfect all the time, sometimes we will make some mistakes. So we also start to think about it. We need to have a listening and feedback culture. So we will be able to early detect what goes right, what goes wrong, and we can immediately take corrective action. So bearing these 3 principle and guidance in mind, we start also to transform our organization to support the business transformation. And now let's take us to the radio web organization. This is a very unique design. If you take web, think about the radio -- spider web, it's connected, right? So the whole web hold the pressure, the whole web collaborate together is very resilient and very responsive. When you see a pressure in one side, the other side will immediate organic find out the balance. That's how we take web as a concept. And I will say 3,3,3. So there are 3 principles, so we make decision by data. We are not make decision by your position or your authority because we go transparent and because we have data all available, we believe everybody bringing expertise, they can make the best decision. While AI is there, technology is there, but all the minority reports to how do we prevent and proactive detect. So we bring in the empathy to customer. It's not only the core technology, but the most important is use technology to solve customers' pain points and then we encourage everybody have the courage and brevity to make a decision, to make a trade-off. So those are the 3 principles we talk to everyone. And by doing so, we don't talk -- we talk about your role. We don't talk about your title. So you build something, bringing the value to the customer. You breach is a connected organization. everybody reach out, everybody connect the dots, everybody connect the heart. So that's the best way to break the silo -- it's not, hey, this is your role, that's your function. No, it's all our role, all our function to support and to contribute the whole. And then in this web organization, we feel especially in cybersecurity, the inside actually so important investments resonates in everybody's mind. So how can everybody as a teacher to share to share and to spread your insight. And of course, you are as a teacher and we expect everybody also as students because things change so fast. So we share, we teach. But in the meantime, we also learn, we also be humble as a student. So that's the role we promote in this company. And then given this organization design, there are 3 charistic, we try to grow and we try to strengthen, it's connected. You can see this work. It's not hierarchy. Vertical, it's all connected. You don't see the layer in this organization. It's very agile. It's very flat. So that's our key characteristic. And you might think about when it's go to implementation, how it's run. I think our first step, we need to make the organization flatter. So we reduce layers. And then when you go to the real operation, you can see though you have your function, that represent your expertise. But everybody, every day, we have different mission because of the mission, we form and reform. We mobilize the experts together to achieve the mission. That's how we operate. And if you go to the customer side, different customers have different pain points, then we bring in the different experts. We have salespeople here. We have technical experts here. We have solution experts here. We have marketing here. So we are customer centric to support customers to success. That's how we bring in the radio web into the real operation. Yes. And then I talked about communication, right, go direct communication. So you see, hey, our communication is not top-down layer by layer. I come from manager to communicate to their manager, the manager communicate to their manager. Now our communication is based upon who are in this mission and then who should participate and who should know. So you can see we communicate by this run, by this circle. Of course, in any organization, you will have some of the strategy you need to discuss, you need to debate. So we have this so-called coffee mate coming from different functional leaders, and we discuss, we talk about strategy. And then we have our one level down, we call [ NAPA ]. So that's how we come together. We don't call very serious name because we want to have a very safe environment. Everybody can bring in their opinion to the table, so -- and then can change opinion. So we also have the [ NAPA ] 35 meetings. And then, of course, we have your function, your segment, those kind of meetings. So by different purpose, then we gather all different people together and we discuss things at different levels. And I talk about go direct, go transparent, right? So in Trend Micro, we -- since COVID at the time, everybody locked down, right? We start to do the global forecast. Since then until now, every month, we are very disciplined. We do 2 global forecast. One we call Super Wednesday because it happened on every Wednesday, one is the morning time, one is evening time in West and East time. That we go direct to communicate what's going on in this organization. We update what's going on in this organization. And then also, we also have one we call Master Class because we talk about teacher, right? We share, we learn. So every month, we also bring experts to share their knowledge, to share their expertise, and then we can all grow faster, we all growth together. And by doing so, we run very fast, and we are experimenting the new operating model, new organization and new leadership style. So we start to also want to hear what's going on. Are we on the right track? Any alarm that we can earlier know and then we can take corrective action. So we also start to run trend vibe. We run this on a monthly basis, but every trender will be invited twice a year to respond to this trend vibe and given this transformation, we see -- keep it short and fast is very important. So 2 questions we ask is, did you find your job engaging because we want to keep everybody feel they are doing something meaningful. And also during this transformation, things keep moving, keep changing. We also want to know everybody know that the data we are fighting for, what's the goal they contribute. So we also ask, hey, do you know how your job connect to the bigger goal. So all this organization, we also reinvent the design. We rethink the working style and also we reinvent our communication model and also we introduced the listening culture in this company. That's all my sharing. Thank you.

Kikuchi from SMBC Nikko Securities. I have 2 questions. One is about AI strategy, thank you for the explanation. Now in terms of your revenue, how much contribution is coming or is about -- is expected to come from AI? And I think ARR is being -- for IRR is at a certain level right now, but do you expect the potential of that coming up as a result? In other words, the contribution to the revenue is what I would like to ask you about. What is your expectation?

Maybe I can start and Mahendra, you can jump in I calculated the amount -- so about your first question, how much of our revenue is connected to AI. I've actually calculated that, but I didn't think that it was going to be that relevant to share because the number is so big. When you look at our overall Vision One platform, and those 11 modules and you look at our consumer business and what we're doing leveraging AI in so many different places. So it's over $200 million. So it's big in terms of how much of our revenue is directly connected to how we're leveraging AI. In terms of the numbers for next year, I hope you can pick up in our the sentiment that we feel very good with where we're at from a platform perspective. We feel good with respect to the market. And we're going to offer up guidance when we publish our Q4 results in February. We'll be offering up guidance then.

Now I'll add something. Actually, if you think about customer implementing AI, our security for AI is mainly when customers implementing AI, they change their operation, and therefore, they need some more security. So it's actually embedded in different topology of the network. For instance, their AI data center will leverage our container security to secure the AI data center. Their gateway will need to use our AI filtering capability which is we call zero trust, access control, security access. And those are fill into those modules. So there's very hard for us to say these are AI-specific revenue.

Okay. About the second question. The guidance will come out in February. I understand that. Now the current ARR growth rate is at 4% right now. And I think maybe compared to last year or since sometime it's going down, it's also the same for enterprise and all other segments. I don't know about the regional split, but now -- what is the timing of this catching up? The revenue growth 8% to 10% is your target for revenue growth. Therefore, ARR is right now at 4%. So maybe if the trend continues as is, maybe you cannot reached the target. So when do you think is the catch-up or the turnaround? So from Q4 or is it the next quarter -- first quarter or sometime in next year. I don't know. But the guidance growth the target rate will come out in February in your guidance, but the turnaround timing is what I would like to hear more about what is your prospect on that?

I can jump in and then Eva and Mahendra can comment as well. Yes, it's true that the ARR, it looks like it is plateauing. There's a lot of things that have been moving around this year, in terms of, as we've been doing our transformation and getting our operating model in place, and we feel like when you see our Q4 results and we see our -- you see our 2025 guidance that you will start to see that we're going to get some more uplift in our ARR. I can't give you the specific numbers right now because we are waiting to close out Q4. We believe in our guidance for the year that we're going to hit that, and we're going to finish strong and we'll build it from -- we'll build our 2025 plan from Q4.

I guess, all we can say is we are very confident on our road to 2027, and we stick with that and for 2025, 2024, we are confident that we can hit the plan. But maybe we are economics. We know it's going up, but we just don't know when.

Anybody else? We don't see any hands right now. yes. I will unmute please.

This is Watanabe from Mitsui DS Asset. So earlier, you talked about the organization and list layers. And it will not be a fixed positions, but the number of employees, so I think you see a reduction every quarter by 3 digits. So as you shift, yes, productivity may go up. And for existing customers, you're trying to increase the modules. And I'm sure rather than during new customers, that will be more productive. But there has been a huge decline in the number of headcounts. But right now, as you try to grow by geography, by a job positions. What are the gaps in terms of your head count right now? And for the time being, you may see a decline in the number of headcounts, but the top line growth as you try to achieve between 8% to 10%, I think you need to increase your headcount. So what are your views in terms of talent strategy or workforce strategy?

I can start, and I'm sure Eva and Claudia might have additional color. I think you are right that we do have plans to actually add head count next year. In particular, I know we've got plans to drive the growth, to add more on the sales side, so quota-carrying salespeople. We have budgeted for around a 10% increase in the number of salespeople that we will have as an example. But zooming out, I think it's about getting the right people in the right roles, and that's really what we've been fixated on. And Yes, it has created a net decline over the last couple of quarters. But we feel like we're getting the right people in the right roles and truthfully, we haven't felt more productive in terms of what we've been able to accomplish with our radio web flat organization, right people in the right roles, delivering on a single vision that we have. So yes, we will be hiring more salespeople.

Yes. And that was the reason that we -- especially this time asking Claudia to share what is that web organization look like. The right person in the right mindset, the productivity increase. And I know people are worried about why our employees going down. But I think the key is we have the right people, and we are doing more things, and we achieved a lot of innovation in the cybersecurity area. So that is the power of the web organization. We break the silo and increase the productivity of everybody.

Okay. Thank you very much. Maybe some employees may hear this call. So it may be difficult for you to say very clearly, but perhaps IR person said there is no point in splitting the profit. But in terms of revenue, so perhaps a profit is better to see the breakdown. But in terms of revenue on a local currency basis, if you simply split by the headcount. U.S. seems to be the only region that is going down in terms of productivity. Other regions are improving. But like I said, U.S. seems to be low in productivity. That's what I see. So from last quarter 4 to quarter 1 of this year, you went through restructuring. However, it seems like productivity is still low. So if you could explain about by region strategy or what ideas do you have in terms of workforce, that will be helpful.

Okay. Yes. From an Americas standpoint, so if you look at the Americas geography and then you're specifically asking about the U.S. we have made substantial changes, and we saw tremendous growth in Q1, 40% growth in Q1. We are getting the model settled in terms of driving the top line and I fundamentally believe you're going to be very surprised whenever you look at the annual number of how the Americas finish at the end of the year. So getting the right rhythm is what we're focused in on. And we will finish -- I'm confident actually -- in the U.S., we continue to drive for double-digit growth. So that -- we will finish well. In terms of when you just take the revenue and divide it by the number of employees in that region, that can be a little bit tricky because we have research and development campuses across the globe and in particular, we have one in the U.S. So if you're trying to measure sales productivity, it's not a great metric to be using to actually doing the math that way. We happen to have a very powerful R&D organization in the U.S. So we don't look at it that way. We look at the productivity globally about how are we doing. And like even I were saying earlier, it's the right people in the right roles and we don't really know geographic boundaries other than a salesperson who owns a territory, everybody else is completely fixated on global.

So as Kevin mentioned, if it's a simple division, it's difficult to understand the reality. So -- of course, in the U.S. -- in Americas, of course, it has R&D, which means there needs to be adjustment. And if we look at just the sales per head count sales, we track that. So productivity of sales and by development, we follow that by division.

It doesn't have to be the exact number, but maybe like a chart or graph, that will be helpful if you could share those information with us. Thank you very much.

Thank you very much. In the interest of time, we can entertain only 1 more question.

Okay. So I am asking

Yes, unmuted. Ueno, we can hear you already.

Ueno from Daiwa Securities. Can you hear me?

Yes, we can hear you clearly.

Okay. Very simple question. The medium-term business plan was announced. And I think labor cost is fluctuating in different parts of the world and R&D. ARR is declining, but then R&D ratio is at a certain percentage. And in terms of absolute value, maybe you run short Considering the AI developments, maybe you need to increase the R&D budget. So since the time of the medium-term business plan. When you're after, the external environment has changed. So what about the guidance for next year's midterm plan? I think it will come out in February next year. And is there a possibility that you will make adjustments there? Or do you keep it intact. In other words, do you keep it as you have stipulated in the previous medium-term plan?

Okay. So let me comment on the first 1 first, and then others can follow. So the thinking, we want to reflect the reality. Kevin talked about this a little bit as well. 2024 profit margin -- operating margin has improved, and that was our target. Therefore, the sales of the new customers that we want. We're focusing on their, therefore, there will be some adjustments there, 2027, the road to '27. We are working towards that. And so maybe it would be difficult to really have the exact same number. In other words, adjustments on the way -- along the way, it would be necessary, but we will still try to reach the target.

Okay. So for the final year of the medium-term plan, you want to commitments but you're saying that the external environment will change. Therefore, you will have to look at the situation next year, fiscal year, and you will make necessary adjustments. But we should keep that in mind. Yes, the environment is changing and will change and so we have to look at that situation.

Okay, very clear. So, yes. Because -- I ask this question because we have to come up with certain numbers towards next fiscal year. That's why.

Thank you very much. There is no further hands up. So we would like to close the Q&A session at this time.