WithSecure Oyj (WITH) Earnings Call Transcript & Summary

Good afternoon, good morning, good evening, wherever you may be. A warm welcome to F-Secure's Capital Markets Day. This is the first one that we're doing as an independent company focused on consumer security. So this is an exciting day for us first time. And hopefully, this also gives you kind of depth into our business and the way that we're approaching the future and our journey to independence. So let's get going. Our agenda today consists of myself giving an intro to what kind of a company we are today and what is our business, what is our business model. So we're -- in a way, we'll go through the fundamentals, what are we like as a company. After that, as we're becoming independent, we've got a lot of questions from people like yourselves in the room here and many others about how are we going to be capable of being independent in terms of technology and cybersecurity capabilities. And our Chief Technology Officer, Toby White, will be talking about that after me. Then we'll have a 15-minute break. Those in the room will get a bell so that you know when to get back. Those in the webcast will have a counter so that you know when we start again. After the break, I will be digging a bit deeper into our growth strategy, how we're going about building a bigger, better, stronger F-Secure. And we'll finish off by our Chief Financial Officer, Sari Somerkallio, who will be looking at how we are actually creating shareholder value and looking more deeply into the figures of the company now and towards the future. Then we'll have some closing remarks and a Q&A. And just so that you know, after each session that me and Toby and Sari will be running, we'll have a separate Q&A right away. That may be a little bit shorter. If the time isn't enough for you to pose your question, either from the room or online, we will have a longer Q&A at the end, okay? So worry not, you will have your chance to pose those questions. So this is what we look like. You will see enough of us during this afternoon. This, as always, is our legal disclaimer. You can find it in the materials afterwards. I will not go into the details with regards to this one, the typical language that you would find in these situations. So this is a new era for F-Secure and goes without saying that the level of excitement within the company is very, very high. We're very excited about the future and feel that we are indeed starting a completely new kind of an era. And it's a funny thing that you're 34 years old as a company and you feel like this is a new start. We feel like a start-up. These are the some of the things that you can see on the slide. what makes this such an exciting moment for ourselves. First of all, we believe that we have a mission and vision that is inspiring to provide brilliantly simple experiences to our customers and partners alike. It's funny how this kind of a vision can become the organizing thought around everything you do in the company, and we can already see that. Secondly, what we do in cybersecurity and what we do in our technology development, now everything is purpose-built and optimized to serve the needs of consumers out there and our partners who are taking our services to consumers. Optimization is also very good. And then one of the bigger things that hopefully becomes clear during the course of this session is that we are very much a partner-first type of a company. And for anybody out there who has a large amount of consumers and they would like to extend their own offering to also include consumer security services, we want to be the absolute best partner for them. If they want to build a successful business in consumer security, we're the partner to help them do that, not only with our offering, but the business capabilities that we can offer to them. And finally, we have a very strong financial position already to begin with, and that provides a fantastic base for value creation for our shareholders. And also, it gives us a chance to build a potential M&A pipeline going forward. Now we've been working on lots of things in addition to the day-to-day business in the past, let's say, 9 months that we've been working on the demerger. And one of those things is that we've started looking at what is the new identity of F-Secure now that we're 34 years old. And we've been one thing, but now we are going to become a completely new kind of company, and that identity has now been turned into a video that we will share with you as a sneak peek. We will be launching this officially in our annual global partner event in September, but you will get a sneak peek to what's in store. So let's have a look at the video. [Presentation]

A bit different, hopefully, from what you've -- you're used to seeing in F-Secure. This, in a way, shows you what we talk about when we talk about the brilliant experiences that we want to provide. We wanted to be holistic, we want to touch everyday lives of people and be capable of serving all the needs that they have. But let's move on then. So all of the things that you saw in the video are according to a new brand identity and a new vision of the company. But all of that will be turned into reality in the next 3 months or so and then launched into everything we do starting from September. So in this presentation, you will still see the old logo and the new logo a little bit as a mix. Don't get mixed up. Then moving on, so now let's talk about the company, what kind of company are we today and what are the basic dynamics of our business. So this is F-Secure at the glance. At the bottom there, you can see some financial numbers from 2021. At the top, you can see other descriptors of our business. To put it short, we're a rock-solid company, EUR 106 million of revenue, 44% EBITDA -- adjusted EBITDA last year. We're already very much a modern SaaS type of a company with 98% of our company revenue coming from subscriptions. The rest is services, onetime services and very good cash conversion rate at over 90%. In terms of descriptors of our go-to market, we are the #1 partner to communication service providers out there. We have 130 partners across the world. Altogether, 170 partners. So 40 of them are from other fields. More about that later. We have about 16 million subscribers across the world today, and our retention rate is very high among our customers. Our revenue is split roughly 20% direct business, 80% partners. In terms of geographies, about 1/3 is coming from the Nordics, about 50% from other countries in Europe, and then about 20% from Americas and Asia together. We're seeing fastest growth in Asia, North America, actually. So that, just very quickly. So why demerge? Is it a positive move not only for WithSecure, but also for F-Secure? Absolutely, it is a very positive move for us, and we look at it as a huge opportunity to grow the business to new heights. First of all, we see that now we can be a very customer and partner-centric, market-oriented company with capability to invest for growth. We have strong finances. Now we can actually invest more of that money towards our growth. We have set the bar higher than ever before. We want to lead the market in providing brilliantly simple experiences to consumers and partners alike out there. We want to be the best. We have over 350 people today who can be completely focused on developing technology and cybersecurity, specifically for the needs of consumers. And finally, we believe that we can actually now accelerate our strategy execution quite a bit because of that focus, and because of that capability to invest into the things that are important for us. And naturally, that creates shareholder value. And this is the team that we built, the F-Secure dream team to deliver on the promise. So what we've changed now to drive market centricity and customer and partner centricity is that we've created what we call product business sales. We have 2 of them, one called security suite. If you think of what F-Secure is known for, it is the applications that you download into your devices to keep you safe. That's what it means. All the applications that you would download. And secondly, network security. If you think of our offerings, you may be familiar with words like or products like safe, freedom, identity protection key. They all fall into the security suite category now rebaptized TOTAL. And then in network security, our core offering is SENSE. Our security capability that we embed into wireless routers in homes to keep people and devices safe in connected homes. But to make sure that we're not just shooting bullets out there that go crisscrossing into different directions, we have portfolio management that pulls it all together and builds a coherent value proposition for the company and looks into what else should we do, to what kind of direction should we go with our offering. Portfolio management is also looking after the customer experience across everything we do. They're also looking at how can we harness data better to support the everyday life of our end customers as well as our partners. And they build the business support services that our partners need, okay? So that's -- those are the roles. And portfolio management is run by a Dutch gentleman, Steven Offerein, based out of London; security suite by Michal Iwan. He comes from Poland, based out of Warsaw. And network security by Dmitri Vellikok, who is based out of the New York region and just entered the room over here. Then all of the things that we drive in these teams, all of it consists product management, R&D, business development, product marketing, product concepting, all of that comes together in the product business sales and our functions support them. So Toby White, our CTO, supports it through our common R&D and our labs, which runs research. He'll tell more about that. Our premier marketer, Richard Larcombe, based out of London, is our Chief Marketing Officer. And Toby, by the way, even though he's Scottish, he's based here in Helsinki. Our 2 business leaders, partner business is run by Paul Palmer. He's from the U.K. and based out of London. Our direct business run by Perttu Tynkkynen here in Helsinki. Finance and legal run by Sari Somerkallio, who's going to be presenting today. Sari joined us in February. People and culture run by [indiscernible], who joined us, what, 9 days ago. Also out Finland, Mikko Kestila has been with F-Secure for quite some time. He runs IT, our information security and customer support. And Antero Norkio, who's also here today, he runs our corporate development, including strategy process and will be developing a potential M&A pipeline for us. So that's the team. All of us have the same incentives and targets. Revenue growth, adjusted EBITDA and employee NPS, that's what all of us share as common targets. Then moving on. Let's talk a little bit more about the consumer security experience. It's broken. We didn't have a chance to talk before we came into the room about how broken it is. But when we run surveys, when we talk to our partners, when we talk to consumers, especially across the world in different markets, they are very concerned about the Internet being such a scary place and they have concerns. Am I safe? I'm using this service. Does that keep me safe? Do I need something more? I have something on my mobile phone, does it keep me now holistically safe? People are confused. They are asking for help. Three out of 4 people are asking for help in terms of how do I fix my online security. And finally, tech savvy people. 72% of tech savvy people say that it is practically impossible for them to secure themselves. If tech savvy people say this, what's it like for our siblings and moms and dads and kids who are not necessarily quite as tech savvy as we are. So this is not how it's supposed to be. There's tons of good technology. There's tons of good cybersecurity out there, but it doesn't make sense. For some reason, it doesn't make sense. We're not effectively doing the job we should. We're speaking techno language, the benefits of using and having the applications and services in place is a bit unclear and there is a lack of engagement with people. People don't quite know what's going on. Therefore, we set the target for ourselves and the vision to become the #1 consumer security experience company in the world. Now pandemic has made things even more complex and people are actually now pivoting more and more towards clear, understandable, relatable services instead of going with even more complexity. It's been enough, thank you. And based on a media agency out of the New York survey, 57% of people are actually willing to pay a premium to have a simpler experience. So simplicity makes business sense also. And these experience principles may be self-explanatory, but just to repeat them, experiences need to be personal, rewarding clear and smooth or fast. That's what we mean by it. And it means every single aspect of consumer security. How do people find it? How do they buy it? How do they take it into use? How do they make sure that all of their family members are secure? How do they understand that it's actually delivering value when they have the service in use? If they want to discontinue how do they do that? Hopefully, they don't need to do that, but even so. So this is what we mean by great security experience. And like I said, it's now our organizing thought. And this will be our journey. It's not something that we will, come November, we say, "Hey, we've cleared it. It's all done." Absolutely not. We will embark on a journey. That will take us quarters and years and years, but we want to be absolutely the best in the market. Now one of the points on the previous slide was that people are wanting help with their online security and how to get that fixed. Who do they go to? Who are you going to call, right? Not Ghostbusters, but they call their security -- sorry, service providers, and 2 out of 3 actually feel that their service provider should be the natural place. They provide already connectivity to them, then why not also security? So this is a good thing, especially considering that for us, communication service providers are a core part of our partners. And we have over -- well over 15 years of experience of working with them. Then about the market. It's big. It's big enough. Our revenue, EUR 106 million. The current market size is somewhere around between EUR 6 billion and EUR 7 billion a year, and this is the consumer spend. And the consumer spend, according to Gartner, is going to be growing about, what, 3.8%, about 4% a year. So it's a big enough market for us to, a, win market share and also be successful in new pockets of the market. And on the right, we can see some of the new pockets of the market. So one of them is identity theft protection. And that market in itself is not only -- it's not all cybersecurity. There are also things like just safeguarding your social security number or your credit cards. But then there are many aspects there that have to do with the credentials that you use when you're online. How do we know that our credentials are safe, that they haven't been hacked? This is a huge market. And a part of that market, which is growing fast, has to do precisely what we're providing in our identity protection services, and that's growing much faster than the consumer spend of 4% increase. Also another bucket that is growing at a good pace are the wireless routers that are delivered into people's homes. They have a relatively long life. I mean, think of the routers that you have in your home, how many years have you had them? But 260 million new ones are being shipped every year, and these new routers start coming with better capabilities to, for instance, support containerization, which is super important to be able to provide software and capabilities into routers in addition to just routing traffic. So that's a huge enabler for us and helps us grow that market. Okay. Then what is it that were serving our end customers with, the consumers out there? So the all-in-one app, we call it TOTAL. If our partners take it to market, it's called something else. We call it TOTAL. It covers your security, privacy, identity protection, including password management. You can see the things listed on the left there. Also, during quarter 3, we're adding smart tasks, which I like, in a way, tips and hints how you can improve your security. So it starts talking to you, it starts helping you, and it makes it easier for you to take care of your online security. And naturally, it also contains what we here in the Nordics like to call family rules, because we don't want to control our kids. Elsewhere, it's oftentimes called parental control. We prefer family rules. So that's naturally also included in TOTAL. So this is all in one app. No need to download several different apps anymore. This has hit the market now in April. We have our first service providers who have launched it, a bit more about that in a minute. And then in terms of SENSE, our network security solution for connected homes. There's an SDK, or software development kit, that we embed into the router, which talks to our cloud back end. And then one person in a household uses an app to control the services, either on the left as our app or in the middle there. It's an app that one of our partners has delivered to consumers and our capabilities are embedded in it, okay? So this is, once again, providing an effortless way to secure a connected home. Every single device in your home that is connected to that router is safe, including the people, by the way, who have their own smart devices. Then if that is the value proposition we have for consumers, then this is the proposition we have for our partners. Here are some examples, real-life examples of some of our partners in Europe and North America. On the left there, you can see a case where a communication service provider adds on to their core service, security services from F-Secure and the average revenue per user goes up by 14%. That's a significant number for any communication service provider. In the middle there, you can see different kinds of numbers of how much having consumer security activated with the customer has decreased the churn of the customer base. Anything between 21 to 60 in these cases. They vary very much from country to country, from CSP to CSP. And then on the right, NPS, Net Promoter Score, we can see time and again that the customers who have consumer security score higher in terms of NPS. So customer satisfaction is higher. And it can be anything from 10% to 20% points. And this is made possible because of the things I said that we develop and take further in the portfolio management team. So the security business platform of how we integrate into billing, CRM, customer life cycle management, what kind of tools we provide, customer support that we provide, as well as data-driven insights. So we provide data-driven insights to our partners with regards to cybersecurity as well as how they're doing in the business. And to consumers, naturally, data-driven insights into the app through the smart tasks, all based on a scalable, cloud-based delivery platform run by Toby. I've already talked a little bit about our go-to-market model, so won't dwell long on this. So on the left there, you see our partner channel, 170 partners altogether globally. 130 of those CSPs. You can see some of the names there and logos. Also, we have partners in retail, for instance, over here in the Nordics, Power, Verkkokauppa, Euronics, Amazon in Germany. Banking and Insurance, we even have some utilities companies who are adding consumer security to their offering, and they can naturally address a very large global consumer market. And then our direct channel through e-commerce, available through our own website, plus app store and Google Play and our partners for go-to-market, Cleverbridge. A few words about our business model. It's a subscription-based business model. And when we look at our partner channel, our partner is the one who does the heavy lifting with regards to sales and marketing, with our support and with our tools and best practices in use. They take it to customers either as bundled with the core service, no separate charge or as a value-added service that comes with a separate charge, for instance, EUR 7 a month. The expected volume for a bundled service, it goes with the core services, is naturally very large. The user base is very, very big. When they sell it as a value-added service, it's medium. It's not quite as much, but it's still very significant. And then the unit price, when it's bundled, it's lower. And when it's sold as a value-added service, it's in the mid-tier. Whereas when we sell through our e-commerce, naturally, we take the brunt of sales and marketing, which is not insignificant, especially these times when Googles and Facebooks and others have increased the prices for digital marketing markedly. We always sell it as a value-added service. And once again, it's a monthly or annual fee. And then the price naturally is higher, because we have to cover the sales and marketing cost. But that's how our business is built from bottom up. I already talked about the fact that we are a market leader. This is pretty much how we see it. The number of communication service provider contracts globally. We believe that we have slightly under 50% of the CSPs out there that are providing consumer security services, and that gives us an edge. And on the right, some of the advantages that we have, why we have actually got to this position where we are. Finally, direct business is like our ear to the ground. It's our finger on the pulse of the market. We would never ever be able to deliver the value that we do in our products in the way we go to market, the way we communicate, if we didn't have the capabilities of direct business to inform us about what's going on. So I thought that, okay, let's share some of those insights that we're gaining from direct business. So one thing that we're seeing is that systematically, people are moving away from separate products to the TOTAL offering. We're seeing every single quarter, TOTAL just gains more and more and more traction. This gives us confidence that we're going to see the same thing in our partner channel. Secondly, we see that the identity protection market and awareness around it, it's building slowly. Consumers are not yet quite grasping, what do I need this for? How do I use this? What's the threat that is out there? And we clearly need to work together with our partners and also in our direct business channel to increase the awareness and educate the market. So it's still in its infancy, relative infancy. There are some markets where being a European player makes a big difference. Not all, but some. You may guess who they are, and I think you may even guess right. And then the way that we've built our experience for our direct customers seems to be going, I would say, quite well. It's already getting an NPS of 47, which is very, very formidable already, but we're aiming higher. So we see that we're doing things right. So if we're learning good things there, we should also share those with our partners. And finally, the marketing best practices that we've got in direct business are now being documented and transferred to our partner channel. So that's all I had on the company as an intro. And now I would welcome your questions. We have about 6 minutes for questions, 5:58 right now. So Laura will be helping me out in managing those both online and from the room. I believe we also have microphones here so that people online can hear the questions from the room. All right. Anybody? So here is the first person in the first row.

Veikko Silvasti from Danske Bank. First of all, on the clarity. I'm also struggling with, I guess, other consumers as well. So let's say we have Apple iPhone. They have their walled garden, the iOS operating system and so forth. They invest billions into it. It's secure. It should be the most secure thing that we can have. So how can we add value on top of that with SAFE? What can we bring?

TOTAL can add value. SAFE can add value with parental control, right? But TOTAL provides password management across different devices, not necessarily all from Apple. It provides identity monitoring. So if your credentials have been hacked, you can use identity monitoring. So those are examples of the things that we can do in addition to VPN, of course.

Clear. Then maybe secondly, on the SENSE product. Can you give any estimate of the size of the business at the moment? And is it a faster growing part? Or is the growth coming from sales of TOTAL?

Okay. So I will actually go into a little bit more detail when we start going through the growth initiatives that we have going on. So I hope that I can answer your question pretty much spot on then. Any other questions from the room? There in the front.

It's Felix Henriksson from Nordea. I guess, sort of on the value prop question there. You walked through the dynamics on how your product actually adds value. But if you sort of look at the competitive landscape, more or less, all the large cybersecurity names globally do have their all sort of all-in-one security suite offering. So I'm just perhaps struggling a bit to understand how you differentiate from them and why a consumer would choose your product?

Okay. Okay. There's lots of good product out there. I mean, hands down, there's lots of choices out there. How we differentiate is that what we've built is especially built in a way that a partner can take it on as swiftly and easily and smoothly as possible. So offering wise, what the end consumer may see may be relatively similar at this moment in time. But the way how we can actually integrate that proposition into a partner's offering and support the partner with business services, that's very unique. So there are cases, if somebody has a similar kind of all-in-one suite, clearly, we need to look into capabilities that go beyond just that and has to do more with the partner -- way we partner. Also, the combination of TOTAL and SENSE is unique. There are very few players out there who have the capability to have both running together. And for instance, your family rules integrated so that when you're at home, on the SENSE router or when you're away from home, the same rules apply. So that's very unique.

Can you say anything about your internal targets on how large of a share of revenues in the partners had or do you expect TOTAL to contribute, let's say, by the year-end?

I actually have a slide prepared just for you on that later in the growth section.

Okay, that'd be great. Yes, I think my follow-ups were all related to the growth dynamics, so I'll save the rest of my questions for that.

All right. Cool. Thanks. Any further questions from the room? Or shall we have a look online?

Actually, our webcast is all happy because there are no questions so far. So now please, just send your questions.

Okay. There's one more over here.

Perfect. May I should add 1 more so. You showed an interesting slide on the dynamics of this service provider markets. You're the #1, then we have McAfee and Norton LifeLock. So how's the dynamics there? Has McAfee been growing? Declining? Have you been winning over market share in that? And what's the, let's say, level of aggression in there? So is it toughly competed markets?

So entry into a new partner is laborious and slow if they have already had a consumer security offering in place, because that would mean that you have a customer base using product A or offering A. And even though, however good your new offering is going to be, you still have to take those users on a journey to change from one thing to the next. And that's always quite a painful thing because you're asking users to do something. Whenever you ask them to do something, you may be losing quite a bit. So change doesn't happen often. So if a partner is already providing consumer security services, it's not very common that they change partner. However, there are new product offerings that come to play like SENSE that may change opinions. There are new product offerings like identity protection that haven't been there before that may make somebody think that, "Hey, but that 1 is good. Now I have a reason to actually go and change." So they don't happen very often. I would say that there is healthy competition that there would always be, but shifts from 1 service provider to the next don't happen that often. But there's a lot of companies who don't provide any consumer services today. So they're, in a way, virgin territory. We naturally want to win as many of them as possible, especially if they have a bigger user base.

Clear. And would you say you have been the one gaining most foothold in this channel? Let's say, past 3 years?

Yes, I would say that we have -- I can't compare to competitors in terms of numbers. But I can say that, for instance, last year, we won more new partners than we've won maybe, like, in 10, 15 years. So we were very successful at winning new partners last year. I'm afraid we have to now jump on to the next section. Thank you very much. Please hold your thought. We will have a Q&A at the end of the session sometime from now. So now I want to hand over to the next speaker.

Thank you. I'd say that is me, by the way. It was a very posh corporate photo. It got nicely made up and now I'm no longer recognizable. I would like to talk to you today about, as it says, cybersecurity platforms for complete protection. I think what I want to convey is what is our technology vision that lies behind the product commercial vision that Timo gave us. What do we think this means technologically. Why are -- well, I would like to convey the fact that we, as F-Secure are, well equipped to answer that challenge and perhaps focus on some specific areas where I think we have unique strengths. So there we are. Protecting our digital moments requires a comprehensive security strategy. I'll come back to that phrase about comprehensive security strategy a number of times. Digital moments, Timo showed you our new brand unveiling video with this concept of digital moments. So I think what we are trying to recognize here is that, particularly after the last couple of years of pandemic, our exposure to the online world has changed dramatically. And our exposure to the online world reflects our exposure to the online threat landscape. Digital movements are around the fact that moments in our lives, which were perhaps transacted face to face before are now transacted online. And that's the lens through which we need to see the consumer cybersecurity needs. And our thesis is that in order to protect that effectively, we need a comprehensive security strategy. What does that mean? Well, it means protecting more than just devices, the legacy of almost every consumer cybersecurity company lies in the fact that we are able to protect at a device level. We can do antivirus. We can do anti-malware. We need to protect more than just devices. There is our exposure from a privacy perspective. There are the risks to our identities online. There is -- what does it mean to protect a family unit, not simply an individual. And we all live now in environments in the home, which are increasingly connected. And that broadens the range of threats to which we're all exposed. We need to protect consumers everywhere, not just in our connected home, but while we are out there in the world on public WiFi, on our friend's WiFi. Any technology that we build needs to operate in a wide variety of environments. We can be experts in the internals of the Windows operating system, but actually, that's not enough. We need to work with all the personal devices that are out there. we need to deploy SDKs to routers for the SENSE product. We need to deploy and investigate threats and protections on the network backbone. And of course, a large quantity of our personal data is now in various cloud services, how do we operate around all of this? And then finally, of course, none of this is static. So even day-to-day, threats are emerging in different ways daily. We must stay on top of that across all of our devices across everywhere, that we do it in the multiple operating environments, and we need to maintain a forward-looking view, where will things be in 2, 3, 4, 5 years. So that comprehensive security strategy is absolutely core to whatever we need to perform. We are good at this. We have a history of being good at this as the old F-Secure, the combined company. We had a clear technology strategy of having a strong center of expertise, which could be applied to both corporate and consumer segments. But I think it's very important to recognize that, that didn't dilute our approach to the consumer market. This is an abbreviated history over the last 10 years, showing key innovations that we've made in the consumer segment specifically. So going back 10 years, we launched, for the first time, what arguably was actually our first major step in this comprehensive security approach. It was multi-device security via SAFE, where for the first time, we promised to protect, not simply your Windows laptop, but all of your devices together. Same year we launched our security business platform. Timo touched on this briefly. Because we are a channel partner-first business, a large part of our ability to assure cybersecurity lies in the extent to which we can assure, we can integrate effectively and further assurance via partners. So our security business platforms, which enable things like billing integration, customer support, life cycle management, this is a core part of our security proposition, and we've been doing that for 10 years, and that continues to evolve. In 2014, we launched FREEDOME, I think, probably, our very visible product, which again, establishing the comprehensive security strategy was a step towards privacy. 2016, we launched the first version of what we call TOTAL invert guise is, and that was a very clear step towards our current strategy of enabling this comprehensive security strategy. Realizing that actually the endpoint protection via SAFE, the VPN protection via FREEDOME, the key part sort of protection at that time, they were all part of a holistic approach to security and that by providing that to consumers, collectively, we strengthened the protection overall. Now at that stage, that was purely a commercial offering. It's purely a marketing bundle for 3 individual products, but it still very much emphasized our product-focused approach to consumer security. 2017, we launched SENSE, which you've heard about and we'll hear more about. 2020, we launched Identity Protection, both of these growing very effectively. And this year, as you've heard a couple of months ago, we launched our full 1 app, TOTAL, where all of these various consumer-focused activities are brought together in a single app. And that is being picked up very well by partners. We can see this is answering customer needs. And along the way, and we have picked up all sorts of best protection awards that demonstrate that this is real. None of this is news to you, I'm sure, but it does reemphasize the fact that as a -- even as a combined company, we had significant consumer-focused cybersecurity development, which will continue. There's a few key aspects to that technology underpinning I want to focus on. The first one is this switch is our core cybersecurity expertise, if you like. So over the past, depending on how you count it, 20 years, 34 years, there's been lots and lots of work has gone on to developing different approaches to solving the consumer cybersecurity threats. Here are some of them. We've been doing malware research for literally decades, content classification, data flow modeling, that refers to things like on the -- in the SENSE device that we model, what goes on around the IoT network to understand threats there, network behavior research, similarly. We've got investments into artificial intelligence. We build machine learning models, all of which help inform our ability to detect and neutralize threats. All of this sits there in a set of systems that work very effectively. How do we know this? Well, because every 24 hours, these numbers are from a quick analysis we did last -- last week. In fact, 900 million queries to the cloud APIs that power this, and that's across all of our products. Since total, they're all talking to the same core security engines here, 900 million queries. From which, 8 million unique samples were analyzed, from which 700,000 times, we detected, via various AI models, suspicious behavior happening on devices, on networks, which we could then block. We detected 500,000 pieces of malware, which we could block and 53,000 times we detected a unique malicious sample, something that we had never seen before. And that's in 24 hours, and that's every 24 hours that's going on. So that's very much the core cybersecurity technology that lies at the heart of what we do. That's how we bring protection to users. Of course, though, that is not enough. And this is echoing much of what we're saying about simplicity. We believe that the user experience is an absolutely core part of any security technology stack. It's not a nice add-on. It is part of what delivers security and for these 3 reasons, right? We have to make sure that any security is activated. There's no use selling products, unless actually they get on to people's devices one way or another and activated. Otherwise, there is no protection being provided. So we think very hard about how to optimize that. In some cases, with SENSE, for example, it's possible to effectively entirely get rid of product activation, because the fact that your router there means any devices are naturally protected. Where activation is required, we work very hard to minimize what's needed. As the software is used, it has to not be annoying. It has to be effective. Because annoying software doesn't get used. If we're popping up smart tasks, right? Smart tasks is a great idea. But if they become annoying, software gets uninstalled and it does not protect. So for those very practical reasons, clearly, user experience is part of the protection experience. You don't get a protection experience without effective UX. The third thing is something that's become much more important over the last few years is the fact that actually, UX is an aspect of the security landscape, if you like. Phishing attempts to deceive you via e-mail. Smishing attempts to deceive you via SMS messages. Vishing attempts to deceive you via phone calls. These are major parts, and increasingly large parts through the pandemic of the ways in which you, as a consumer, are at risk. And these are fundamentally about human behavior and UX. And in order to effectively and convincingly counter these threats, we need to have a very deep understanding of what UX means. And we need to have a very deep understanding about how we can build effective counters into our products around this. So for us, this is an absolute core approach to our ability to successfully protect consumers. Third aspect of our technology here I want to focus on is specifically under the security business platform that we mentioned earlier. If you're delivering products to consumers, if you care about how consumers use those products because UX is a core part of what we're delivering, then you need to be able to understand how customers are engaging with your products. And if you do that effectively, you can go beyond merely measuring, but also driving back personalized insights, personalized nudges that ensure that the consumer is even more effectively protected. We have a concept we call life cycle messaging that we deliver to a number of our partners, which helps with activation, for example, which is one of the core hurdles to overcome, that we can draw insights from how we know consumers use our products in order to personalize those life cycle messages, make sure they arrive at the right time to ensure that activation rates are maximized. And that might be via e-mail, it might be via an SMS, it might be a push message, whatever it takes to actually ensure these products are used effectively. That's obviously of interest to us across the board, certainly now from our direct business. Actually getting a lot of insights about what works and what doesn't work. But we are primarily a partner business. And when we think about what we're selling to our partners, sure, we're selling products. They are selling products that might be -- products that are just a part of the core service, they might be a value-add service. but we're actually selling to those partners their ability to make money. We're selling them a business. And in order to run a consumer security business, then you need to have insights into how that business is operating so that you can optimize it. So our security business platform is delivering insights, data dashboards, which let our partners understand how these businesses that they're running operate that let them gain insights that we have from elsewhere to ensure that those businesses can be optimized, delivering additional revenue for the partner and for ourselves. As I showed you a couple of slides ago, this business platform has existed for 10 years. There's a lot of insight. There's a lot of understanding. There's a lot of learnings from the partner market that exist in how that operates and what insights it can generate. So yes, that's the third aspect I wanted to touch on, particularly. A couple of slides I would like to provide -- to talk about the relationship between us and with Secure. This is one of the key questions that comes up in many forums. I'd suspect it came up this morning as well. As said, the old F-Secure, for a long time had a very clear rationale that has existed to do things once and do things well from a security perspective and make that available to both corporate and consumer markets. So what does it mean now that we're splitting the company in 2? We're executing a demerger, how do we do that? This is the answer. So top panel there, what was the old F-Secure or will be still for the next 4 weeks. Well, it was 34 years of cybersecurity development. What does that buy you? Well, it buys you experts, right, staff, fellows who really know what they're talking about, deep expertise. It buys you the algorithms around malware analysis or whatever it might be that inform our unique understanding of the cybersecurity market. It delivers the software in which those algorithms are embodied, the software that lets us maximize the expertise that we have internally to deliver cyber security protection to consumers. And it delivers the systems, the infrastructure, the cloud-based delivery mechanisms all of this is delivered through. That's what it buys you. And from a consumer perspective, I'm ignoring swathes of WithSecure activity, of course, but from a consumer perspective, it did that across those 5 areas I've highlighted there, which are of interest to consumer market. If you're building a holistic comprehensive security strategy, I promised I would say that were more than once, these are the 5 things that we have that really deliver there. And what's important to realize there is, of course, of those 5 things, only 1 of them, security, I'm using that as a short hand for device endpoint security. Only 1 of them, that security one is a common interest between WithSecure and F-Secure. And when we look at how we were operating up until recently, it was very clear, actually, that, that security interest that was organized such that both parts of the company benefited very strongly from it. The other parts, privacy, identity, home family, they were purely organized and managed within the consumer part of the business. So now as we go through and execute this demerger, we do so, as you can see there, so people will go to both sides of the organization. We've carefully planned out a new set of organizational structures on both parts of the company, which means that we benefit from certainly everything that is needed around the pure consumer parts of this activity. And then where it's a shared concern, experts going to both parts of the company to ensure that we're both well equipped to drive our portfolios going forward. In terms of products, it's a very simple split. They both go both ways. And then in terms of all the systems and software and infrastructure, well, we already had and managed much of what the F-Secure Security Cloud consists of. The identity protection back end and the data associated with that, all the SENSE activities or the systems that feed that, the full VPN network that lies behind FREEDOME, all of that was already under our control and form the backbone of our security cloud. And then with respect to security per se, that's something where we have an operating model, which I'll describe on the next slide, briefly. We have an operating model, but actually we share that competency. From a practical perspective, this means that we have full control to drive our portfolio independently. And that's the key thing that we need to deliver on this vision of a comprehensive security approach. We have full and exclusive right to all IP, which is part of the pure consumer activities here, everything in privacy, identity, family home, we have that. We have perpetual rights to use all IP in those systems, which reflect shared interests like security. So regardless of what happens in the future, we have complete rights and the expertise to go with those rights to drive those independently. And then finally, as part of this reorganization, when we made sure that all the right experts moved to the right parts of the company to ensure full continuity here, we have created an entity called F-Secure Labs, different from the previous F-Secure Labs, but very much similar in spirit, which allows us to drive our research, both research in terms of how our threats developing daily. How do we stay on top of the 56,000 unique instances of malware that we detect every day, how do we ensure that we maintain a view 2, 3, 4, 5 years off in the future of what we should be looking at where we should be going, how do we ensure that we are continuing to develop the features, which are required to protect our users that can be productized. We have that research. We have the threat intelligence to inform our own view of the threat landscape, and we have the full expertise, software development capability needed to ensure that we can do all of that. So it's a very, some would say, a clean break. There's quite some unpicking to be done, but it's a very conceptually straightforward approach here. We do have everything that's needed to make this work. Of course, WithSecure will remain one-off, will remain a key strategic partner for us going forward. For any cybersecurity company, perhaps the core of your value is your ability to maintain an effective view of the threat landscape. That's what it was. Every cybersecurity company claims of a security cloud. What does that security cloud equate to? Well, it's all the -- your view of the threat landscape and your systems to respond to that. Where does the data come from, from that? Well, it comes from your experts, your threat intelligence that you can generate, and it comes from your ability to harvest data on activities at large via deployed instances of software via wherever you have insights sensors in this way. But that's never going to be enough. You always need to find ways to enhance that breadth of insight from other third parties. So we have always had, and we always will have a range of third parties with whom we work to acquire additional threat data. Some of those can be very lightweight relationships, where we give you money, you give us data. Some of them can be deeper for mutual activities, exchanging data both ways. Sometimes we engage in more deep and extensive research. With WithSecure, we will have almost certainly the deepest relationship with any strategic partner because we will exchange threat intelligence both ways. We have a long legacy of working together. We understand how our data models fit into each other. We have systems that talk to each other very naturally, because they have already talked for years. And that shared threat intelligence, 20 plus legacy years of shared threat intelligence that we retain access to, the shared intelligence develop going forward remains something which is of strong mutual benefit, along with the malware and other systems that lie behind that. Now that looks like a very simple picture. It doesn't look like that today. As of the demerger, we will have a transitional period. We have transitional service agreements that govern our interactions to ensure that both parties carry on working, because the systems are heavily intertwined today between both parts of the company. But we have this 18-month period over which time we will unpick those dependencies, which don't make sense ensure that both parties are able to drive their own strategy independently without losing the ability, so retaining the links, which enable us to drive this strategic partnership. I'll will go to my last slide, you will all be delighted to hear, which is our view of what will make us successful from a technology and R&D perspective. And it's that we believe -- firstly, we believe collaboration is a key to success. Certainly, we believe we are very well placed to answer that. So as said, we need to approach this from the view of a comprehensive security strategy, and that's what this dancing father and his child are intended to represent. And we can provide many of the jigsaw puzzles that -- puzzle pieces that feed into this, whether that be device endpoint protection, VPN privacy, identity protection and so on. So far, so good. I think one of our unique contributions here is that because we are a partner channel business, we recognize that we're not simply delivering one view of what is a comprehensive security experience. We're delivering a potentially different view for every one of our partners. Every one of our partners has a different view of the world. They have a different set of customers that they need to talk to. They have a different set of needs that they perceive from the market. They may have a different language or a set of concepts which they need to describe their comprehensive security experience for their users. And that's been -- that is our challenge, which is we're not selling a one-size-fits-all solution. We have, deliberately, a set of capabilities that can be provided in different ways in a highly configurable, highly modular way to construct different ways around this comprehensive security experience. Regardless, we know that we may not have everything a partner needs because we worked in this partnership way, we are very -- it is natural for us to need to collaborate around this. We describe ourselves as a consumer company. Obviously, you can see from our business model, we are very much a B2B company in some ways and a B2B company, perforce, needs to collaborate effectively with peers around it. So Timo mentioned earlier, and I think we'll mention again, the Airties collaboration that we speak of. Here is a partner with whom we need to work because to plug in a comprehensive security experience for some of our partners, they would really like to have smart WiFi in there. So that's fine, we'll put smart WiFi in there. Sometimes, we need to go and answer needs which we don't yet have an answer for. And you know what, nobody does either, actually, a partner will come to us and say, look, for our comprehensive security experience, we really need to be able to do something interesting around recognizing devices in the home, actually. Can you help us with that? And of course, well, we can. We have a SENSE network router. Let's see if we can do something on that. Let's experiment. Let's try something, let's work with our operating partner. Let's work with the router manufacturer, whose devices we are deploying. Let's do some active research around what can work here. So for that comprehensive security experience, it's -- it may never be enough what we can provide directly. We need to be able to approach this from a very partnership integration-focused way. So we have that research focus. As demonstrated, we have 34 years behind us of cybersecurity research, and we bring with us everything we need to ensure that research going forward. We have an integration-first architecture because we have had to in order to deliver value in the partner market. And that's been reinforced by the fact that we are now delivering an all-in-one application, because it means we have to build our capabilities so that they can be integrated flexibly with each other and sometimes flexibly with partner apps with a SENSE SDK, as mentioned, we often deploy via a partner's application. And we have a collaborative approach, because to approach this you need to have a good way of working in complex multi-stakeholder projects. You need to have the technology, which enables that collaboration effectively. And again, that is something that we've had to have in order to play in this partner market. So I'll stop there. I've got about 5 minutes left, But that's kind of the message I want to convey. We need to deliver a comprehensive security experience. We have the technology wherewithal to accomplish that, and we're extremely confident that we will do so. I'll pause there for questions. Laura, would you like to join me?

Maybe you take the room first.

We have somebody. Sorry, I can't see your name. Your Mr. Capital Markets Day, it says.

Yes. Veikko Silvasti, Danske Bank. First of all, could you tell us a bit about your background? How long have you been at F-Secure and where were you before this?

Sure. So I have been with F-Secure coming up 2 years. I joined what was their consumer business unit in effectively the role I have today as VP of R&D. So I took on the teams, which have 120 developers who have been delivering all the consumer products. Following the reorganization, we now have an even larger team because we've taken on additional experts in the company. But I've been sitting in this role for 2 years, driving these teams to these product outputs. Prior to this, I've spent around 20 years, I guess, that shows my age, in software, one way or the other. Immediately prior to this, I was working for Wärtsilä as VP, Digital Engineering there. So perhaps, like, digital was launched, I think 2017 or so, I joined at that stage to drive software value across the organization, create a big company, lots -- we're not a software company, but lots of little pockets of software here, there and everywhere as part of their digital transformation. I was taking on -- bringing those together and making sense of it. That was the point at which I have moved to Finland. Prior to that, I spent a number of years in -- around London and Cambridge. I actually founded a startup in -- well, I had 10 years of academic research initially around data management, data visualization at the University of Cambridge. I found a start-up off the back of that to take data visualization technology to market. That startup was acquired, and I ended up as Group CTO of GlobalData, which is a U.K. company delivering data services and so on until 2017, when I moved here.

Great. Now that you've been here for around 2 years at F-Secure, what do you think are the white spots that you want to fill? What's the R&D pipeline maybe? Any new products coming up? And do you think, currently, you have the capacity and ability to do those R&D projects that you think you need to do in order to be a comprehensive provider?

So we have a very ambitious R&D pipeline. Much of our activity over the next couple of years will be taken up with kind of unpicking a number of the dependencies going on. So between WithSecure and F-Secure, there's a lot to unpick there. And to really ensure that we can deliver on that in 2018, I think we need to do a lot. In terms of more interesting R&D development as it were, we have a clear road map around developing our total proposition, the all-in-one app further, particularly in terms of fleshing out its ability to perform sort of the puzzle pieces I'm illustrating there. How much more modular can it get? How much more can we drive the usability of it in a way that both makes users [ fuse us ] and actually generates more revenue? So things like internal upsell paths within those products to form more revenue from the users and from the partners. Around sort of core cyber technology activity, there's always ongoing development in kind of the core pieces which make up our security cloud, enhancing the ID protection offering, enhancing the privacy offering, the SENSE offering. There are no new products per se planned. But it's a matter of sort of broadening out the proposition that we've got, making it more powerful and finding ways to really deliver more value from it and how we can integrate with partners. Are we equipped towards that? Yes. or rather, we will be. So as it stands today, having directly split the company, in a sense that there's a lot of work to do, and there's a lot of teams which need augmented, but they will be augmented. So we'll be doing substantial recruitment to ensure that we do have what we need. But that's in plans, if you like. And those plans, I'm quite sure, deliver enough capacity to make sure that we can produce what we want in our pipeline.

Clear. So no clear parts that you're missing in your portfolio, new products like ID protection coming up at least in...

Not in the sense that you're seeing there in those -- that 10-year history, there will be later versions of TOTAL, but there's not a new product ready to drop, right.

And final question for me. So how many people are you going to add into your R&D team during the next 6 months?

20 to 30.

It's Matti Riikonen, Carnegie. A couple of questions. first of all, when you say that you have rights to use F-Secure's technology, are you paying something for it? So is it going to be a cost for you? And second...

So the -- not in the sense that you mean, no. So the TSAs clearly attract fees because we need to make sure they're support services across both sides of the organization. WithSecure, using some of our services, we are using some of theirs. But in terms of are we paying anything for the right to use the technology? No, there's no -- those have been unilaterally assigned as part of the demerger.

So basically, no money changing hands between F-Secure and WithSecure related to the technology base going forward?

I want to make sure I answer you very carefully here. There are technology services over the next 18 months, which one company will offer to the other. It goes both ways because our technology stacks are intertwined. After the 18-month period is over, I think it is entirely plausible that there will be service -- there will be fees exchanged for services one way or the other. I strongly suspect there will be probably more from WithSecure to F-Secure. The details of that, we need to understand a little bit how we get through the next 18 months. I expect there to be a long-term commercial relationship. Some of the services which are required for both companies, we only want to have 1 off, and they need to be hosted somewhere. They will probably be hosted by WithSecure, and we will pay for WithSecure to perform that hosting. But we have full rights in that service. And if we wanted to up sticks and walk away and run our own instance of that service, we would no longer owe any money to WithSecure. Is that clear?

Yes. Good. And the second, the level of extra cost that you will take now with the independent organization just to keep your current products running, how would you estimate that cost to be? And then in addition, what is the kind of investment that you will need to make for further or future products? Can you make a distinction between those?

So I have to be very careful there. And I'm afraid I need to look at Tier 1 study. I'm not actually sure what I'm allowed to say here. How open can I be?

I think we are [ proper ] income in my section and then we can both take it, you and I in the Q&A.

Can I leave Sari to answer those questions going forwards?

Okay.

I think we are over time now. We promised you all a break, which you might be grateful for. So I will draw a pause now. If there's more questions online, I'm...

Yes. I must really tell, we have a couple of questions from the webcast audience, but they're not specifically on the technology side, suggest we leave them for the general joint Q&A.

Perfect. Thank you. I think we'll pause here. We have, I believe, a 15-minute break. Please relieve yourselves one way or another. Thank you. [Break]

Welcome back. I hope you had a good break. We got cake by the ocean over here, so we're good now. So now we'll focus a bit on how we're going to be driving our growth, what's the strategy for growth? So without further ado, we have 3 different areas that we focus on: one, by far, the most important one really is to now drive value out of combining the separate products into one we call TOTAL. That helps our partners to increase their average revenue per user. The same applies to us. And then for consumers, it's a more comprehensive experience. Secondly, we are developing new products. Toby is very modest there. So what we're doing is that from our point of view, both SENSE and ID protection are still very new in the market. They've been in the market for, what, 4 or 5 years, 3, 4 years. And in that time, the market is still very much forming. We don't even know precisely what identity protection will consist of 3, 4 years from now. So from that point of view, it's still a product concept and a service concept that is still in the making. So from that point of view, I would definitely put that into the new product category. Also, in terms of SENSE, there are different value propositions within SENSE. So one of the value propositions is device detection, what kind of devices are in the homes. What are the things that are connected to the wireless routers. And how do you drive value for both our partners as well as the customers out of that. That's an area which we haven't really gone for very actively in the past. We can do certain capabilities, but that can be taken on to a completely new level. Then there are security capabilities in SENSE that we're looking at. There are IoT-specific capabilities in SENSE. We're still in very much in an infancy with regards to that in understanding the behavior of IoT devices. We can already see what they do, but drawing conclusions on what are all the different kinds of scenarios that are typical and atypical behavior, there's still a lot of work to do. So I would say that SENSE also is a new product concept. Underneath all of our products, TOTAL, SENSE, we have a technology platform that Toby and his team are working on. We are looking at ways how to take this technology platform further, how to component-ize it, how to turn it into more of a modular set of capabilities that may one day be monetized in their own right by somebody who builds something bigger using those components. But that's something that is happening in the background, and we will talk more about it when there is to talk more about it. It's not necessarily a new product, but a new way to offer our capabilities to market. And finally, we're expanding into new types of channels. I already mentioned, finance, insurance, some retail companies as well as some utilities companies who are already working with us. So let's look into those a bit more. So in terms of timing, I've gone through the McKinsey school of thought some 10, 15 years ago. So some of that, how you build in waves, it may be visible in here. So by far, the biggest and most imminent capability for us to grow our business is with driving value through a more comprehensive product offering. A bit more about how much that can mean on the next slide. So the kinds of KPIs that we're using there, for instance, adoption rates. So are we getting our partners along? If we have 170, how many of them have signed up to start providing TOTAL services as opposed to the single product by the end of this year, by the end of next year. ARPU growth, is there subscriber growth? Are we able to attract new subscribers either directly or indirectly because the offering is more comprehensive? And in the direct business, naturally, we're looking at typical SaaS type of metrics like customer acquisition costs and lifetime value. And that is like the foundation for everything. I can't highlight that enough. Then after that, especially what comes to SENSE, we're looking at -- if you pay attention, we call that product business sell that Dmitri here is running network security. If you think of a sales cycle for anything that has network on it, it's relatively long. If you think of the deployment cycle of the same thing, it's also quite lengthy. So with SENSE, we have to be in a way, appreciating that there is a time to market which is longer than for the application type of business. But for that one, for instance, looking at how are we increasing the size of the addressable market that we have. So how many consumers are behind the communication service providers that have signed up with us. We want to see that, that number grows into a much, much bigger number. We also then want to see how many of those can we convert I have a slide on that one a bit later. And finally, expanding into new channels. Same key success metric as for SENSE, increasing the addressable market size. We love to work with companies, service providers out there who may be banks, insurance companies and so forth, who may have millions or tens of millions of consumers behind them. And then naturally expanding into new channels. One way to get new channels and new customers is to do -- potentially do M&A activity. But that's in our horizon 3 right now. If we then start looking a little bit more into what's our ambition with regards to conversion from single products into total product. This is pretty much correct in terms of sizing. I said earlier that I will come back to the question, what kind of ambition we have. Midterm, 3 to 5 years, we would like to see easily 80% or above of our customers to be on TOTAL easily, if not 90%. We want it to be a complete conversion. There may be customers who used to use just one product from us. They take TOTAL and they only activate 1 module. That's fine. We can then -- as time goes by, we can expand. And as customers realize that there are more threats out there that they want to be protecting themselves from, then they expand the use of TOTAL. And this is why we see that the total price points can be anything between 20% to 50% higher than today. There may be a service provider who has already sold SAFE and FREEDOME and Identity Protection. We don't necessarily gain much more average revenue per user when it turns into a single app. We do some, but not that much. Whereas many of our partners have only been providing endpoint protection to their customers, if they then expand it to much more holistic total, it makes a big difference. It can be much more than 50% even. So it varies from partner to partner. But there was a question from Veikko earlier on that how have we managed to sign up new partners. It is important that we sign up new partners because we can see here that cohort or as we say in Finnish, [Foreign Language]. So in a given year, you sign up new partners. That's a cohort. That cohort grows bigger, and bigger, and bigger every single year as time goes by. We've used an index here. So we are using 2018 and earlier as an index 100. It's not 100 million, it's 100. And then how the cohorts have been growing year-on-year. And as you can see here, the 2019, 2020 and 2021, they all build up. So this is an important aspect for us that we hold on to existing partners. There's growth already there. And then when we add new partners, we get, in a way, growth on growth. But rather than me talking too much about this, let's have a look at what some of our partners are saying about what TOTAL means for them. We say that it's an important growth initiative for us, but equally it is a very important growth initiative for our partners. So here's the first one. This is Vikas Chanani, AVP at StarHub, a very powerful, strong CSP in Singapore. He's responsible for mobile and new businesses. And this is what he states about TOTAL. So this is how they see increasing ARPU with an all-in-one offering. What they wanted to do was to have a comprehensive solution, which is simple, right? We've talked quite a bit about the consumer security experience being broken. And in this case, StarHub is just a case in mind. They've seen that this is too hard. I would go as far as say it's too damn hard to get security messaged across the people, get them to adopt it and for them to appreciate the value that they're getting. They wanted to get it right. They signed up with us. They've now launched the service this year. I'll let you read the rest, but this is pretty much -- we didn't write this. So it was Mr. Chanani who wrote this. But this is very much the kind of value proposition that we intended it to be and how they see that it's making sense towards their customers. Effective, no need for multiple apps, simple. Another view on the same topic is a very strong, capable partner we have here in our home country in Finland, Elisa, another CSP and [ Enti Heneinen ] is a Vice President of Consumer Connectivity business, and let's have a look at what he has to say. [Presentation]

Okay. A bit more about -- also about what kind of partner they were looking for. And one of the things that [ Enti ] mentioned was that he likes the fact that we can do quickly commercial campaigns and activities together. I would say that we're very closely integrated with our partners in this sense. They are not necessarily best specialists in doing consumer security sales and marketing, but we work together with them. And together, we are a very strong combo. Then if we look a little bit about -- further about the growth dynamics of what we can expect from TOTAL. So if you look at the left there, there's a partner who wants to keep their current offering unchanged. Maybe they have provided SAFE for Endpoint Protection, F-Secure SAFE. They take our TOTAL, but they want it to be precisely identical. So only Endpoint Protection activated for all customers. We naturally get to the new product generation but they only activate the first service. And then they sell as a premium or an upsell all the added capabilities. And naturally there's a bit more work to do to upsell and convince customers to go for the added values in TOTAL. In Partner B, such as DNA here in Finland, who launched yesterday our TOTAL offering. Their name for it is DNA Digiturva, digital safety. So DNA Digiturva was launched yesterday and it involves the whole package of TOTAL capabilities, and it's the one single offering for everybody. That's the default value for them. So partners differ in their strategy, how much of the value proposition they go out with. And then what comes to the schedule of rolling out total capabilities. There's always battle for IT resources in our partners, absolutely always. There's never enough. And the slots they give you are 6 or 9 months away. Secondly, there's marketing campaign priorities, which are very much linked to the strategic agenda of the partner. And then RFP and procurement processes take time. Sometimes or oftentimes when we move from, for instance, from SAFE to TOTAL, there is no specific RFP. We just renegotiate the terms for a wider product offering. But these are some of the dynamics that affect the take-up rate of TOTAL in the market and among our partners. But then moving on to SENSE. So Windstream is a communication service provider in the U.S. And for them, consumer security is considered to be part of their core offering. Many CSPs feel that their core offering is about broadband voice calls, content and so forth. For Windstream, they very much looked at consumer security being absolutely core. So let's have a look at what [ Kevin Woodrow ], Kinetic Secure Product Manager, has to say. [Presentation]

Thank you, Kevin. So what's making Windstream unique is that they provide router security with SENSE and they have app-based security with our endpoint protection. And those are linked. So they are providing a holistic comprehensive solution to their customers and irrespective if they are at home or on the go. So a few words about SENSE. We had our Capital Markets Day at the end of August last year. Since then, we've signed up 2 new deals, and we're just about to go live with 5 new partners. So we are now live with 3. And within the next 3, 4 months, we expect to have 5 more partners out there. So this means responding to the questions that Veikko post earlier that our revenue next year has a good chance of growing significantly on the SENSE side. We have one which is still in planning phase. If you look at the graph on the right, what it means is that I mentioned earlier that SENSE being a network style solution, it's a longer sales cycle. It's a longer implementation and integration cycle. Once you get it in, it scales beautifully because the user doesn't need to do much anything. And that's the whole point. One part of a brilliantly simple consumer security experiences that we don't ask the consumers to do anything. They may say, yes, to a person from a call center or a sales agent, and that's all it takes. They don't need to do anything. One person in the household has an app. Maybe they have the app already. So for instance, Windstream, whoever is a customer of the Kinetic broadband service and F-Secure security service has the, My Kinetic App, and we're integrated into that one. We don't require them to download anything more to take connected home security into use. It's all-in-one application. So that's about making the experience easier. Actually, consumers not having to do anything. Just say yes, and we'll turn it on. So that's why the network security take-up rates can then be much faster, whereas typically, our partners are providing endpoint security as a value-added service. There's quite a sales and marketing effort that is taking place. So it's a gradual growth. Whereas with network security, it's so easy to take into use and the price is slightly lower, that it's a much faster growth line. So this is what I mean that we have to appreciate the cycle to market. Would we like to win more than in the first or in the last, what, 9 months or so more than 2 new partners? Absolutely. We want to win more. But we're -- we've just reorganized a team of people who now have the holistic responsibility and capability to drive the offering and do what it takes and especially the integrate-ability and work with the partner ecosystem of smart WiFi providers and router manufacturers to pre-integrate SENSE into as many places as possible so that it is an easy deployment for our communication service providers. And that's what the next person will be talking about. So Juliet Bonnard is from Airties, which is a company that provides solutions to communication service providers so that they can provide excellent WiFi experiences in homes, also called Smart WiFi. So let's listen to what Juliet has to say. [Presentation]

Thank you, Juliet. So the whole point here is that not only do we need to make sure that the product itself is right. We need to make sure that we have the ecosystem partners around us who want to work with us and who have an incentive to work with us to pre-integrate our solutions in a way that it's an easy ride for our CSP partners to take on new propositions such as router security. For instance, with Arties, we have integrated the software that goes into the router that they have to provide smart WiFi capabilities into a single client with our SENSE SDK so that the operator just has to make one installation, one integration and it's done. And this is a bigger thing than it sounds. We often talk about features and functions. But this is actually making it easier for our partners to roll out something completely new, such as router security. And finally, we talked about the new partnerships, the new verticals that we're working on. I mean, very shortly, we've realized makes us feel a bit silly, really, but we've been relatively focused for like 10, 15 years on working with communication service providers as our partners. Only in the last years, 2, 3, 4 years, we've realized that there are a good number of companies out there who have precisely similar kinds of needs than the CSPs to enhance their business for different reasons, to grow and protect their core business, maybe boost retention, maybe enhance the trust element in their brand or just cross-sell and upsell more valuable high-margin service to their customers. They already serve a good number of customers, why not enhance it? And there are some companies for whom it is more natural than to others. Not everybody can sell consumer security services if they are consumer-facing companies, but some definitely are. Here's a case in mind. So Allianz, one of the largest insurance companies in the world, one of the premier insurance companies in the world. So here is Tomas Kunzmann, CEO at Allianz Partners. I'll let him tell the story. He tells it much better than I do, please. [Presentation]

Thank you, Tomas. Couldn't have said it better myself. What's important for Allianz, as you saw, was that they have already a certain part of the peace of mind covered with the kinds of things that they can do as Allianz's Insurance Company, and now they can extend that peace of mind value proposition with consumer security. We are in an early phase of our partnership with Allianz. And we're currently running exercises in certain European countries. We hope that this will be a fruitful long-term major partnership for us in the years to come. So that's all I had to tell about our growth initiatives, ones around higher ARPU and total about the new products and capabilities, for instance, around SENSE. And then finally, the new kinds of vertical partnerships that we're looking for. And as an example, we showed, Allianz. So now we have 4 minutes for questions. So may I have any questions from the room here?

It's Matti Riikonen, Carnegie. Two questions related to the market potential that you have, you touched it earlier in the presentation, but not quite all the elements of it. When we think about the free software that is on the market, to what extent that covers? I mean, what share of all potential users are using a free software. That used to be a kind of concern maybe a couple of years ago. Now what's your take on that? And then the other related to market opportunity, what is the share of people or potential customers not using any kind of software at all at the moment?

Okay. So the first one, anything around 50% to 60% of customers may be going for free offerings. Just to give you a feel. The share or willingness to pay is going up in every single consumer survey that we're making. We make them 1 to 2 years from each other. So every single time it goes up, anything between 2, 3, 4, 5 percentage points. Secondly, can you just quickly remind me again what was the second one?

That was the share of potential customers not using any security solution at all.

Okay. Good. Good. So precise figures, I do not have. But if we look at, for instance, our partners. What kind of penetration rates do they get with our services? They vary from anywhere from 5% to 10% all the way to 30%, 35%. Naturally, it doesn't mean that the rest of their customer bases wouldn't be buying something from someone else, for instance, online. But from our partners' point of view, there is a whole lot of markets that they can still go and grow, right? It may be either people who don't use anything or it may be people who are using competing or somebody else's services. So our partners are seeing phenomenal growth opportunities. But I talked about the importance of easy consumer experience earlier and for some people downloading an app and especially downloading an app into every single device they have, it's just they just won't go through it. It's just too much work, too much thinking, too hard, which is why we're looking at things like SENSE to make it way easier to put it into the home so that you don't have to do anything. You're just connected to the router and you get the basic level of security. Not quite as high as with the app. But still you're getting rid of many of the, for instance, phishing attempts. I can't really say more about that. I would to know the precise answers to the question you just made. Time for one more here. Felix, here.

Felix Henriksson, Nordea. Just wondering if you could give us any idea of the sort of growth rate in the subscriber base that's around EUR 16 million today over the past years, past couple of years when you've sort of delivered around 6% revenue growth. I guess what I'm just trying to understand is how much of this has been driven by numbers of subscribers and how much increased ARPU.

Mostly increased ARPU, by and large. Okay. Laura has one more from online.

This is a tough one, though. So what is the churn among the consumers who make use of your cybersecurity application via your service partners? And what are you doing to decrease this churn?

The churn that we see through our service provider partners is in the region of a few percent points. And what we're doing is that we have a global network of what we call service marketing managers who are all in different regions in the U.S., in France, in Netherlands, in the U.K., in Germany and so forth. And they work with our partners in those countries, and they are constantly driving 2 things: upsell and new sales to new customers and supporting and the other one is retention. And with regards to retention, we have the capability to run data analytics on people who are leaving the service. Some of them leave already in the activation process, and we can identify where they are dropped and then we can start iterating ways how we can improve precisely that step of the activation process. Some of them leave the service because they churn from the network. If they are a customer of a service provider, very often, they just leave because they leave the network. Then we can't do anything about it. We just have to hope that they join some other service provider that also provides our service. But I would say that we do a whole lot of value-based messaging. I think that Toby mentioned earlier life cycle messaging. And with that messaging, we want to convey value that people are getting from the service, so that when they have it, they realize that it's doing something for me all the time so that it's not a passive insurance. But these are some of the ways that we're going about it. Okay. All right. 2 minutes overtime. Apologies, Sari. Handing over to our next speaker.

Hello, everybody. Good to be here. Last but not the least, I hope. You have heard how we create value through our strategy, tech capabilities, competencies and our growth plans. So now let's do how we do that -- see how we do that through the financials. As usual, in this context, not really giving new numbers in the prospectus. In our case, you've seen big set of numbers as carve out and vest pro forma and what have you. And my numbers here are mostly based on those carve-out numbers. And in the autumn, I'm as happy as you to go into a world where we are reporting real numbers because it's -- I know it's a bit confusing. And as there's not so much news -- so I hope that I'm able to highlight some of the details and dynamics so that it would be useful for you when you're analyzing our numbers. Let's start with the sales. We've seen the nice 6% annual growth during the last couple of years after a longer flat period. Of course, we need to admit that we've been helped by the things happening in the world. Every time there is uncertainty like the pandemic time has been. So it is beneficial for us. But also it's been, of course, engined by things that we've been doing ourselves. In terms of the channels, we've -- you've heard this several times today. So it is our own direct channel, which is currently 21% of the sales and the partner channel. And this is something I'd like to look into a little bit more in detail. Timo had a similar slide, but I think this is so important that we can repeat maybe a little bit. So if we first focus on the left-hand side of this slide. So yes, we are in the consumer cybersecurity business, but most of our business model, that partner model, it is a wholesale model. We are selling B2B. It is the partner who is our customer and pays the bills to us. And that has an impact on the dynamics of this. So in the e-com business or let's revert a bit. So as Timo said, the prices that the consumers pay, they are similar in both channels. Of course, you have the campaigns and so on. The price actually varies quite a lot, but it is similar. Otherwise, the consumer, of course, would not buy through both options. In the e-com, so we get that ARPU, that consumer pays. And we also have our sales and marketing cost. So we need to do that leg work ourselves. Then if we compare that to the partner channel, you've seen that if you take the subscriber base and the top line we get from there. So the ARPU we get is actually quite much lower. And you might wonder that how does it work? Well, you see it from our P&L that if this is 79% of the business, then we have our nice profitability, so it seems to work. So the fact is that our costs in that case are so low. It is the partner who is taking care of the sales and marketing. So yes, they get the nice gross margin as well, but then they have the marketing and sales work. And for us, in that partner channel, the cost structure is actually very light. So this is the big difference in terms of the business model. Then another important difference on the right-hand side of this slide. This is not like 100% correct, but it is the big picture and how it's sort of adequate that you look at it. So in the partner channel, we are invoicing our partners on a monthly basis, and that's also how we are then recognizing the revenue. So we get the monthly revenue from there. So no deferred revenue from that channel. Then on e-commerce side, the consumers typically pay upfront. They pay for a 12-month subscription, and then it's over that time that we recognize the revenue, so basically 1 month at the time. And that's where the deferred revenue comes from that you see in our balance sheet. So I think it's quite important for -- especially for the analysts who are modeling our business to understand how this works. And still continuing on the revenue. So in terms of the geographies. Also, this was a little bit mentioned earlier on. We are very European-focused. So Nordics and rest of Europe then being, well, not equally big, but big chunks, both of them. But we want to grow outside Europe, and we have seen higher growth in the other areas already, looking at the CAGR here. So it's been bigger than average and especially during the first quarter this year. So it was very nice. And this is something that we continue with, both in North America and Rest of World, which basically Asia. And also in Timo's slides, we saw -- or the videos, we saw an American customer. So we are working on that. Maybe a little bit talking about that low number in Q1 for Europe. So it's not so that the market would be stagnant, but we have pockets where we've had challenges. We had some issues in our retail business and also Poland was a country, there's been a regulatory change that has an impact on the business. And then on the other hand, there are also then positive places. So especially, I want to mention in e-commerce in Germany, we got a lot of new customers. So that's been a very positive development there. Then if we move on to the profitability. Starting with gross margin, a very flat curve at 92% during the past few years. There are differences between products and the channels. But really, the big message is that it is very flat and it is very high. So it's really nice that when you grow and the variable cost share is so small in your business. So it scales quite nicely. Then looking at the key metric, the EBITDA, it's been quite high on this mid -- in the mid-40s. 2020, a little bit higher. That was the time, pandemic time when there was -- marketing was lower and sales costs reduced less traveling and so. And this we saw in many businesses, so likewise here, so the profitability was good at that time. But here, it's really important to see that this is the past and the future will be different. So of course, as we've been part of a bigger group, especially on the admin area, there's been synergies of working together. So we'll lose some of those synergies. And also as we want to build our growth and invest in the R&D capabilities. So that's also an area where we see increases. So you see there on the text on the slide that we expect to add EUR 4 million to EUR 5 million on annual level to our cost base. And that's why our midterm EBITDA target is 42%, which is, of course, it sounds funny to have lower ambition than here, but it's because of that. And then we just want to grow faster than we've grown in the past, which should make the equation work. And a little bit more than about this cost structure, what is going on there? Again, if we start with the history, sales and marketing, so it was lower in 2020. And after that, it's been growing with the same pace as the top line. R&D has been growing more steadily, and that's the area where you can at least now in the future years, expect a share of sales go up as that's a necessary investment for the growth. In admin, the story is a little bit more difficult. So there was increase already in '21. There, we have some strategic projects that were burdening the admin part. So that explains the 2021 being higher. And in the last 12 months, so dropping out the first quarter from '21. So then it's more already related to the demerger preparation. So of course, the big consultancy costs are reported as IAC and not part of this. but we have had also like starting to ramp up certain capabilities and so on. And that's the number where we see it continuing on a higher level due to losing some of the synergies, not sure that we'll go back to the 5% level we have seen at least in the short term, but lower after we get to a more stable phase. But now the interesting thing is what happens in between. I will show later on the outlook that we issued this morning. But from there, you see that we actually expected end of this year to have clearly lower profitability than what we've seen. And it's related to this ramp-up of the future capabilities. Those, the number you saw on the previous page, about those EUR 4 million to EUR 5 million. But at the same time, we still -- we are not ready for all of that. And we are having some of these TSAs, transitional service agreements, with Secure. So we are, at the same time, still paying for certain services even if we are ramping up the owned one. So we have double cost in a way. These TSAs are -- we have many different services defined and the length of those vary from 3 to 18 months. And you see that this year, we are paying EUR 9 million approximately for these services, EUR 4 million of them are on the tech side. The tech side is where it's closer to that 18 months, the services. So there, you can -- now I don't even remember by heart the exact numbers, but you can assume that, that EUR 4 million will sort of double for next year. So it's still a significant cost next year, while Toby is ramping up our own capabilities. But then on the remaining EUR 5 million, which is the admin, there we are closer to this 3 to 6-month TSA so are just finishing earlier next year, latest half year next year. So there, it will start going down faster. But now it is the next year, that is a challenging part where we are building up on things and still having support from the old side. And this is what explains the low number for this year. Then looking at another KPI that we use, Rule of 40 is a typical SaaS metric. You can ask whether it is relevant for us or not. But we feel that it very nicely combines the profitability and growth, which are both important for us. And as you see, for us, it's been more of Rule of 50. So we are nicely -- we've been at 50 and above. And now having this deeper profitability in front of us. So yes, it will also go down. But we are building also for the higher growth so that the growth part of this metric would become higher. So we will certainly continue following up this because here, we can -- those 2 metrics can compensate each other. And for future, we feel that the growth is the way how you grow the absolute numbers. That brings us then nicely to cash, where we also have strong numbers now the latest one here at 100%. So basically, our whole result is cash flow. And that's basically because we have so little actually, investments outside the P&L. So mostly, it's within OpEx. And here, we will have more -- a little bit more CapEx on our intangible assets like IT and certain tech capabilities, but it will remain high. and which means that we have very well funds available on top of this P&L investments. So for both dividends and financial M&As like we mentioned. And if we look at the balance sheet, I think this is maybe not a very typical balance sheet quite light assets, 39 million, and most of that is trade receivables, just so what the ongoing business brings fixed assets low, and that is mainly intangible assets. And we can expect that part also in the future to remain low, no goodwill in there. Then on the equity and liabilities side, so there, this deferred revenue that came from that e-com business. So that's, again, a big share. And good to note is that in the other liabilities, we don't have currently any debt from -- bank debt. We have -- those of you who read the, our prospectus carefully, noticed that we have a EUR 10 million RCF that is available for us. But I know based on discussions during the spring that if needed, there is funding available for more if we came up with something big. So this is a balance sheet that is very easy to leverage. And then if we turn to this outlook. So revenue growth, we expect it to be between 4% and 6% during this year, so a bit higher than during Q1. And profitability. This is, I guess, where the big news was that after the very nice Q1, so the full year is expected to be at 40% EBITDA, which means that the remaining quarters are on average below 40%. And this is exactly related to what I was explaining about is double costs structure that we have currently building up the capabilities and still trying to get rid of the old support structures. Of course, we have our -- in most of the areas, for example, if I take my own finance organization. So we have all the plant roles populated but there are still some processes and where we need some like support and backup arrangements even if we are in the daily business doing fine on our own. And the other admin parts, they are IT, HR, mainly. And here, I then want to really repeat what we have said earlier during the spring. So despite of this rest of the year, having that for us, very low profitability. So we retain all these earlier set targets. So in the midterm, so growth target is to be high single-digit revenue growth and the profitability to be -- EBITDA margin to be above 42%. And on the slide, you see for reference the historical margin, but as explained, so that's not the right benchmark for us. So continue to grow above market rate. And that Rule of 40 is something that we will follow so basically combining the 2 top targets that we have. So this was all that I had on my mind. Happy to answer some questions. And so it looks like I've saved a lot of time for both Q&A and from what the previous one went over the timetable.

It's Matti Riikonen, Carnegie. Two questions. in the profitability target, you talk about initial growth investments. And of course, that comes to the question that when does that end? When do you think you will have normal times? Is it the 18 months that you talked about with the tech investments? Or is it going to be further than that? .

Yes. It is, of course, a good question. But I think within 18 months, we should be pretty fine. We know that in R&D, we have a road map where we plan to continue investing in that. If we take the IT area, so we, I think, already within half a year, we've done what we need to -- those, which are one-off nature when we are building up our systems. So it depends really on the area. And I would say that on this admin side, it goes faster. And on R&D side, it's also about us wanting to invest more in that than in the past as we see that that's the way to build further growth. But I think definitely within 18 months.

Okay, sure. Then the second one, have you set any balance sheet targets like net debt-to-EBITDA or equity ratio? Because, as you mentioned, using leverage is something, of course, to consider. So any guidelines for that?

Yes. Yes, that's a good one. And I know that, that is something that many in the audience would like to have. And we are not quite ready for that yet. We -- first of all, we need to see then what our balance sheet actually looks like on the last of June. It's quite a complicated process how the assets are and the cash are divided between the companies. And also now that we don't need any like, yes, we have the equity, what we have, we have the cash that we have. And they will, of course, start accumulating. So now the question is just that when we get the cash flow in what we do with that money. It's clear that if we had -- if there was a sort of big M&A opportunity or something, it would be easy to leverage. And yes, we have -- if you would like to see that what is the maximum how far we want to go. So that number, I don't have. But I think that's where we can do some homework. But it's clear that there is plenty of room. But I'm sure our Board members are also listening to this. So we will have a discussion around this.

Felix from Nordea. About your sort of margins in the, let's say, very longer term, if we look at some of your peers like, let's say, NortonLifeLock and Avast to operate in the consumer security sector, they're operating with sort of above 50% EBITDA margins. So is that a level that down the road, eventually, you could theoretically achieve? Or is there something structurally different in your business compared to these guys aside from perhaps the channel mix, which is obviously a way more partner-focused in your case? .

Yes. I think the channel structure doesn't sort of prohibit us from getting there. Currently, we have just set the midterm targets. But yes, they are bigger than us and seeing that gross margin we have. So if we grew bigger, so I think this is an extremely scalable business. And it's clear that if we would -- let's say, we would double our top line, our OpEx would not double. So in that sense, I think it is possible to get higher, and that's why the growth is so important, and that's why we want to focus on that.

And secondly, if you could just provide a bit more sort of color on the capital allocation priorities aside from the dividend payout target that you have provided, what are sort of the key areas in terms of that?

So that we say the dividend target is around or above 50%. So what that means. Is that what you mean?

Yes. And where is the remaining of the cash flows being directed to or invested?

Yes, yes. So I think that should be interpreted so that if we don't have good investment objects, then it would be definitely the above 50%. And we have not said what above 50% could be, but it does -- it doesn't mean like max 52%, but it really means above. And then if there are other good uses for the money where we would ensure growth, then it would be around 50%. And that's why it's defined so that we want to leave space for the higher dividend because, of course, we cannot be a bank. We know that we don't have any debt in the balance sheet. So we should not start sort of just making it fatter. That's clear. Any other questions from online?

So Veikko Silvasti, Danske Bank. One quick question regarding the problem with Poland. So that hurt your sales growth in Q1. So could you just remind us what happened there? What was the change in regulation? And is there a risk for similar changes in other countries as well?

Yes, yes. So in the big picture, the change was that the -- earlier the communication service providers could provide the services to the consumers on the sort of opt-out basis, and now they actively need to obtain, which created this. And now I'm not quite sure how long it will take for that to recover, but we see that impact still. Maybe when we have later on everybody on the stage, maybe Timo can build on that. At this point, this was a Poland topic specifically. Okay. Then I think we are ready with this and can move on to the closing part, thank you.

All right, starting to finish off. So I have one more slide, no more, I promise. So just recapping why F-Secure, we believe, is a fantastic investment opportunity. for investors out there. So first of all, we're in a good market. This is a growing market. There's lots of opportunity. We're still relatively small. There's ample opportunity for us to grow. Secondly, we are already today the leader in the communication service provider partner business and consumer security services through them. We can, a, grow business with those very same partners, for instance, with TOTAL and SENSE. And secondly, we can naturally acquire new ones. The fact that we are as strong as we are with communication service providers doesn't go unnoticed. CSP is out there. They know we are the force to be reckoned with. So they -- many of them come to us. So that helps us grow. Then like I mentioned, we can very much replicate the offering and the go-to-market model now with other types of partners than CSPs, such as banks insurance companies, retail utilities. We have a very scalable SaaS business model that Sari just went through. And we are -- we've been systematically outperforming the growth of consumer spend annually now for the last years, and we continue to be on that route. And finally, our strong cash flow and our capability to create value naturally and profitability provides us the capability to pay solid dividends. I think that in these days of great uncertainty in the market, a company like ourselves should be in a good position. That's all I had as a recap. Now I would like to ask my colleague, Sari and Toby to come on to the stage once more as we run the final Q&A. I believe that Laura also has some questions from online that we still haven't addressed. So let's take those. So first of all, if there are still any questions over here from the room, happy to take those first.

Veikko, Danske Bank. First of all, on the M&A then. So very strong cash flow you have balance sheet, you're probably able to leverage up to 2x or even more or EBITDA. So you probably can have over EUR 100 million to use in M&A. So what are you looking for as when talked about R&D pipeline, there were no new big products coming out. So what could be the target then?

There's many ways we can grow. Product is not the only one. We're actually quite happy with the product we have. We're making enhancements to those like I said, SENSE and Identity Protection, for instance, are very novel market areas, and they still have a lot of mileage on them, let alone TOTAL. But also in terms of having access to different regions of the world, there are players who could help us access partners that we haven't been able to access up until today. And there may also be certain technologies, which are such that we have potentially been using third parties to complement our own offering. We might acquire some technology that makes us more independent and helps us, for instance, drive the cost down, once again, potentially improving the EBITDA. But these are just some examples. Access to market and technology, those are 2 possibilities. And we are looking into certain areas in the, let's say, the comprehensive security suite that the customer may need or a partner may want. And we're looking at certain areas that might fit our current offering.

Okay. Interesting. And then final question for me would be how the CSP partners now like it that you start selling this product also to Allianz and the other ones? So basically, you're taking away the business from your other partner channel when you start selling to Allianz obviously, they shouldn't be too happy about it.

It doesn't make any difference really. For instance, in the Netherlands, every single CSP is selling our services. They don't see that as a problem. Allianz is yet another company who can enter into markets. Each one of these companies have different levels of customer relationships and level of in a way, loyalty. So they see that the more F-Secure is out there, it's actually helping them. I've spoken with a few partners in the last weeks, specifically, and they felt that, that makes sense. It sounds good. So I haven't heard a single negative word up until today. They don't see it as a problem. There's so much of the world out there, which is unserviced that there's room for everybody. No questions from the room. Was there a question? No? Okay. Then why don't we allow to go for the online questions?

A couple of questions here as well. So still on the channel, what is the average percentage of partners customers who make use of your services? And how are you planning to increase this?

Okay. So that's a very relevant question. So I think I mentioned earlier that starting from anything around 5% to 10% of the partners' customer base to even above 30%. That's where we can get. And the ways how we can increase that is that, one, our service marketing managers work together with our partners, to help them find new ways to attract customers who haven't taken on the services beforehand. And when they are doing that, they are actually leveraging the learnings from other service providers and our direct business so that they can do a phenomenally good job. So that's one. The second thing is that, like I said, not everybody will want to ever necessarily install an app. It's just too hard. So naturally, we want to fill some of that gap with router security, which is a much easier experience for consumers to get secured, especially and specifically when they're at home.

Makes a lot of sense. Well, then I'm turning to another topic. So this is a big one. You probably have heard it before. What are the biggest risks related to the upcoming split finance, technology, skills, capacity, et cetera. How have you mitigated those risks? And are any surprises to be expected?

First of all, I have to say that surprises can always happen, but we're prepared very, very well. So I wouldn't be counting on that. Maybe I'll hand over to Sari to take this one.

Yes, I feel that we are quite well prepared and all those areas that were listed. So we have definitely worked on them. Of course, I think IT is generally the area where something could go wrong, at least those of us who have been involved in big projects now. But also, we are not like dependent on one system in the sense. Our ERP is actually not the place where we do a daily business. So we have a very good team working on that, and I feel we are fine there. I'm sure Toby can comment the tech part at how you see the risks in your area.

Yes. So the tech part, I think, in many ways, is going to be the most complicated, but it's also the one I'm least worried about. We've known that this demerger is coming for some time. we announced at first in August last year, and we've had a series of working groups within the company that the key technical leads to the architects started small growing, growing, growing, there's probably been, I would say, 80 to 100 people involved in the planning of that. And we spent an extraordinarily large amount of time over the last year working out what is our future operating model, how do we ensure that all the systems that we share as one company today can carry on working and how can we transition through that to a situation where the 2 companies can operate independently? So it is one of those sort of, slightly fractal things that at the top it seems very simple. The further down you drill into it, the more and more complexity of their lives. But I think we've covered that complexity very extensively. So while, of course, there can always be surprises and we could expect them, then they wouldn't be surprises. I'm very confident on the technology front, certainly, that we have a very good handle on what's going on and if expected -- if surprises do arise, I think we are well prepared to deal with them. .

I would like to highlight one more thing. It's our people. Doing a demerger, one of the toughest bits is actually to have your people with you. People -- you may start seeing attrition that wasn't expected and then you call it a surprise. The way that we've addressed this is that as quickly as we have been able to by not breaking any rules of confidentiality, we've involved large numbers of people into the planning exercises. So people have been part of making sure that what we're doing is going to work. And what's important for them, naturally, they have secured that, but also people around them and the teams. I would say that, that's gone remarkably well. We have, like I mentioned earlier, we have excitement in the team. I would say that people are either neutral or positive about the change. And from that perspective, for instance, in terms of attrition, we haven't seen any negative trends in any way so far. But that -- I would say that, that's the most sensitive bit that we keep the people here and focus on them. And if we do that, everything will go fine.

I could actually maybe still continue on this. So of course, in a big project like this, we have had also many advisers, both on legal side, financial side. And we are basically going through the same process as in an IPO. And there are many like checklist that do we have things in place. So I think also, as we have people who have done this many times, and we are going through their list and really there is this like IPO due diligence. So at least that has helped us in planning all the details as they know where the surprises and issues normally come. So I think that also improves our comfort level, having that external support and guidance.

And the traffic lights are green, right?

Yes. Traffic light are green.

Any other questions online?

That's all from webcast.

That's it. Any more questions from the room? Time for last orders.

Matti Riikonen, Carnegi. A small question. You guide EBITA level of profitability. And sorry for my ignorance, but is there a big difference between your EBITDA and EBIT? And why have you chosen to use EBITA because normally for a company that has not made acquisitions has not that much to amortize, it would be easier to use EBIT. So why this selection?

Yes. Good question. So WithSecure has traditionally used EBITDA with the D, and we had a discussion about this, and we felt that EBITDA was just better for us. The depreciation part is very small. So the difference is not big. And of course, going forward, we don't have the goodwill amortizations which would create a big difference here between EBIT and EBITDA. But of course, we have now some of this intangible asset investments coming up within IT and R&D. So there will be some of that.

All right. If nothing else, I thank everybody here in the room for good engagement, good questions. It's been a pleasure. Also, everybody on the webcast. Glad to have you with us. So we'll be naturally looking forward to seeing all of you in our interim results session in July. But even before that, we are proud to say that with our partners, we've now made live our investor website. So if you go to investors.f-secure.com you can now see our own investor pages starting from yesterday, I believe. And also, for instance, the materials and recording of this session will be available there. All right.

And there's a lot of this material that was in the prospectus, so maybe in a nicer reading format and the prospectus.

All right. Very good. With that, thank you very much. See you next time.

Thank you.

Thank you.