Q4 2017 Earnings Call Transcript

Published: 26 Mar 2018

Operator:

Good day and welcome to the CynergisTek’s Fourth Quarter and Full Year 2017 Earnings Call. Today's conference is being recorded. And at this time, I would like to turn the conference over to Bryan Flynn, CynergisTek Investor Relations. Please go ahead.
Bryan Flynn:

Thank you, operator. I want to welcome everyone to CynergisTek’s fourth quarter and full year 2017 earnings call. Joining us today from the company includes Mr. Mac McMillan, President and Chief Executive Officer; Mr. Paul Anthony, Chief Financial Officer; and Mr. J.D. Abouchar, Chairman of the Board. Before we begin the formal presentation, I'd like to remind everyone that some statements made on the call and the webcast, including those regarding future financial results and industry prospects, among others, are forward-looking and may be subject to a number of risks and uncertainties that could cause the actual results to differ materially from those described in the conference call. Certain of these risks and uncertainties are or will be described in greater detail in the company's SEC filings. CynergisTek is under no obligation and expressly disclaims any such obligations to update or alter its forward-looking statements, whether as a result of the new information, future events or otherwise. At this time, I would like to turn the call over to our Chairman, J.D. Abouchar.
J.D. Abouchar:

2017 was an exciting and transformative year for our company. Early in January, we completed the acquisition of CynergisTek transforming us into the leading cybersecurity and information management company dedicated to serving healthcare in the United States. Shortly, thereafter, we uplifted to the NYSE’s AMEX and reincorporated into a Delaware corporation. Combined with our financial performance, these efforts did not go unnoticed by the financial community as we attracted many new institutional investors and analyst coverage from four top investment banks. Not unexpectedly we encountered a few bumps along the way as we made the transformation from several desperate operating entities into a single integrated company. But as we’ve entered 2018, I couldn’t be more excited about our future prospects and the dynamic management team leading our dedicated employees. At this time, I would like to turn the call over to our CEO, Mac McMillan.
Mac McMillan:

Thank you, J.D. We accomplished much in 2017. Setting out as integrated two companies was not a trivial task. However, I am proud to say that we have accomplished exactly that. We strengthened our management and business development teams, expanded our service offerings to meet customer and industry demand and trained our sales force to cross-sell our legacy as well as new managed service offerings into our existing account. While it might not had been -- always had been smooth sailing, our hard work and efforts have paid off with strong financial results, the release of several new services, and energized and streamlined workforce, and a new focused management team. As we look forward to 2018, healthcare is still the number one industry target for cyber criminals and healthcare is estimated to be poised to spend over 65 billion cumulatively over the next five years combating this threat. That is now placing healthcare systems, information and patients at risk. One leading healthcare periodical HIT Consultant recently reconfirmed reports that personal health information is still 50 times more valuable on the black market than financial information. Even more devastating is that the newer variety of cyber attacks take advantage of hospitals’ employees, third-parties and the rapidly growing number of Internet connected devices or IoT, connected to both their networks and their patients. These are the three fastest growing attack surfaces in cybersecurity. By 2025, it is estimated that 75% of the population will be connected to the Internet and there will be more than 200 billion IoT devices deployed. The confidentiality of a patient’s record will always be a top concern. However, disruption and integrity of information have emerged as bigger concerns. Cyber attacks can jeopardize the provider’s ability to operate, collect revenue, and most importantly, provide care for the patient. In the past, most healthcare organizations only came to terms with the investment that is needed in cybersecurity after they had suffered either a public or costly security breach. Throughout 2017 and the beginning of 2018, we have seen more and more executives -- senior executives and boards entering this discussion and starting to drive change. Cyber attacks will continue to be disruptive and costly to healthcare organizations that do not properly manage their risk. Healthcare organizations of all sizes need to ensure they have proper, up-to-date security measures in place including contingency planning for how to respond to a security incident, adequate staffing resources and security training for end-users across the enterprise. As a result of this need, we have seen demand for our existing services increase and look forward to the growth of our expanded managed service offerings, incident response, Vendor Security Management, patient privacy monitoring and endpoint security solutions for printers and medical devices. All designed specifically to help the industry solve these challenges. We continue to see sustained growth in our core cybersecurity managed service, adding many new healthcare clients in 2017, while upholding a 95% renewal of all existing cap account. Many of these renewals saw increases with the addition of new services. Healthcare organizations are turning to cybersecurity partners they trust to provide critical support in their programs and they are expanding web services they are looking to fulfill. Key areas of concern for healthcare include incident response, supply chain, security risk and the emerging medical device threats and support and filling critical skilled gaps for short and long-term projects. Our recently expanded Incident Response Services aims to improve and identify gaps in health -- in the healthcare systems, current processes by analyzing their ability to effectively respond to security incident that brings exposure to an organization’s security defenses, incident detection and response capabilities going beyond what compliance requires. These services were developed in a modular way to allow clients to acquire the service they need to enhance their program or as part of an ongoing managed service. Our Vendor Security Management program now fully automated through the incorporation of our SaaS solution RiskSonar allows organizations to understand and manage their risk exposure associated with the third-party vendors that create, access or maintain their sensitive data. Supply chain is another growing attack service for cyber criminals with third-parties accounting for between 20% to 30% of the breaches experienced by healthcare organizations. These incidents have involved some of the largest losses of patient data. Healthcare providers are becoming more sensitive and aware of this risk. Additionally, we expanded the total number of patient privacy monitoring solutions we partner with to include all of the leading user entity behavioral analytics tools. We are the only healthcare cybersecurity company to provide a managed service across multiple privacy monitoring solutions and we are also piloting new services to help providers manage and control risks associated with specific endpoint devices. We have developed a separate comprehensive security assessment for the printer fleet that looks at how those devices are managed from creating older way. We have incorporated security practices into our basic managed print services offering as well as help clients understand their ongoing risk from those devices. Both initiatives provide opportunities for cross-selling security services to those MPS clients. Lastly, we are piloting several medical device security solutions that give us the ability to inventory our clients' medical device fleet, understand their vulnerabilities and develop a risk-based review. All of these services are designed to enhance our position as the trusted partner and advisor focused on working with healthcare organizations to improve their cybersecurity programs, enhance detection capabilities, and monitor and improve reaction and response the security events. The sizeable workforce shortage in cybersecurity professionals that existed in 2017 will continue and worsen over the next several years, making it harder for organizations that source staff that they need. CSO Magazine predicts this shortage will reach at least 3.5 million by 2021, up from 1 million in 2017. Simple economics of supply and demand principles applied here. Healthcare organizations are severely challenged when it comes to recruiting and retaining cybersecurity employees because they are competing against sophisticated and high-paying companies for that talent. Because of this, we are seeing an increased demand for our new professional services that includes remediation, program development and a strategic staffing support. These services allow us to provide experienced and certified privacy in cybersecurity consultants who assist in establishing, maturing and managing effective security programs. I mentioned earlier in my remarks that we are seeing and being involved in more executive level discussions with clients and their boards, which we believe is a very positive sign. As we said, a lot of this interest is directly related to the level of threat activity impacting the industry. But some is in response to the SEC’s reaction and issuance of guidance for reporting cybersecurity events. In response, we’ve broadened our services to include the Cybersecurity Resilience Review developed by the SEC with the Department of Homeland Security and the National Institute of Standards and Technology. This is a review that addresses 10 specific areas of business risk from cybersecurity issues that boards should address. In addition to launching our new managed services over the last six months, we continue to focus on cross-selling. To better support our cross-selling, cost and upselling efforts, we restructured our sales approach to permit more concentrated account management, going from five to 10 dedicated sales regions. Each sales person now has achievement goals tied about generating new business and increasing penetration in existing accounts in their region. Looking back over the past year, we've had had to make some tough decisions
Paul Anthony:

Thanks, Mac. I’m pleased with both our fourth quarter and full year 2017 financial results. We achieved strong year-over-year revenue growth and record EBITDA. And in effort to streamline the financial section, I will review just some of the highlights from 2017’s fourth quarter and year-end, detailed information can be found in our 10-K filing and our earnings release. Revenues for the fourth quarter of 2017 increased 15% year-over-year to $18.7 million from $16.2 million for the same period in ‘16. Gross margin increased to 31% of revenues in the fourth quarter of 2017 as compared to 23% for the same period in ‘16. The increase in margin is attributable to the higher margin services rendered through the newly acquired synergistic business and the benefit from the maturity of a couple of large managed print services accounts. Adjusted EBITDA after adding back stock-based comp increased $2.5 million or 13% of revenues for the fourth quarter of ‘17 compared to $1.5 million or 10% of revenue for the same period in ‘16. Non-GAAP adjusted earnings after adjusting for amortization and impairment of intangibles, adjustment in contingent consideration from acquisition, stock-based comp, depreciation and non-cash income tax expense was $2 million or $0.21 per basic and diluted share for the fourth quarter of ‘17 compared to $1.4 million or $0.18 per basic, $0.17 per diluted share for the same quarter in ‘16. Looking at the full year highlights, revenues increased 19% year-over-year to $72 million compared to $60 million for the same period in ‘16. Again, this increase is attributable to the growth in our cybersecurity services as a result of the acquisition in January. Gross margin improved for the same reason, increasing to 29% of revenues for the full year as compared to 20% for the same period in ‘16. Adjusted EBITDA increased to $7.8 million or 11% of revenues for the full year of ‘17 compared to $3.6 million or 6% of revenues for the same period in ‘16. Non-GAAP adjusted earnings were $6.1 million or $0.64 per basic and $0.63 per diluted share for the full year compared to $3.3 million or $0.41 per basic and $0.40 per diluted share in ‘16. At December 31, 2017, deferred revenue was $1.4 million, up $0.6 million at December 31, 2016. Company had $4.3 million of cash and cash equivalents at the end of the year. As you may have seen in our recent press release, we have been focused on consolidating our debt and extending out the terms to better support our short and long-term goals of growing the business by entering into a new agreement with BMO Harris Bank, paying off our Avidbank loan and 75% of our Sellers Notes from the acquisition. I would like to provide a brief overview of the terms on the synergistic and BMO entered into an agreement March of this year of 2018 for $17.3 million under a 4.5 year term loan agreement with an additional revolving line of credit of up to $5 million. This allows for the pay off of the Avidbank term loan in 6.75 million of the synergistic promissory Sellers Notes. We also extended the balance of 2.25 million of the Sellers Notes with Mac McMillan under our new four year term. This separate also included the restructuring of the earnouts to Mac and our former COO Dr. Mike Hernandez resulting in additional charge of $1.4 million until the earout liability. We don’t anticipate this refinancing will have a material impact to the income statement but will provide short-term cash flow relief to the extended terms related to the timing of the payback of principal. We do expect approximately $0.8 million in non-recurring charges in Q1 of ‘18 related to this refinancing and the departure of the executive along with additional costs associated with the completion of a major part of the restructuring on how we deliver managed print services. Additional details regarding the restructuring can be found in our recently filed 8-K and our soon to be filed 10-K. As a result of the recently enacted Tax Cuts & Jobs Act, company’s US statutory federal income tax rate dropped from 35% to 21% effective January 1, 2018. The company will file blended US statutory federal income tax rate of 24.8% for 2018. Income tax expense is comprised of charges related to the current year taxable income as well as $1.5 million discrete charge resulting from the revaluation of our deferred taxes due to the change in the tax law. Cash tax expense for this year is approximately $0.2 million. Looking forward into 2018, we expect to see a pivotal Q1 seasonality with slightly lower revenues due to 2017 non-renewals for a few legacy managed print services accounts with security revenue building throughout the year as we continue to grow these managed services and gain more traction with some of the new services we are taking to market. This concludes the financial portion. I will now turn the call back over to Mac for closing remarks.
Mac McMillan:

Thanks, Paul. The cybersecurity market overall is expected to see high growth in global spend will exceed 1 trillion from 2017 to 2021. In 2018, we are focusing on execution of our plan and feel the healthcare market as prime for our services. We have the right management team in place and we'll continue to focus on leveraging our existing platform and provide exceptional high margin services to our customers. Our mission is simple and clear, to be that trusted partner that assists clients in protecting their critical information assets. And our business goals are also clear, to increase revenues and market share by providing relevant and value-based solutions and services. We are aligned in our vision and our commitment to our employees, clients and shareholders to build the company with long-term growth and profitability and are excited to see what opportunities 2018 brings. This concludes the prepared remarks. Operator, please open the floor for questions.
Operator:

Thank you. [Operator Instructions]. And we will take our first question from Matt Hewitt with Craig-Hallum Capital.
Charlie Eidson:

Hi, guys. This is Charlie on for Matt. Congrats on the Q4 execution.
Mac McMillan:

Thank you.
Charlie Eidson:

Alright. A handful from me. First, gross margin, it sounds like that the 31% number you posted in Q4 is a continuation of the benefits you mentioned in Q3 related to the maturation of the couple of MPS customers. Are you expecting gross margin take a step back in Q1 and how should we be thinking about the same entering in 2018?
Paul Anthony:

We are expecting in the short-term to see margins pullback a little bit with all of -- some of the changes with MPS. But for the full year ‘18, we're looking at the numbers being pretty comparable to 2017 as we start the security services revenue grow on the overall base.
Mac McMillan:

Charlie, were you able to hear that? It sounds …
Charlie Eidson:

I'm cutting off here. Maybe I'll call back and I get back in queue. Sorry about that.
Mac McMillan:

Now we can hear you clear.
Paul Anthony:

You are clear now.
Mac McMillan:

Yes.
Operator:

And we will take our next question from Andrew D’Silva from B. Riley FBR.
Andrew D’Silva:

Hey, good morning. Thanks for taking my questions. I'll start with a few quick financial ones to start. Can you maybe let me know what that cash flow from operations and CapEx was for the year looking back into the quarter? And then while you’re finding that, could you explain to me the change in the value of the contingent earnout that you had a $1.4 million loss recognized there? I thought that the terms were changed to benefit as Mac reduced his earnout to $1.2 million. Just a color there would be useful as well?
Paul Anthony:

Yes, just on your first question, Andrew, it'll be about $1.4 million and net cash provided by operating activities for the year and the purchase of [property and equipment] will be around $280,000 to $300,000. As it relates to the earnout specifically, when we did the acquisition we were required to value the earnout using number of models that are options. And when we did that valuation, the number will came to about $2.4 million. So the $7.5 million earnout opportunity was capitalized and put on the balance sheet at $2.4 million. Once the earnout to got to Dr. Mike Hernandez went from a contingent to a guaranteed earnout, we then increased the $2.4 million liability to $3.7 million liability since it was guaranteed. As it relates to Mac’s earnout, it’s now under a separate agreement and it’s just going to be treated as a traditional bonus program covering the next three years, it will be expensed then over the next three years as it’s earned. So, again a non-cash adjustment in this period and then tied to a future note for Mike. So it was really a revaluation of the original estimate that we put on the books for the earnout.
Andrew D’Silva:

Okay, that makes sense. Thanks for that color on that. And then following up on something you mentioned last quarter, on the last quarter call you highlighted that you’ve completed a first paid assessment with one of your security clients for a MDS or MPS contract. Did that customer adopt that and are you seeing more security customers going down that path right now?
Mac McMillan:

So that secret customer moved from the assortment phase to a contracting phase. We’re in the process now of working with them in terms of how they are going to actually do that going forward. So they did go from the assessment to the next phase which we were hoping they would do which were discussions around contract. We do have several other assessments in the pipeline right now that are scheduled to begin here shortly. And so, we are seeing folks take us up on that. We’re also seeing folks take us up on the new security assessment around their print devices and we’re seeing a great deal of interest around, our new assessment around their biomedical devices. So the endpoint security solutions are indeed something that we’re seeing customers have a great deal of interest in.
Andrew D’Silva:

And could you just elaborate on the biomedical devices side, exactly what are you doing there and what kind of devices are you targeting in the assessment?
Mac McMillan:

So, this is the full gamut or a full range of biomedical devices that are out there, everything from heart monitors to blood pumps to you name it, infusion pumps et cetera. These are the multiple devices that you see in a hospital room that are connected to patients when they go in there for surgeries or procedures, the devices that are connected to moms when they are in there to have infants, it’s the devices that are connected to people for home monitoring et cetera that communicate back to the hospital’s network. We have actually gone through a process for the last three months in reviewing several new technologies that are on the market that help identify actually conduct a technical inventory of those devices on the network that allows you to build -- to then build a baseline to be able to link back to things like the MDISS databases that tell us what are the security issues related to those various devices and be able to build an actual strategy for a customer that allows them to take those medical devices, put them in various categories, meaning categories -- one category maybe those devices are built on an obsolete or unsupported operating system where the only real protection that we have for that device in real time is actually putting it behind a firewall or putting it on a segregated segment of the network that can be isolated away from the rest of the network and then a replacement strategy, all the way to other devices that are built on current operating systems and have the ability to be passed and fixed, if you will, and building those into the normal vulnerability management cycles that organizations have just like other devices where they are periodically tested and then passed and kept up-to-date and able to be more secure on the network. So our -- the services that we put together right now, we put together an assessment that first allows us to go in invest that inventory, identify where the client is with respect to what their current status of their devices are as well as what the current status of their procedures is and then make recommendations for them on how to improve their process down the road in terms of managing those devices better. And we are working towards essentially a fully managed service where we can actually go in and run those inventories and then periodically test those devices and assist our clients in keeping those devices up-to-date. What’s interesting about that is that in the process of doing these reviews and the first few clients that expressed an interest in, in having this assessment performed which -- several of which are very large institutions, we also attracted the attention of several of the biomedical device manufacturers who are talking to us now about not only helping them with securing their -- the devices that they create but actually helping them to secure the devices that they are providing to their hospital clients. So we are really excited about that opportunity.
Andrew D’Silva:

Just Mac -- and I’m sorry because I am not fully educated on exactly best nuance that you’re doing. But would it make sense to look to partner with perhaps patient monitoring systems, I think GE, Philips, Spacelabs have patient monitoring systems out there, they I think plug in a lot of those biomedical devices that you are talking about. Would sort of a partnership or anything to that extent makes sense?
Mac McMillan:

So, that’s really that second category that I talked about there a moment ago that you are referring to. And without naming anybody at the moment because we are not quite there with respect to the relationship. Those discussions are already underway.
Andrew D’Silva:

Okay, great. Fantastic. And then my last question, if you could maybe give update on the competitive landscape, as far as, are there any new competitors coming into the security side of the business? And also, perhaps more importantly, are any of the existing competitors that you are seeing are looking to integrating sort of MDS features at this point?
Mac McMillan:

So on the first question, on the competitive landscape, it continues I think to mature. We are seeing some new companies that are entering, coming in, they’re not really I’d say visible across the entire spectrum of healthcare. We are seeing some consolidation in our space just like in other parts of other industries where there are folks out there who are looking to create the next large cybersecurity play and we are seeing certain cybersecurity companies being acquired by other cybersecurity companies that are trying to add to their portfolio of services if you will and broaden themselves from maybe just solutions-based to both services and have solutions-based. But for the most part in terms of in terms of day-to-day, the competitors that we’ve seen in the past are the same competitors that we're seeing for the most part today. As it relates to the managed print side of things or MDS side of things, to my knowledge, we are still the only cybersecurity company that I know of that has a dedicated offering in that space from an endpoint security perspective. And although, if you look at some of the printer manufacturers like HP or Ricoh et cetera, they will offer security services around their device. But the difference is obviously our hospitals have typically anywhere from six to 10 different print devices in their environment to include thermals and fax families et cetera and typically what they're looking for is somebody that could come in and help them manage across all of their devices not just one category of device. So we’re -- so for now, at least, we're still at least to my knowledge the only player in this space that does that.
Andrew D’Silva:

Okay. Got it. Thank you so much for the insight and good luck going forward throughout 2018.
Mac McMillan:

Thank you.
Operator:

And we will take our next question from Bill Sutherland with Benchmark Company. Please go ahead.
Mac McMillan:

Hi, Bill.
Bill Sutherland:

Hi. Hey, everybody. I wanted to just a look a little bit longer at the gross margin that you did in the fourth quarter. Because if I'm doing the math right, it looks like it was a pretty big quarter for equipment sales. And so, I would think that would have had obviously a down -- a negative impact on the margin which I understand could be offset by the -- of the maturation of managed document, a couple of large ones. So I want to just get a feel for that right off?
Paul Anthony:

Yes, I mean fourth quarter traditionally for both businesses have better margins from the MPS side. You've got some volumes that are traditionally higher entering the quarter. And then security in addition based on timing on when they're getting consulting projects and other things completed has traditionally been higher. So we've got some seasonality in Q4 that has also kicked in and then you still have a number of the -- some of the revenue tied to some of the MPS deals that did not renew. We still had some revenue kind of tailing off into Q4. So overall it was a good quarter. We expect some of it we know return a little bit in Q1 due to seasonality and some of these other things we talked about so.
Bill Sutherland:

And so just in terms of the contract, the MPS sort of contract volume and future renewals, could you speak to that for ‘18? And I think you’ve talked about some things in the pipeline that were hopefully getting signed the new business?
Mac McMillan:

Yes. At least on the renewal side, at least at this point, we don't have any major material account in 2018 that we have in full pressed count. So right now we feel good about the existing business as we go into ‘18. Volumes are always obviously tied to the customers' activity, but we're not seeing anything that's indicating that volume should change materially so.
Paul Anthony:

Yes, so the -- so -- and we’re -- and we have very conservative effort right now to show up the account relationships with all of those existing large MDS accounts we have and we’ve held a multiple executive level as well as managerial level meetings with those clients and are working very much very collaboratively with them today, much better feedback, much better communication. We’re actually beginning to the growth in a lot of those kind of legacy MDS accounts by add-ons in terms of a new hospital here and new this there, a new service over here. So we’re encouraged by the fact that we’re not talking about renewal, we’re not talking about those kinds of things that we’re actually talking about how do we make the program even better and do they add to it. And we do have -- we do expect some new accounts to occur here not too -- in the very near future and so -- and we’re actually building a pipeline now with our sales organization around those accounts. So it’s -- today it’s much healthier than where it was six months ago.
Bill Sutherland:

Mac, may be you can give us a sense of, you mentioned that you’ve enhanced the cross-selling potential by doubling the sales regions and getting people more focused. What …
Mac McMillan:

Yes, one.
Bill Sutherland:

Yes, go ahead.
Mac McMillan:

I was going to say, one of the things that we did when we brought on Ms. Rivera up, we took that opportunity obviously to go through and review everything that we were doing and to try to look at how we could become more effective at selling and more effective at our account management. And one of the things that we did as part of that was go out and research what other companies were doing in the same space and there were several studies out there that had basically said that the model that seem to be the most effective was one that had more dedicated touch points with clients and that was achieved by reducing the size of generally the region that sales person was working in and having them be responsible or more responsible for the clients in their area both from a net new perspective in terms of growing accounts as well as managing the accounts relationships that they had created. So we actually took the five regions that we had previously, where we had both an account executive and an account manager and we split those into 10 accounts or 10 regions and made those regions smaller because one other things that we found and we did our research after looking into this issue was the larger the region and the further away the sales person was from the states in their region, the fewer times they actually got out of the organizations in those states. And so, we actually decided to move to that new model. We now have those 10 dedicated regions that are smaller in size with a dedicated sales executive in each one of those and then a couple of folks who are dedicated to enterprise level accounts. And already in last -- in the first quarter -- because we implemented that at the end of the year, already in the first quarter, we have seen much more activity and many more opportunities in the pipeline and proposals go out the door as a result of those sales people having many more touch points with not only new customers in their region but existing customers in their region. So we’re pretty excited about how that seems to -- what we’re seeing at least in activity, seems a good support and what our research told us. So hopefully that’s going to make a difference.
Bill Sutherland:

And then last one from me Mac. I’m curious, it’s a double-edged sword, the balance shortages, what are you guys doing, I guess if you can give us some feel for if that’s limited your growth trajectory and then on the other side of that kind of the opportunities for you?
Mac McMillan:

Sure, so it hasn’t really limited our growth trajectory yet, I do expect that at some point as we continue to grow, it will get -- it will be something that could potentially be a challenge. One of the things that we done to try to get ahead of that is we have hired some new talent into our recruiting organization, internally folks who actually have experience in growing service organizations and in growing partnerships where in companies where they provided the service component to the partner who had the solution. And so, we’re very hopeful that that having that new external focus if you will, in terms of recruiting is going to improve the speed which we identify candidates and are able to fill those positions. From an opportunity perspective, it just seems to be one of the things that continues to grow. We’re seeing more and more clients ask for our Virtual CISO service more than any other at the moment. This is that person that they need to actually run or manage their information security program. And we don't see that slowing down because they’re just aren’t enough for those people to go around to fill all those positions. And healthcare continues to still be challenged as they have in the past by competing with other industries that are willing to provide those people with much higher salaries and/or their ability to actually grow the number of [FTEs] that they need. But in addition to that, we’re also seeing more and more solutions-based opportunities with respect to services. So more and more customers are saying, I know I need to have -- data loss prevention as an example, but I'm not going to buy the solution unless I can get support for it. So can you guys support and manage this solution for me? Same thing on privacy monitoring, same thing with other aspects of their program. They -- it’s very difficult for them to get the resources to be able to do some of these things. And more important, it’s even more difficult for them to retain them and once they hire somebody and that person gets their certifications and get some training and next thing they know they are very marketable out there with other folks who are willing to pay them more.
Operator:

And we will take our next question from William Gibson from ROTH Capital Partners.
William Gibson:

Hi, Mac. You gave pretty good color on the medical device pilots. But for a customer who is doing the full range of your services, if they adopted this, what would that mean in terms of say 1% increase of what they're being built annually?
Mac McMillan:

So, it can change I guess pretty significantly depending on the service. So if you look at customers that have our security offering for instance and then adopt our managed privacy solution, sometimes the privacy managed service can actually be larger than the security service. So it can actually increase, at other times it smaller depends on the model that they select. If you look at vendor management, vendor management typically will add about a fourth of the size of a security managed service if they add that offering to their portfolio. If you look at the biomedical at least for now, we don't have managed security piece of it yet, just the assessment piece. So it's literally just add additional revenue from doing the assessment. But it can actually be a pretty significant increase when they start acquiring more and more of our managed services in a multiple I guess model if you will.
William Gibson:

Thank you. And then just one follow-up. What's the pipeline like on incident response?
Mac McMillan:

So, we just started, as you know we started that offering, first parts of that offering right after the New Year. We have currently several clients who have expressed an interest or have acquired one of those assessments or one module of that service. We are and the sales team is talking obviously with more and more customers about that. And we're hopeful that that will start to grow after the -- in the second quarter and beyond.
William Gibson:

Thank you.
Operator:

And we will take our next question from Charlie Eidson from Craig-Hallum.
Charlie Eidson:

Hey, guys, sorry about the connection issues earlier. I got a couple more for you. Now that you're one year into the synergistic acquisition, how are you thinking about kind of the long-term growth rates for each of the MDS side and the cybersecurity side just from of the long-term perspective?
Mac McMillan:

So if you look at over the five-year plan that we put together when we first came together, the goal was hopefully to grow both sides of the business to a point where revenues were more of a parody, more equal, which is obviously the profit or the margins on the security side are much higher than on the MDS side but the revenues in the past or at least as of today are still much higher on the MDS side. So the goal is to get those revenues on the security side up, and therefore, raise the overall margin and EBITDA of the company by virtue of being able to do that.
Charlie Eidson:

Okay. And then related to the managed service offering addition, how is the reception band with both current customers and then potential customers? It sounded like you had a press release earlier in the year that you added -- you had multiple current clients add multiple services in early this year, can you elaborate on that little bit?
Mac McMillan:

So, on the security side last year we had a really good year in the sense of renewals around those managed security service client relationships. Many of those customers not only renewed but added additional services to their contracts when they renewed. And so, that was very positive and that’s -- and I think that’s what you’re referring to there. But even on the managed print side, as we have worked to improve those relationships with those clients and get more involved with them, we’ve actually started to see them begin to add additional services in those agreements as well. So that’s -- and that’s part of our goal here, it’s not just to acquire new customers but to actually go into our existing client base and do a better job of upselling all the things that we do and cross-selling all the things that we do to each one of those clients.
Operator:

We will take our next question from Jeff Bash from General Pacific Partners.
Jeff Bash:

Most of my questions were asked but I have one for Paul. As I see it, the equipment sales were 2.6 million in the fourth quarter or 14% of revenues and at the traditional zero to 5% margins that would suggest that the non-equipment sales gross margin was in the 35% plus range. Is that the fair to statement?
Paul Anthony:

Yes, it is.
Jeff Bash:

Okay. And with respect to your recent comment, Mac about growth, the five-year plan really had a goal of similar revenue for the three segments there for five years. That would seem to me to suggest considerably higher growth rate in the cybersecurity business than the 20% you mentioned on your last conference call, I think it’s the only initiative you're talking about, that certainly seems reasonable, but I just want to bring up what is like a little bit of inconsistency from your comment?
Mac McMillan:

So again, I mean obviously the five-year plan is a set of goals and it’s something that we hope to achieve. The 20% year-over-year growth is something that we have been able to do traditionally in the past. And hopefully by adding the new managed services offerings that we have today that we didn't have prior to 2017, our hope is that that the additional revenues associated with those additional managed services, if we could get those to the same level of penetration and growth for instance as we’re seeing on the security side, that that will help us to do even better than what we had hoped. So that’s really kind of the plan and hopefully that’s what’s -- or what happened.
Operator:

And there are no further questions at this time. I would like to turn the call back to Mac McMillan for any additional or closing remarks.
Mac McMillan:

So, I just would like to thank everybody for taking time out of their busy work day to spend with us on the call today. And certainly we’re here for questions anytime, anybody has them. So thank you very much for coming today and we look forward to talking to you again in the future.
Operator:

And this concludes today’s conference. Thank you for your participation. And you may now disconnect.

Q4 2017 Earnings Call Transcript

Other earnings call transcripts: