U.S. Markets closed

Edited Transcript of FSC1V.HE earnings conference call or presentation 19-Jul-19 10:30am GMT

Half Year 2019 F-Secure Oyj Earnings Call

Helsinki Jul 22, 2019 (Thomson StreetEvents) -- Edited Transcript of F-Secure Oyj earnings conference call or presentation Friday, July 19, 2019 at 10:30:00am GMT

TEXT version of Transcript


Corporate Participants


* Henri Kiili

F-Secure Oyj - IR Manager

* Samu Konttinen

F-Secure Oyj - President, CEO & MD




Henri Kiili, F-Secure Oyj - IR Manager [1]


Good afternoon, everyone, and welcome to F-Secure first half 2019 audio presentation. I'm Henri Kiili, Investor Relations Manager of F-Secure. But without further ado, CEO of F-Secure, Samu Konttinen.


Samu Konttinen, F-Secure Oyj - President, CEO & MD [2]


Thank you, Henri. So taking it from here, so welcome also from my behalf. We'll be commenting to our first half and perhaps more specifically for second quarter results. So starting from the key takeaways. So we are very pleased with our performance in Q2 overall. So we really are meeting the mark across all our businesses. Our revenue grew by 25%. We are very, very happy with that one. And that the profitability on the adjusted EBITDA tracking to our expectations. The main growth vehicle for us is definitely our corporate security that grew 50% compared to previous year. So that's a great achievement across various fronts at F-Secure.

I'm going to explain them now very briefly, and then taking a closer look as we go forward. So first is the endpoint security, which really is the cornerstone of our B2B business. So we really saw a great performance there. New sales is improving and we are really having strong renewals across all our regions. The second, managed detection and response, our main investment area and the fastest growth vehicle across all F-Secure B2B services. So really continuing a great growth there. I'm very happy that we are -- we signed several new deals across so many different demanding customer verticals across so many different regions around the world. So great progress there.

The third business domain within our corporate security is our cyber advisory at the cybersecurity consulting business. So similarly there we continued a very strong revenue growth and especially mentioning the largest markets for us that would be the Nordics and U.K. and Singapore that are really enjoying a stellar growth.

In consumer security, that overall stands a bit less than 50% of our total business mix, had a good quarter there. So we grew by 3%, and really driven with the strength of our operator channels. So that's really a great, great performance in the consumer security as well.

And now looking at the numbers here, more specifically, so consumer security growing 3%; corporate security, 50%. That breaks down into product side growth, growing 19% and consulting by 146%.

On the adjusted EBITDA, we resulted Q2 at EUR 4.8 million, so we are very, very pleased with that one and almost 9% of revenues. On the EBITDA side, EUR 13.9 million, and there is a change compared to be coming from the depreciation and amortization that the main impacts being IFRS 16 impact and also now carrying depreciations from the MWR acquisition we did a year ago. And then resulting to end EBIT at EUR 3.3 million, so tracking really, really well there.

Now a bit closer look into our corporate security products business. So as said before, so really the endpoint security, the cornerstone business for us really had a good quarter both for new customer acquisition and renewals. Some of the quarterly highlights definitely is that we won a very significant service provider deal where we have replaced one of the largest endpoint security companies in the world. And what makes that deal so specifically for us is that we became an exclusive partner for that significant service provider. And they are not only starting to sell F-Secure endpoint security to their new customers, but they are also going and replacing all their installed base of the incumbent with F-Secure cloud-based endpoint solution. That really talks about our competitiveness and our threat detection ability and us repeatedly winning the award for what comes to best protection so the partner really appreciated the technical strength of F-Secure cloud-based endpoint solution. So that's definitely one of the highlights.

Our EDR solution that we started shipping late 2018 is having a really good progress there. So we are onboarding partners really rapidly, certified partners across all our regions worldwide. And the new sales is starting to pick up really nicely where we have to be mindful of the fact that this solution area is still very much in the early days and the total volume is still small. But we are very happy with the direction and with the feedback we are getting from the partners, the feedback we are getting from the customers. Then moving on to managed detection solutions where we are carrying 2 solutions. So we are carrying the F-Secure Rapid Detection Service and we are carrying Countercept. So both solutions really had a good quarter. So we won several new managed detection and response customer deals, many of the customers really coming from the most demanding industry verticals such as finance, technology, critical infrastructure, and many more. Really customers coming from verticals who don't want to be taking any chances for what comes to their cyber defense, the capabilities not only to detect but also capability to respond to attacks. So we are really proving to be very, very competitive there. So I'm very, very happy with the performance there. And really the success is coming geographically quite broadly from the U.K., from Germany, from Finland, from France. So this business is really, really interesting and important for F-Secure, and we really had a strong second quarter of year and our outlook going forward continues to be very, very positive in this front.

Then moving on to cybersecurity consulting. So really good performance at our largest markets in the U.K. and Nordics. Also from there a little bit smaller countries where we are seeing really fast growth, definitely what would be worth mentioning is Singapore. So very good progress across those countries. And looking at the industrial logic there so the growth really is coming with a very balanced view. So there's a lot of expansions within our customer -- existing customers which really talks about the value we deliver and the strategic nature of those partnerships. So we really continue expanding our footprint within the biggest partners we're working with and biggest customers. And many of them include companies like the largest banks in the world and companies from many other business-critical industry verticals such as automotive, transportation, aviation, critical infrastructure, and many more. And there -- and in addition to expanding the share of wallet with the existing customers, we are acquiring a very impressive amount of new customers as well which adds to business momentum and adds to growth, we are seeing in cybersecurity consulting. And I guess here, it's a very good to remind how we see that the cybersecurity consulting is adjacent and complementing our detection and response business. So working with customers in areas like forensics and incident response, we get to witness accounts, stealth mode, unique targeted attacks that nobody has never ever seen before and transforming that inside into our detection and response solution just complements the picture and makes F-Secure overall a very, very competitive company in cybersecurity space.

Further about incident response, Q2 really was a quarter with a lot of activity here. So we were dealing with more cyber incidents than what would be a normal pace for us, and I think that is a really good thing for F-Secure from a couple of perspectives. First, obviously, that the cyber incidents continue surfacing, they continue surfacing more, that talks about the market dynamics, it talks about the challenges companies face as these cyber attacks are continuing -- growing in volume and in complexity. But the key really is that we are clearly becoming the first call for our customers in cyber incidents. So when they have an incident, they need help, they need the right help and they need it fast and we are really becoming the first call for our customers, and it's not only the cyber advisory services and the world-class expertise we can throw in, but also our detection and response solution, especially -- specifically Countercept that has unique strengths in response and forensics is very often used as a technology, as an assisting technology in these most demanding incident response cases. So this is really a -- it talks about that the combination of technology and cyber advisory services and how they work together. So we had a really good quarter in cybersecurity consulting in Q2.

And now let's briefly recap the MWR acquisition as it happens to be now an anniversary for that. So it is exactly a year ago when we announced acquiring MWR InfoSecurity, the cybersecurity company based in U.K. by -- at that time, having more than 400 employees. So it really has proven to be a great strategic fit for F-Secure.

Now looking back, so what did we really acquire, what was MWR all about at the time of acquisition? So really a household name, especially in U.K., South Africa, in Singapore, for what comes to cybersecurity consulting. So we really gained a lot of geographical reach to our existing cyber advisory offering. And the second thing that was very strategic for F-Secure is that their managed detection and response solution, Countercept, that is really strong in detection and especially strong in response and forensic. So these were the 2 key assets. And now looking at what the combination of MWR and F-Secure really look like together so we have more than 300 cybersecurity consultants across 4 continents. We are very capable of serving our very demanding globally operating customers across all 4 continents. We are capable of offering services like incident response really 24/7 across all 4 continents. And there are not too many companies who are capable of doing that.

We have all the time, had a very much a specialist reputation, very much in research-led approach. So we are publishing a lot of published cases, a lot of articles, a lot of research, a lot of our experts are frequent visitors and speakers at the main conferences in cybersecurity domain worldwide at the black hats of the world, at devcons and infosecurity and so many more.

Now looking at the customers that we serve together. So here just mentioning few, so many of the largest banks as an example in the world are our customers and we are very proud to be working with those customers and as explained earlier, a big part of the business dynamics is that we are proving our value as strategic partner for these significant companies and we see a lot of growth expanding our footprint within those existing accounts. Then on the technology side so putting the Countercept and F-Secure Rapid Detection Service together, really is a strong solution. So combining the threat hunters and the Rapid Detection center expert really helping our customers detecting those stealth-mode attacks that typically would go unnoticed. That's a real asset we have. We've developed a lot of preplanned methodology. So how do you go about and how do you resolve these attacks, how do you respond? How do you do continuous response and so forth. So really a lot of expertise there. And at the end, where it definitely also boils down to a lot is we have a very powerful technology stack in detection and response, really underscoring both not just detection and -- but also response and leveraging our artificial intelligence-powered cybersecurity cloud for that, so it's a very strong solution.

And now going forward, so we continue expanding our joint capability in the incident response. We will be taking new steps and next steps on integrating the consulting units into one F-Secure consulting unit that operates as one discipline worldwide. We continue growing our cyber advisory services, but we will also be improving profitability at the countries that has already reached the right scale and are mature enough. And then there are countries where we are more operating it through a growth lens and then start surfacing profitability once we reach the right scale.

On the technology side, so we continue selling Countercept and RDS still as 2 separate solutions for our customers for the time being. But at the same time, we are working hard on combining Countercept and RDS into one managed detection solution that really has the capabilities of both solutions really kind of the best of both worlds solution. And one of those very key angles with our detection and response is the Threat Hunting platform that we have been working on and really having there a model where we can do threat hunting together with our customers, together with our partners, so we can really help them with their cyber capability improvement life cycle allowing them to participate on the hunts that can be orchestrated by F-Secure or vice versa. In some cases, the customer wants to be orchestrating the hunts themselves and it would be just our experts would be just participating on those hunts. So really making that kind of a team play to hold threat hunting exercise. That's really going to be a unique approach that we are now working.

So that's us briefly about the MWR acquisition as this marks the anniversary of it and still today the F-Secure B2B numbers are impacted with the acquisition and now Q3 on which we will be seeing that numbers will be kind of a comparable apple to apples.

So there's no inorganic impact anymore. And then looking at consumer security. So I'm very pleased how consumer business is tracking. So this is very robust business for us, growing 3% now during the second half, which is the fastest pace that we have seen our consumer business doing for a while. And it's really driven with the strength of the operator channel, it really continues being the strategic asset, kind of, an ecosystem that no other vendor in cybersecurity arena has the same way as we do. So working with almost 200 operators, helping them to secure their end customers and really taking this not as a reselling model, but really as a true partnership, as a strategic partnership that really is a great asset F-Secure has. And as a testimony of that, I think, is during Q2 we inked a very strategic new deal for us where the partner was looking -- the operator was looking to expand their security offering to securing the entire digital homes, they wanted to start equipping the routers with cybersecurity capabilities, and they did a very thorough and careful analytics of all the competition out there and the operator chose F-Secure since being the key technology that they will be deploying to their routers really providing that whole digital home security across all their customer base. But it didn't stop there. So in addition that very same customer, they also start to look like whether they have the right vendor, right partner in place for what comes to endpoint protection, and that incumbent was kicked out and replaced by F-Secure. So we didn't only win a strategic partner for router security, but we also won an endpoint security customer, where we replaced an incumbent. So that really talks about the strength and the approach we have working with the operators and doing better than any other company.

Second thing to mention that is very important, I would say, specifically for the operator echo system is that during May, we announced a new solution that we will be rolling out later this year, identity protection. So that has been very well received by our partners and we expect to make first deliveries by the end of this year, and we are very excited about that and how it really resonates to consumers and really addresses a very real and relevant threat on protecting the online identities of consumers and helping them to cope with the identity theft situations.

Then moving on to direct sales. So direct sales revenues stayed pretty much on the previous year's level. So there I think the key metrics like the renewal performance, it really is looking good. But that obviously talks about the solution quality and the support and the trust customer has towards F-Secure. We're also very happy with the average revenue per user development, we see that users are increasingly upgrading from SAFE, our Internet security solution, or from FREEDOME, our privacy and VPN solution to F-Secure TOTAL. With this premium package that includes all F-Secure consumer security assets, it includes everything in the SAFE, so the internet security, browsing protection, banking protection, all of that stuff, it includes privacy filters, it includes VPN, and it also includes F-Secure KEY, our password manager solutions. So we really see customers gravitating towards that F-Secure TOTAL there, the outmost premium package out there. And that drives both renewal rates and that also drives average revenue premiums.

And a little bit more about the ID protection that we talked about, the solution that we announced in May. So why at that? I believe, that we have a very, very good set of solutions helping our consumers first preventing all sorts of cyber incidents and cyber attacks happening with our privacy internet security password management and the router security solution. And then even if some of these solutions are not in place for the customer, then helping them to detect whether there is any misuse of personal information, or -- and also informing user about the breach, which is a very, very important, and very simple and valuable -- value proposition for customers. It's like a week doesn't go by that we wouldn't read that some of the globally operating Internet service providers, the supersize Internet companies wouldn't be breached and announcing how they -- how the hackers have stolen millions or tens of millions users credentials and for average consumers, it is very, very difficult for them to keep up with all that development, and not to mention how to mitigate and how to respond to those solutions. So this is what we want to be doing with ID protection solution, making sure that consumers are informed of such breaches and detecting the misuse of personal information and helping them to respond and assisting them to resolve the breach quickly. So very, very excited and looking forward on the opportunity here.

A little bit on the business side. So on the deferred revenue, that grew by 6%. So this is a slower growth pace than what we have in the past. And a couple of points to elaborate and offer a bit more color to that. So first, in corporate product business, so we are pushing for shorter average contract duration and as we are tightening in our renewals discount policy. In practically, it means that if customers are willing to subscribe for multiyear deals, 2 years, 3 years, we continue being very happy to accommodate those requirements, but if those requirements include having significant discounts for subscribing for multiyears, so we have less and less appetite for those deals going forward because we've just seen the renewal rates are very good. So we rather then take and onboard customer for a shorter contract duration and then very successfully renew them rather than sign multiyear deals, if that requires giving significant discounts. So we've changed our discount policy quite a bit here. The second driver that is impacting on the deferred revenue is that there is a clearly more and more demand and more and more traction and bigger part of F-Secure overall sales is SaaS is practically means that we are talking about monthly subscriptions, quarterly subscriptions, or annual subscriptions but very rarely about the multiyear subscriptions that would be the one that is driving the deferred revenue. So that's definitely there. And then the last thing to mention, which also is a fact that we are now seeing an impact here in the deferred revenue as mid-last year, 2018, we had clearly a softer performance across our endpoint security business. So that softer performance about a year ago is now becoming visible having less deferred revenue in the order book. So really that impact deriving from the performance a year back. So that just explains our number there.

Then the last thing that I'm covering here before going to the outlook is that we've revised the deal values with the MWR as we've mentioned in the opening. So practically, here you see the chain of these events of starting from what would've been the adjusted EBITDA excluding IFRS 16, and then you add the IFRS 16 impact to that. So through that, you kind of arrive to adjusted EBITDA that includes IFRS, and then you go to depreciation and amortization piece, you take out those ordinary items and then you arrive to an adjusted EBIT. Then you go to other operating income, which is a revision of our earn-out expectations as when we signed the MWR deal, we had a very substantial earn-out component to that and against a very ambitious targets. And now we had one of those milestones coming into end, end of June, and now all the milestones are very demanding and challenging milestones we've not met. So that then leads to revision of earn-out expectations, and we are releasing some earn-out related liabilities resulting to a one-off gain of EUR 9.1 million.

And then after that, you go to impairment, and then we testing the impairment in the goodwill, and then based on the impairment test, there was a negative one-off effect of EUR 6 million, and then you have a purchase price allocation amortization, EUR 2.3 million and that arrives you now to an EBIT of EUR 3.9 million. So that kind of illustrates and explains kind of in the waterfall model how the EBIT and EBITDAs work especially now as we have a bit of a one-offs and negative one-offs, and positive one-offs, so how they are going together there and then also adding this other kind of reporting levels and ordinary items in this mix.

So it's a bit complicated, but we hope that this gives you a picture. And before moving on to summary and to the outlook, I think it's very important that the sentiment there when we acquired MWR InfoSecurity. So we really wanted to make sure that the earn-out component is linked to a very ambitious growth targets and although they have not been fully met now, which led to this positive one-off effect in the revision of earn-out expectations, but in the big scheme of things, we continue being very excited about the MWR acquisition, the business has been performing really well. We are continue liking how it complements F-Secure's strategy. So overall, we are very satisfied with the acquisition.

And now moving on to the last chapter of the presentation today. So we keep our outlook for the year unchanged. So in B2B side, we expect our growth looking above 30% compared to 2018. Revenue in consumer is expected to be approximately on the same level as 2018, and in the adjusted EBITDA impacting -- in the adjusted EBITDA with IFRS 16 impact included, we're guiding that to be above EUR 21 million. So these are the original outlooks that we released for the year, and so we are keeping them unchanged. We had a very solid quarter, and we're really looking forward to the second half of the year. That's it from my side. We have time for some questions, if there are any.

Okay, seems no questions. Hey, thank you for your time. Thanks for joining.


Henri Kiili, F-Secure Oyj - IR Manager [3]


That's it. Thank you, see you in the next quarter.


Samu Konttinen, F-Secure Oyj - President, CEO & MD [4]