Cyren Ltd.
Q1 2018 Earnings Call Transcript

Published:

  • Operator:
    Good day, and welcome to the Cyren Ltd. First Quarter 2018 Financial Results Conference Call. Today's conference is being recorded. At this time, I'd like to turn the conference over to Eric Spindel, Cyren's General Counsel and Corporate Secretary. Please go ahead, sir.
  • Eric Spindel:
    Thank you, and welcome to our conference call to discuss Cyren's first quarter 2018 financial results. This call is being broadcast live and can be accessed on the Investor Relations website -- section of the Cyren website. Before we begin, please let me remind you that during the course of this conference call, Cyren's management may make forward-looking statements. These forward-looking statements are based on current expectations that are subject to a number of risks and uncertainties that may cause actual results to differ materially from expectations. These risks are outlined in the risk factor section of our SEC filings, including our annual report on Form 20-F filed on April 27, 2018. Any forward-looking statements should be considered in light of these risk factors. Please also note, as a safe harbor, any outlook we present is as of today, and management does not undertake any obligation to revise any forward-looking statements in the future. Also, during the course of this conference call, we may discuss non-GAAP measures when talking about the company's performance. Reconciliations to the most directly comparable GAAP financial measures are provided in the tables in the earnings press release issued today and available on the Investor Relations section of our website. These financial measures are included for the benefit of investors and should be considered in addition to, and not instead of, GAAP measures. With me on the call today are Mr. Lior Samuelson, Cyren's Chairman and Chief Executive Officer; and Mr. Mike Myshrall, Chief Financial Officer. With that, I would now like to hand the call over to Lior.
  • Lior Samuelson:
    Thank you, Eric, and good morning to everyone on the call today as we discuss Cyren's first quarter 2018 results. I'd like to start with 2 important points. First, at the beginning of Q2, we signed the largest contract in Cyren's history with Microsoft. Second, as a result of contract wins, we anticipate the healthy increase in revenues throughout 2018 and into 2019. As we discussed in the press release issued in April, the Microsoft contract relates to Cyren's anti-phishing service that will be integrated directly into Microsoft Exchange Online Protection and Office 365 Advanced Threat Protection packages, which are available to Office 365 customers. Microsoft has been utilizing Cyren's anti-malware technology for years. But this announcement is a result of many months of effort and intensive technical evaluation, including a bake-off against other security vendors. We feel that this contract is a strong validation for Cyren's technology and, in particular, our ability to combat phishing attacks on enterprise users. We are confident that by integrating Cyren's technology, Microsoft will dramatically improve its ability to detect the latest phishing attacks and protect millions of business users. I would like to emphasize that this new anti-phishing service is also a breakthrough in security delivery technology, and we have worked closely with Microsoft to extend Cyren's GlobalView security intelligence as a private cloud offering through Azure. The phishing problem is not unique to Microsoft or to Office 365. In fact, targeted phishing attacks remain as the industry's #1 security issue that enterprises are struggling to deal with. This was a contributing factor for Cyren's growth in its Enterprise business, where bookings grew 260% in Q1 compared to the same period a year ago. Cyren's enterprise Email Security offering already includes anti-phishing technology that has been adopted by Microsoft. It is including along with Web Security, DNS security, and cloud sandboxing as part of the full Cyren Cloud Security suite. During the quarter, we added around 60 new enterprise customers who are now using a combination of e-mail, web, DNS and sandboxing, including many who are consuming multiple services. For enterprises who do not want to switch out their primary e-mail protection but want to supplement their existing security with Cyren's leading -- industry-leading phishing protection, we have developed a cloud access anti-phishing service that can easily be deployed to protect corporate e-mail solutions. This solution, which is based on the same technology that is being used by Microsoft enables real-time protection of the latest phishing Ransomware and web-based attacks based on the billions of threats that Cyren sees every day and is capable of identifying and inspecting in real time even unknown low-volume attacks. This capability will be further extended to blocking phishing links from salesforce, SLAC, and other enterprise cloud applications. Protecting your cloud application could be as simple as activating a plug-in in your e-mail client or through a simple-to-use web interface. We believe the success that we have had with Microsoft can be replicated with other large enterprise accounts, and look forward to some exciting products and customer announcements along these lines in the future. Getting back to the first quarter, we also made great progress in bringing on additional reseller and channel partners for enterprise products. On the last call, we mentioned that Daisy Group was having good success in offering Cyren's DNS security as a replacement for Cisco OpenDNS, particularly in Wi-Fi applications in the U.K. During the quarter, we also signed a contract in partnership with Meta Networks, who has integrated Cyren's DNS security into their Network-as-a-Service SD-WAN solution for enterprise customers around the world. Enterprise customers will also have the option of upgrading to Cyren's full-proxy CWS solution with cloud sandboxing capability. This is a great example of Cyren's cloud security complementing Meta Networks capability to deliver a robust, secure, next-generation, software-defined perimeter solution. We also recently signed an agreement with the enterprise solution computing business of a Fortune 150 company based in North America that was looking for a cloud security offering to sell through its channels to deliver cloud-based security targeted in enterprise and SMB customers. They selected both Cyren Email Security and Cyren Web Security to add to their portfolio of security products, and we expect that this agreement will begin to have a positive impact on revenues during the second half of 2018. We recently won an upsell opportunity for one of our largest enterprise customers in Europe where we are already protecting tens of thousands of employees using Cyren Email Security. The contract adds email protection for a completely different use case within the business targeted at CRM and ERP applications that are heavy users of e-mail and require enhanced email security. The contract more than doubles the value of the enterprise account, which is now contributing over $0.5 million per year. We also have additional large enterprise deals in the pipeline that we believe have strong chance of closing during the second and third quarters. During Q1, Cyren released version 4.3 of its CCS platform, which adds e-mail imposter protection, cloud access security with application control, single sign-on authentication with SAML and cryptocurrency mining protection. Cyren's cryptocurrency mining protection is unique in the industry and introduces a new URL filtering category with the ability to block sites, which exploit the user's CPU and RAM resources for the purpose of cryptocurrency mining. Research has indicated that crypto mining malware infecting thousands of computers has surged over 700% during the first 4 months of this year, and Cyren believes this will be a major security theme throughout the rest of 2018. In Cyren's Threat Intelligence business, during the first quarter, we renewed one of our largest customers who is utilizing several of Cyren's Threat Intelligence Services in its UTM and cloud security products. Cyren usage in this customer has been more than double since the last time the contract was renewed 2 years ago, and this is a great example of Cyren continuing to demonstrate our value to existing customers. We expect several significant contracts to be renewed in the second and third quarters as well. I will now turn the call over to Mike to discuss Cyren's first quarter financial results. Mike?
  • Michael Myshrall:
    Thank you, Lior, and good morning, everyone. I will now provide you with a review of our first quarter 2018 financial results. For more detailed results, please refer to the press release we issued earlier today, which is posted on the Investor Relations section of our website. Please note that we state our financials under U.S. GAAP accounting standards, including nonoperating expenses, and that I will discuss certain financial metrics on a non-GAAP basis, which excludes those nonoperating items. Please refer to today's press release for a full reconciliation of our GAAP to non-GAAP results. GAAP revenue for the first quarter of 2018 was $7.6 million compared to $8 million during the first quarter of 2017 and $7.5 million last quarter. The modest increase in revenue is related to the timing of revenue recognition from new contracts. As Lior mentioned, the large Microsoft contract was only signed in April and, therefore, did not have an impact on Q1 financial results. First quarter GAAP net loss was $5.3 million or a loss of $0.10 per basic and diluted share compared to a net loss of $2.5 million or $0.06 per share in the first quarter of 2017, and a decrease in net loss from $7.5 million and $0.16 per share last quarter. Operating expenses for the quarter were in line with expectations as we brought in a number of new R&D employees during the second half of 2017. On a non-GAAP basis, Cyren's first quarter 2018 net loss was $4.9 million or a loss of $0.09 per basic and diluted share compared to a non-GAAP net loss of $2.4 million during Q1 2017 and $4.3 million non-GAAP net loss last quarter. Cyren's non-GAAP net loss excludes a number of noncash items, so please refer to the table in our press release for more details on the reconciliation of GAAP to non-GAAP results. Cash flow used in operating activities during the first quarter was $4.6 million compared to $1.9 million in the first quarter of 2017 and $3.2 million last quarter. During the quarter, we invested approximately $0.8 million in capital expenditures in our network and also invested an additional $0.6 million in technology developments, which were capitalized. Please see the cash flow statement on our press release for more details. The company's cash balance at the end of the first quarter was $17.9 million compared to $13.5 million at the end of Q1 2017 and $24 million as of December 31, 2017. Cyren no longer carries any debt on its balance sheet. Cyren finished the quarter with a total of 247 employees compared to 239 employees at the end of 2017. This included a total of 61 people in sales and marketing, which grew from 51 people at the end of Q1 2017 a year ago. In April, we issued a press release that included the material details of the Microsoft contract that we signed at the beginning of Q2. The contract extension is valued at over $20 million over the next 3 years and will begin to have a positive impact on revenues during the second quarter. With this agreement, Microsoft will become Cyren's largest customer by revenue. As we mentioned on the last call, we have spent a great deal of time and effort preparing for the launch of the General Data Protection Regulation, also known as GDPR, which is scheduled to take effect on May 25. We would like to reiterate that we take our customer privacy very seriously, both in Europe and also the rest of the world, and we intend to comply with the new GDPR regulations when they take effect this week. We believe that many security vendors are not ready for the deadline and, therefore, we encourage those companies in Europe who feel that their current security providers are not compliant to contact Cyren in order to protect their enterprise security and privacy. In April, we issued our 20th annual report that details the 2017 financial results as well as the major shareholders in Cyren. As indicated in our annual report, at the end of Q1, there were roughly 53.4 million shares outstanding, and approximately 27.6 million or 52% were owned by Warburg Pincus. Due to his ownership position, Warburg Pincus is entitled to 50% of the Cyren Board seats, but as of the end of the quarter, maintained only 2 out of 9 board seats. Last week, the Cyren Board appointed Lauren Zletz from Warburg Pincus as an interim director until she can be formally approved by the Cyren shareholders at the next annual shareholder meeting. With the appointment, Warburg now occupies 3 out of 10 board positions. We welcome Lauren to the board, and we will keep you updated on future appointments. With that, I would like to ask the operator to open up the lines for Q&A. Cherry?
  • Operator:
    [Operator Instructions]. And we'll take our first question from Chad Bennett with Craig-Hallum.
  • Chad Bennett:
    I guess on enterprise bookings growth, 260% year-over-year, and obviously, that does not include the Microsoft contract. Any additional color into that material growth year-over-year? And whether it's cross-sell, upsell of the existing base, new customers, kind of ratcheted-up terms of OEM-type contracts, any additional color there, Lior?
  • Michael Myshrall:
    Okay, thanks, Chad. This is Michael, I'll try to address that. So the majority of the bookings on the enterprise side were categorized as new business as opposed to upsell bookings, and the majority of that came through our European operations. As Lior mentioned, we also, during the quarter, signed an agreement with a company called Meta Networks, which extends our enterprise offerings, Cyren Email Security and Cyren Web Security, to be sold through the Meta Networks platform as well. And so that's a very interesting partnership where we're basically extending our Cyren security through their SD-WAN security offering.
  • Chad Bennett:
    And Mike, where are we at in terms of direct -- Cyren direct enterprise customers today versus maybe a year ago?
  • Michael Myshrall:
    So in total, the numbers that we talked about over the past year, where we signed about 250 new enterprise customers in 2017 and about 60 new enterprise customers in Q1, the majority of those were direct customers. Some of them, especially through Europe, were sold through our channel partners. But what we're seeing is that the average size of those customers are increasing. So a year ago, both the number of seats and the price per seat were lower than what we're currently experiencing now in Q1 and what we're looking at in our pipeline moving forward.
  • Chad Bennett:
    Got it. And then maybe last one from me. On the Microsoft contract, is that -- how do we kind of bake that into the rest of the year, Mike? Is it less than kind of annual run rate in the June quarter and then it's kind of normalized run rate in the second half?
  • Lior Samuelson:
    So we'll begin to see -- so there'll be an impact in the second quarter. We'll begin to see a measurable impact in the second quarter and then for the rest of the year. As we mentioned, it's a 3-year contract. What I would like to say, Chad, is that, as I mentioned in my remarks, I mean, in addition to what is, I would say, a measurable and maybe significant revenue impact, it's also, I think, some -- a breakthrough in the way phishing protection is delivered. And what I mean by that is that we now can take our phishing service and without replacing, let's say, an enterprise's current e-mail provider, we can put our system on top of it and provide what we believe is really unequaled phishing protection in a very, very easy way. So I think the delivery mechanism now is also across sort of a technological breakthrough. So just not only just the fact that Microsoft, as you see it, but also the fact that now it will be available to -- it is available to basic enterprises worldwide.
  • Operator:
    [Operator Instructions]. We'll take our next question from Mike Wallace with White Pine Capital.
  • Michael Wallace:
    Just maybe a quick update on what the balance sheet looks like now, Mike, with the Microsoft and the Meta Networks deals in terms of cash and deferred revenues.
  • Michael Myshrall:
    So at the end of the quarter, the cash balance was $17.9 million, and we -- that had not been updated to reflect any impact from the Microsoft booking, obviously, which happened in Q2. We will expect the cash impact during the second quarter related to the Microsoft contract. And we would expect that, that will increase our deferred revenues in the quarter as well, and we'll recognize those revenues over the next 12 months.
  • Michael Wallace:
    So would it be safe to say that the contract is basically split over -- equally over 3 years?
  • Michael Myshrall:
    Yes, that's a fair assumption.
  • Michael Wallace:
    Okay. And then the cash received would bump up cash in the short term. What's your thoughts on cash consumption this quarter and as you look into the rest of the year? Can we see -- what should we be thinking about in that regard?
  • Michael Myshrall:
    Well, Q1, in terms of cash consumption, was a little heavier than Q4. There's some seasonality in there. At the beginning of the year, there's typically some prepaid expenses that are required. But we expect both Q2 and Q3, in terms of customer prepayments, to be significantly higher than they were in Q1. So from an operating cash flow perspective, we expect both Q2 and Q3 to be substantially more positive than they were in Q1.
  • Michael Wallace:
    Okay, good. Could you give us maybe a little bit of background and, Lior, maybe comment on this, too, in terms of the background that Microsoft did in due diligence process there, who some of the competitors were that you were able to displace and win over?
  • Lior Samuelson:
    So as you know, Microsoft has been a client of ours for a few years. They've utilized our anti-malware technology, and I think they were looking to enhance their kind of basic URL/phishing protection, and we were one of a few vendors that they looked at. Don't want to mention names, but it's people that are -- you would recognize. And I think that the way that we -- two things. One, I think the efficacy, the -- our ability to detect very, very quickly and also the way that we can deliver it to Microsoft through our cloud infrastructure and -- has basically allowed us to add a service as well. So I think it's been -- so it's been -- it's taken a long time. I think we've been under sort of evaluation for months and led to this contract, which I think is, obviously, it's a validation of our -- not only of our technology, but also our delivery system, that we can deliver products and security in a certain way and also with Microsoft is very large and also be able to handle a tremendous amount of traffic. We're talking just a lot of tens of millions of customers.
  • Michael Wallace:
    So maybe I'll...
  • Lior Samuelson:
    Go ahead.
  • Michael Wallace:
    Outside of the scalability of the products, what other key factors were there that you were -- could you talk about and how much better you did relative to the competitors?
  • Lior Samuelson:
    We have to -- I mean, one thing that you have to remember is that we have an ability that we think is unusual in the industry. We were able to stop phishing attacks, what we call unknown phishing attacks. We were -- we don't have to understand and know what the content is. But because of our algorithms, machine learning, our huge data, we can block things right as they emerge, and that's unusual. So -- because I think one of the issue is just that the phishing attacks are -- can happen very, very quickly. And if you have to wait until you can examine what it is, it's normally, normally a little bit too late. So I think that's one of the reasons that they picked us, and I think that's sort of the unique capability that we have that very few -- I'm not sure anybody else has that capability.
  • Michael Wallace:
    Yes. Zscaler doesn't offer that type of level of speed and recognition?
  • Michael Myshrall:
    Well, this is more targeted at the email security. And so Zscaler is primarily a web security player, and so their technology is not as relevant in this particular instance.
  • Michael Wallace:
    Perfect. Okay, good. Good. Maybe, Mike, you could give us some thoughts on how the margin structure of the business is now going to change somewhat as you move more to the SaaS model and deferred revenues and flow-through around the income statement? What should we be thinking about in terms of margin structure?
  • Michael Myshrall:
    So you have seen, over time, that our growth margins have been coming down a little bit related to the migration from our Threat Intelligence business, which traditionally was very high margin, to our Enterprise business, which is a little bit lower margin. Part of the issue there is related to the cost of serving those customers through our data centers, it's higher because they consume more bandwidth and they consume more support resources as well. We believe that we built additional capacity into the network currently so that we could serve a much larger customer rate than we have today with our current operations and support infrastructure. And so over time, we would anticipate that our gross margins will improve as we serve more and more customers through our infrastructure. In terms of the nature of the customers, as we generate more contracts with the larger enterprise customers, we would expect a shift to more 12-month prepaid contracts, which you would -- where you'll see a higher deferred revenue balance upfront and cash collection upfront associated with those customers, which is more typical of a traditional SaaS offering. Right now, it still accounts for less than 20% of our revenues, so it's not as big of an impact. But as the Enterprise business becomes a larger piece of our overall revenue percentage, you will see that deferred revenue balance increase.
  • Michael Wallace:
    What do you think it could be as percent towards the end of the year? Could it be twice the 20%? Could it be over 50%? What would it be?
  • Michael Myshrall:
    In terms of transition, it takes time, obviously, because of the revenue recognition standards that are in place. The accounting standards associated with revenue recognition, it's tied to the service period of the contract. And so as we add more and more contracts, they will have a bigger impact on our quarterly bookings, but it will take some time before the revenue recognition as a percentage of overall revenue recognition goes up above 20%.
  • Michael Wallace:
    Okay. All right. And maybe last kind of question. Bookings were up 260% versus last year and the Q1. If you include the Microsoft and the Meta Networks deals in there, what would be the increase?
  • Michael Myshrall:
    So we haven't done the analysis on the Microsoft, but it would be a much, much larger multiple in terms of the total bookings relative to a year ago. So I mean, basically, this one contract was equivalent to a full year of bookings of multiple large customers. It was a very large customer and a very large contract for us.
  • Michael Wallace:
    And you mentioned about the scalability of that product that you built for Microsoft, and now you can replicate it across other platforms. Could you tell us a little bit about what that could mean for your pipeline of new business and the cadence of sales through direct and indirect as a result of the Microsoft deal?
  • Lior Samuelson:
    So we're very hopeful because, as you know, phishing is a really big problem, and there are not a lot of really good solutions. There are a bunch of people providing partial phishing solutions. There are a bunch of companies with huge valuations who provide phishing education so that people can recognize this and e-mail phishing and don't click on it. I think that our solution, as far as we're concerned, actually, you don't really need any education because the system works so well. And we believe that as we begin to sell it, marketing and sell it, that it should have quite a bit of traction. There is no -- there's really no size of limitations as to who we can sell to. And as I said, there's no -- there's really no limitation because of our cloud infrastructure and the way we provide the service on how many users you have. So we -- I don't have any numbers, but there is a pipeline and we -- but we're very, very encouraged by this development. We've been working it for a long time, and now it's the job of our marketing sales folks to go sell it.
  • Michael Wallace:
    Yes. Do you price it on a per-seat basis? Is it based more on traffic? How do you price the product?
  • Michael Myshrall:
    Yes. So it would be based on -- for new enterprise users, it would be based on a per-seat product, very similar to the way we price our Email Security and Web Security offerings.
  • Michael Wallace:
    Okay, good. All right, well, it looks like we've turned the corner, and you got a nice pipeline of business to work on here in the rest of this year and into the 2019. Very good.
  • Operator:
    It appears there are no further questions at this time. Mr. Samuelson, I'd like to turn the conference back to you for any additional or closing remarks.
  • Lior Samuelson:
    Well, thank you for joining us on the call today and for the interest in the company, and look forward to sharing more exciting news with you in the near term. So thank you very much.
  • Operator:
    This concludes today's call. Thank you for your participation. You may now disconnect.

Other Cyren Ltd. earnings call transcripts: