It’s just over a year since (), a specialist in cyber-threat blocking, changed tack after suffering order delays.
In common with a number of software companies, it is moving away from the “one licence per user” model, with its lumpy revenues, to an “as a service” (AaS) model, which traditionally results in an initial hit to revenues – no more big up-front payments when a new customer signs up or an existing one renews – but which is generally regarded as being better for recurring revenues.
The argument goes that because AaS customers stump up on a pay-as-you-go basis, the monthly bite-sized payments are less likely to make the chief financial officer of a customer have a fit than an annual or bi-annual big licence renewal.
It is early days, still, but results for the first half of 2017 suggest the strategy is beginning to pay off.
Revenue was unchanged year-on-year, with strong growth in sales of SmartWall, its flagship threat defence system, offsetting an expected decline in revenue – down to US$0.4mln from US$1.9mln the year before – from legacy products.
Recurring revenue from SmartWall was up 177% on the first half of 2016; the company signed seven new customers to its platform-as-a-service offering during the reporting period.
Order intake for SmartWall was up 41% to US$4.8mln from US$3.4mln the year before, while follow-on orders from existing customers surged to US$1.4mln from US$0.3mln.
The underlying loss (LBITDA) widened to US$3.4mln from US$2.5mln, including a non-cash foreign exchange loss of US$0.3mln on an inter-company loan, whereas last year the company recorded a paper-based US$0.8mln gain related to foreign exchange movements.
The loss before tax deepened to US$4.8mln from US$4.1mln.
At the end of June the company had net cash of US$5.1mln, versus net cash a year earlier of US$8.7mln.
Growing the top line is vital in a high margin business
As the above figures demonstrate, Corero is still in the loss-making stage where revenue growth is deemed more important than profits.
Crank the revenue up high enough, and the profits will follow.
Encouragingly, concurrent with its interim results, the company announced one of its biggest ever contract wins for Smartwall, to a global pharmaceuticals company that has a strong online presence.
The win, initially worth US$0.2mln but with the prospect of rising to US$1.5mln over the next few quarters as the product gets rolled out, demonstrates the company can make inroads beyond its traditional markets of internet service providers and data centres.
Another day, another cyber-crime
The stream of contract wins reflect a growing realisation of the threat posed by cyber-crime and the commercial opportunities the threat presents for a company such as Corero, which specialises in combating it.
The contract awards, plus others from Tier One internet service providers, have underlined Corero’s market leadership in the field of preventing distributed denial of service (DDoS) attacks, where one or more malevolent agencies bombard a company’s web site or network with requests, with the intention of causing a kind of cyber gridlock.
Such attacks can be highly damaging financially, not to mention reputation-wise, so companies are keen to be bang up to date on providing the latest protection.
“The demand from digital enterprises for real-time DDoS mitigation solutions is being driven by the increasing number and severity of DDoS attacks and the growing awareness of the threat of cyber-attacks brought about by high profile attacks such as the crippling DDoS attack on Dyn in 2016 and recent WannaCry ransomware attacks,” said Andrew Lloyd, president and executive vice president of sales & marketing at Corero.
“In addition, new cyber security regulatory requirements such as the European Network Information Security (NIS) Directive, General Data Protection Regulation and the revised Payment Services Directive (PSD2) are requiring companies invest in appropriate cyber security defences,” he added.
Corero’s chief executive, Ashley Stephenson, sees hundreds of further opportunities for new business.
The UK’s National Crime Agency (NCA) recently warned that businesses and law enforcement agencies were losing the “cyber arms race” with online criminals, as the technical capabilities of criminal syndicates outpaced those of security services.
The report, published in July 2016, found 2.46mln incidents of cyber-crime in 2015, including 700,000 cases of fraud.
Following the report, the government announced it planned to spend £1.9bn over the following five years on cyber-defences.
The NCA found that the accelerating pace of technology and criminal cyber-capability development currently outpaced the UK’s collective response.
More recently, UK defence giant PLC (LON:BA.) claimed that the average cost of a cyber-attack was at least £330,000. The figure was arrived at after it had surveyed 100 bosses that lead businesses that each employs more than 1,000 people.
“Businesses need to ensure they have the right people, process and tools in place, so when a major incident occurs they are equipped to understand, contain and remediate,” said Julian Cracknell, managing director for UK Services at BAE.
Far better, of course, to prevent the major incident in the first place, which is what Corero is all about.
What the chief executive says
So, the cyber threat is growing, and that is likely to attract competitors into the market.
The DDoS market is, according to chief executive Stephenson, “hot and only getting hotter”.
“It is a durable space for the next five years. It is busy and people are coming into the space, but the area we are interested in, DDoS, is still relatively sparsely populated.
“There are only a few companies like us that can do what we can do. It is a limited competitive field, so we don’t feel like there is a major threat,” he said.