viewCorero Network Security PLC

Corero recovering after September stumble

The fund-raising that the company had flagged is now practically done and dusted, so that is not hanging over the shares any more

Corero Network Security
If only it were this simple ...

Shares in Corero Network Security PLC (LON:CNS), a specialist in cyber threat blocking, shot up today as it reported strong demand for its shares had prompted it to increase the size of its recent fund-raising.

Last week the company announced plans to raise £5mln. Today, it was announced that the amount to be raised had been increased to £5.6mln.

Chairman Jens Montanana, who had indicated a willingness to subscribe for £4.2mln of new shares, has pared back the amount he will be pumping into the company to £3.4mln or thereabouts, lifting his stake in the company to around 44%.

WATCH: Corero boss lauds "new as a service model" ...

The news gave a welcome lift to a stock that has been under a cloud since last September, when the company warned that full-year revenues for 2016 would be below expectations, partly because some of the large deals in the pipeline are taking longer to close than anticipated.

In the event, group revenue in 2016 was up 5% to US$8.8mln from US$8.3mln in 2015, with the flagship product SmartWall seeing a 62% increase in revenue on the back of a sharp rise in customers from 39 at the end of 2015 to 64 at the end of 2016.

The underlying loss (EBITDA) narrowed to US$5.1mln from US$6.4mln.

The company said it had made a good start to 2017, following on from a strong finish to 2016, when it enjoyed a record order intake for its SmartWall Threat Defense System in the final quarter.

Corero said 15 new customers were added, including five “as a service” customers. The main difference in revenue terms between the traditional software licensing model and software-as-a-service (SaaS) is that under the former, the software gets the licensing fee up-front, whereas under SaaS it receives subscriptions revenues on a monthly basis.

The group revealed the average perpetual licence order in 2016 was in line with the previous year, and was in excess of US$200,000, whereas the average as-a-service year-one contract value was US$40,000. Simple arithmetic indicates that the customer relationship has to last at least five years for the "as a service" model to work out better for Corero, but that's the expectation; as most finance directors will tell you, it is easier to budget for US$3,300 a month (US$40k over 12 months) than it is to find US$200,000 when a licence needs renewing.

More recently, in 2017, the company bagged a US$1mln order from a leading cloud-computing company. A major chunk of the revenue from the contract, which was won following a proof of concept trial, will be recognised in the current year.

Cyber-crime threat offers commercial opportunities (for the good guys)

The contract wins reflect a growing realisation of the threat posed by cyber-crime and the commercial opportunities the threat presents for a company such as Corero, which specialises in combating it.

The contract awards, plus others from Tier One internet service providers, have underlined Corero's market leadership in the field of preventing distributed denial of service (DDoS) attacks, where one or more malevolent agencies bombard a company's web site or network with requests, with the intention of causing a kind of cyber gridlock.

Such attacks can be highly damaging financially, not to mention reputation-wise, so companies are keen to be bang up to date on providing the latest protection.

The hacking of telecoms group Talktalk Telecom Group PLC (LON:TALK) in 2015 was but one high profile case of cyber-crime, although in this case it was a hacking attack (the computer equivalent of breaking & entering) rather than a DDoS attack, and it is highly probable that there have been many, many more attacks that the public did not get to hear about, simply because companies acquiesced to the attacker's demands for money.

Corero's chief executive, Ashley Stephenson, sees hundreds of further opportunities for new business.

No company is safe

Meanwhile, the company continues to expand its offering, with the launch recently of a beta version of its latest software monitoring solution.

Cloud-based Corero SmartWall Network Threat Defense - Virtual Edition (vNTD Monitor) can be deployed against any server or network and monitors DDoS events.

The idea is the new product will lead to increased demand for the company's flagship SmartWall Threat Defense System mitigation tool.

Speaking to Proactive Investors, chief executive Ashley Stephenson said: "I don't think any business is immune from the threat of cyber-attacks these days so we expect a growing opportunity for the security companies in general."

"Cyber security respects no national boundaries so we see just as sophisticated attacks in Europe as we do in the US," he added.

The UK’s National Crime Agency (NCA) recently warned that businesses and law enforcement agencies were losing the “cyber arms race” with online criminals, as the technical capabilities of criminal syndicates outpaced those of security services.

The report, published in July, found 2.46mln incidents of cyber-crime last year, including 700,000 cases of fraud.

Following the report, the government announced it is to spend £1.9bn over the next five years on cyber-defences.

The NCA found that the accelerating pace of technology and criminal cyber-capability development currently outpaced the UK's collective response.

Responding to the report, Dave Larson, said he was seeing an increasingly sophisticated organisation of the threat actors in the form of organised crime syndicates and other forms of dark entities, creating breach kits that are “fabulously powerful”.

According to Larson, the banking sector and the government sector are lagging behind in their ability to keep up in the face of change in the cyber threat landscape.

“There is a false sense of security in many organisations that if you are compliant, then you are secure, and I don’t think those two things necessarily equate,” Larson said.

“Just to think you can still be secure because you use a firewall, IPS [intruder prevention system] and logging systems has been proven to be insufficient, and we see no decrease in the number of breaches that occur,” Larson revealed.

More recently, UK defence giant BAE Systems PLC (LON:BA.) claimed that the average cost of a cyber attack was at least £330,000. The figure was arrived at after it had surveyed 100 bosses that lead businesses that each employ more than 1,000 people.

"Businesses need to ensure they have the right people, process and tools in place, so when a major incident occurs they are are equipped to understand, contain and remediate," said Julian Cracknell, managing director for UK Services at BAE.

Far better, of course, to prevent the major incident in the first place, which is what Corero is all about.

What the chief executive says

So, the cyber threat is growing, and that is likely to attract competitors into the market.

The DDoS market is, according to chief executive Stephenson, “hot and only getting hotter”.

“It is a durable space for the next five years. It is busy and people are coming into the space, but the area we are interested in, DDoS, is still relatively sparsely populated.

“There are only a few companies like us that can do what we can do. It is a limited competitive field, so we don’t feel like there is a major threat,” he said.

What the broker says

House broker Cenkos Securities said a transitional market shift in Corero’s favour is taking place.

“The business model is highly scaleable and financial returns are maturing,” it asserted.

The broker said that a revenue miss at the interim stage was down to the loss of one major opportunity – worth a seven figure sum to a competitor - and conceded that investors might want to take a spell on the sidelines until they see greater predictability in the business model.

In a note issued before the recent flurry of contract wins, Cenkos argued that momentum was still strong, with announced wins (as at 12 September) year-to-date worth more than US$3mln in total contracted value, while customer numbers have more than doubled year-on-year to more than 40.

“Proof-of-concept trials continue to grow and these currently number in excess of 25,” the broker noted.

“One forecast miss does not necessarily imply the marketplace has changed materially for the company and we believe the investment premise of service provider DDoS protection remains intact. We have seen early stage technology companies bounce back from similar disappointments before,” it added.

Quick facts: Corero Network Security PLC


Price: 10.61 GBX

Market Cap: £52.5 m

Add related topics to MyProactive

Create your account: sign up and get ahead on news and events


The Company is a publisher. You understand and agree that no content published on the Site constitutes a recommendation that any particular security, portfolio of securities, transaction, or investment strategy is...

In exchange for publishing services rendered by the Company on behalf of named herein, including the promotion by the Company of in any Content on the Site, the Company receives from said issuer annual cash...


Chmilewsky says Corero Network Security has the right platform to take on...

Lionel Chmilewsky has been the chief executive of Corero Network Security (LON:CNS) for just over a year now and the recent half year figures show a record performance and underline ongoing strategic progress. The company provides real-time, high-performance, automatic Distributed Denial of...

on 22/7/21

7 min read