Cyren Ltd.
Q2 2017 Earnings Call Transcript

Published:

  • Operator:
    Good day, everyone and welcome to the Cyren Ltd. Second Quarter 2017 Results Conference Call. Today's conference is being recorded. At this time, I would like to turn the conference over to Eric Spindel, Cyren General Counsel and Corporate Secretary. Please go ahead, sir.
  • Eric Spindel:
    Thank you and welcome to our conference call to discuss Cyren's second quarter of 2017 financial results. This call is being broadcast live and can be accessed on the Investor Relations section of the Cyren website. Before we begin, please let me remind you that during the course of this conference call, Cyren's management may make forward-looking statements. These forward-looking statements are based on current expectations that are subject to a number of risks and uncertainties that may cause actual results to differ materially from expectations. These results -- these risks are aligned in the Risk Factor section of our SEC filings, including our annual report on form 20F filed on April 27, 2017. Any forward-looking statements should be considered in light of these Risk Factors. Please also note that the Safe Harbor and the outlook we present is as of today and management does not undertake any obligation to revise any forward-looking statements in the future. Also, during the course of this conference call, we may discuss non-GAAP measures when talking about the company's performance. Reconciliation for the most directly comparable GAAP financial measures are provided in the tables in the earnings press release issued today and available on the Investor Relations section of our website. These financial measures are included for the benefit of investors and should be considered in addition to and not instead of, GAAP measures. With me on the call today are Mr. Lior Samuelson, Cyren's Chairman and Chief Executive Officer; and Mr. Mike Myshrall, Chief Financial Officer. With that, I will now like to hand the call over to Lior.
  • Lior Samuelson:
    Thank you, Eric and good morning and welcome to everyone on the call today as we discussed Cyren's second quarter 2017 results. In the second quarter, we continued to successfully execute our strategy to become one of the world's dominant Internet security companies. Growth in our enterprise businesses are accelerating. Our sales teams have added 125 new customers onto Cyren's cloud platform through the first half of 2017, with the North American team increasing new customer acquisition by over 500% compared to a year ago. Since the beginning of the third quarter, we have secured 2 enterprise wins with over a 100,000 seats a piece. The first is the European software company using Cyren to protect 120,000 employees worldwide. And the second is a large and well-known U.S.-based enterprise with over 100,000 e-mail accounts. We also have significant wins in our Threat Intelligence business, including one of North America's largest cloud service providers and a dramatically expanded contract, we are now a largest technology customers. The latter company is using Cyren's antimalware and anti-phishing cloud services to protect tens of millions of enterprise users and the multi-million dollar contract is renewed for 3 years with over 100% increases value. This upsell will have an immediate positive impact on revenues, beginning in the third quarter and represents a huge win for Cyren that validates the superiority of our phishing intelligence, solidifies a long-standing customer relationship and sets a stage for even deeper collaboration in the future. We have talked in the past about how recent cyber attacks have been infecting businesses and costing companies billions of dollars in damages and productivity. During the second quarter, we saw this activity escalate to a whole new level with the release of the well documented and widely-distributed WannaCry and Petya Ransomware attacks. Doctor Heartbreaks bring increased visibility to the importance of a strong security posture and the most effective detection capabilities. As many analysts have indicated, [indiscernible] companies have to work hard to block every single piece of malware, yet hackers only have to get lucky once to infect the company's network and take control of its assets. Fortunately, at Cyren, we've built an unrivaled defense system that protects all of our customers across the primary attack vectors that hackers are using most frequently today, e-mail and Web. Cyren's great intelligence and enterprise slight services, once again, prove their effectiveness during the past quarter, by detecting and blocking these threats before they reach the end point. Cyren was among the first companies to detect and block all variance of WannaCry and Petya and our research were among the leading analysts to publish their findings about how the viruses were engineered and operated. We are pleased to announce that not a single one of Cyren's enterprise, all end customers reported infections for either of these outbreaks. In short, it was business as usual for Cyren. While such Ransomware attacks are bad for companies in general, they indicate a tremendous opportunity for Cyren. First, 0-day attacks bring to the forefront, the need for cloud-based solutions. They can react quickly to [indiscernible] outbreaks and show how wonderful companies are who rely primarily on slow [indiscernible] base security. Second, these attacks have shown that traditional signature-based detection simply does not work as well against unknown advanced threats and only intelligent analytics based on heuristics, machine learning and massive amounts of data can successfully -- or successful in preventing infection. And finally, while many enterprises have invested in the ability to detect compromise inside their network, these kind of attacks highlight the need to improve protection by blocking attacks before they penetrate the network. With an excellent second quarter with our enterprise side services after successfully launching Cyren Cloud Security 4.0, the industry's first enterprise-flat security service, to combine e-mail, web, DNS and cloud security into a single multitenant cloud-based platform. Our enterprise sets in North America and Europe are performing superbly and our pipeline continues to go at a very fast rate. We are seeing an increasing number of customers, who are purchasing both e-mail and web protection and we are getting great feedback. On the ease of use of the interface and simplicity of implementation, we have won several competitive accounts and displace incumbents, including McAfee, ProofPoint, Mimecast, Cisco and Barracuda are among others. Our R&D team has been hard at work, delivering new features to our products and services and our rate of innovation and product delivery across a range of product lines is impressive. Towards the release of cloud -- of Cyren Cloud Security 4.0 and a Minor 4.1 follow on release, we are working hard to deliver major new capabilities for both our enterprise SaaS and Threat Intelligence Services. As most of you know, we've already integrated our client sandboxing as part of our Web security, e-mail security offerings. Looking forward, we will be releasing a stand-alone cloud sandbox solution for our Threat Intelligence customers in the coming months. We are also adding additional reporting, encryption and archiving capabilities to our e-mail security service, making it more competitive with some of the traditional e-mail high-gen providers as well as adding an improving set of features on our CWS world map. We feel that each of these additions will help strengthen our offering and further enhance the value proposition of Cyren security capabilities. During the quarter, we also launched new corporate brand positioning for our marketing messaging and website that is beginning to truly resonate with prospects and customers. We have invested heavily in our detection technology and cloud infrastructure over the past 2 years and we are now processing over 25 billion security transactions on a daily basis. We have been able to cut down on our average detection time to identify a new threat on the Internet for 3 minutes to under 3 seconds. But more importantly, due to the globally distributed makeshift of our enterprise SaaS cloud infrastructure, we are not able to cut down the time to protection to these threats and block them in near seconds as well before they reach the users' inbox or browser. For those of you who are interested, we have some great illustrations on our website of our hop-siren is, first to detect and first to protect. As many of you know, we have spent the last year transform ourselves on marketing organizations to focus on selling Cyren Internet security services to enterprises and SMB customers. We open our Americas sales office in Austin, Texas and we run our European sales and marketing operations from our office outside of London. These 2 teams are almost fully staffed, trained and ramped and their sales productivity has been increasing quarter-over quarter. We've signed over a dozen of distributors and resellers to date and these partners will become an increasingly important channel for our growth-to-market strategy. We are pleased with the results of their efforts and are seeing improvement across all key sales metrics and most importantly, the size of our sales pipeline continues to grow. On the last call, we indicated that we were anticipating a possible R&D grasp from Israel Innovation Authority, as we had receive in previous years. We are pleased to report that in June, Cyren was officially awarded a grant for the third straight year. The grant which is valid at approximately USD 930,000, that only helps funds advanced R&D projects but is also a strong endorsement for Cyren Security Industry Leaderships in Israel. Cyren finished the second quarter with $7.8 million in revenue, bringing revenues for the first half of year to $15.7 million. Though our revenue growth rate was slightly slower than the previous quarter, this represents a 5% growth rate compared to the first half of 2016 and we are on track to grow revenues for the full year 2017. Part of the reason for the slowdown is related to the timing of revenue recognition of new customer contracts in our Threat Intelligence Service business. As I mentioned earlier, at the beginning of Q2, we signed a large multi-year contract with a Tier 1 manage cloud computing service provider to several Cyren Threat Intelligence Services. This was a good win, where we displaced an incumbent security vendor by the customer stealing the process of migrating their services to Cyren technology and as a result, we have not yet begun revenue recognition. We expect that this customer will have a positive impact on revenue, beginning in Q4. Also, the multi-million dollar expansion of our contract to one of our largest technology customers which I described earlier, will begin to accumulate revenues this month. Over the past several quarters, Cyren has been actively renewed many of our older contracts with our Threat Intelligent clients. Often, we've been able to significantly improve value of these contract by increasing prices and adding additional Threat Intelligence Services. In other cases with -- in many cases, we have more than doubled the value of these agreements. Thanks to Cyren's superior detection capabilities and the premium reputation of our Threat Intelligence Services. In some cases, however, certain Threat Intelligence customers were unwilling or unable to absorb significant price increases. We have had to terminate these contracts. In other cases, we have proactively terminated a customer, where we feel the relation does not serve our long term strategic interest. Also, these scenarios are contributing factors to the temporary different revenue. This then often takes several quarters for the revenues from new customers to offset any loss of revenue from terminating contracts. We are confident that many of the newly added and extended contracts will offset any temporary slowdown or revenue growth and this is largely a timing issue. I'm excited about the prospect for our Threat Intelligence business. We are seeing strong interest with some of our largest customers and large prospects to work with them and to increase the speed and effectiveness of their security capabilities. I will now hand over the call to Mike to go through Cyren's second quarter financial results. Mike?
  • Michael Myshrall:
    Thank you, Lior and good day to everyone joining us a call. I'm pleased to provide you with a review of our second quarter 2017 financial results. For the more detailed results, please refer to the press release we issued earlier today which is posted on our website. Please note that we state our financials under U.S. GAAP accounting standards, including nonoperating expenses and then I will discuss certain financial metrics on a non-GAAP basis which excludes those nonoperating items please. Please refer to today's press release for a full reconciliation of our GAAP to non-GAAP results. GAAP revenue for the second quarter of 2017 was $7.8 million compared to $7.6 million during the second quarter of 2016 and $8 million last quarter. This represents a 3% year-over-year increase in quarterly revenues compared to the second quarter of 2016 and year-to-date, revenues are up 5% compared to the first half of 2016. As Lior mentioned in his remarks, the sequential decline is largely attributed to the timing of revenue recognition of new contracts and the expiration of older contracts that were not renewed either at the end of 2016 or early 2017. The results of a slight negative currency effect which had an approximate $0.2 million impact compared to the exchange rates during the first half of 2016. GAAP gross margins for the quarter were 61% compared to 66% during the second quarter of 2016 and 62% last quarter. The primary reason for the year-over-year decline was related to a reallocation of depreciation expenses for our data centers compared to previous years. On a sequential basis, GAAP cost of sales remains flat at $3 million, both in Q1 and in Q2 2017 and a non-GAAP basis, gross margins rose to 74% this quarter from 73% last quarter and down from 77% during Q2 2016. GAAP operating expenses for the second quarter totaled $7.8 million compared to $5.8 million in the second quarter of 2016 and $7.4 million during Q1. The increase is driven largely by higher sales and marketing expenses, as I will detail in a few moments. GAAP R&D expenses during the second quarter were $2.4 million, up from $2.1 million reported during the second quarter of 2016 and up slightly $0.1 million, sequentially, compared to last quarter. As a reminder, GAAP R&D expenses are net of any R&D capitalization projects and also net of the R&D grant funding from the Israeli Innovation Authority which in Q2, had a combined effect of reducing R&D by $1.1 million on a GAAP basis. As Lior mentioned, in June, Cyren was awarded a grant totaling approximately $930,000 for the full year 2017. GAAP sales and marketing expenses during the second quarter totaled $3.8 million compared to $2 million in the second quarter of 2016 and up slightly from $3.6 million last quarter. The increase in sales and marketing is primarily related to additional headcount. Over the past year, we have added over 40 employees in our offices in Austin and London, with a net increase of 27 new sales and marketing positions overall in the company. At the end of the second quarter, sales and marketing headcount totaled 57 people compared to 55 people at the end of Q1. GAAP G&A expense for the second quarter came in at $1.7 million which is -- was in line with the $1.7 million during the second quarter of 2016 and up from $1.6 million last quarter. Second quarter GAAP net loss was $2.7 million or a loss of $0.07 per basic and diluted share compared to a net loss of $0.8 million or $0.02 per share in the second quarter of 2016 and a loss of $2.5 million or $0.06 per share during Q1 2017. On a non-GAAP basis, Cyren's net loss was $2.5 million or a loss of $0.06 per basic and diluted share compared to a non-GAAP net loss of $0.2 million a year ago and up slightly from the $2.4 million non-GAAP net loss last quarter. Cyren's non-GAAP net loss excludes a number of noncash and one-time items, so we remind you to please see the table in our press release for more details on the reconciliation of GAAP to non-GAAP results. Cash flow from operating activities during the second quarter was negative $1.8 million compared to negative $0.2 million in the second quarter of 2016 and negative $1.9 million last quarter. Net cash flow for the second quarter totaled negative $2 million compared to negative $1.1 million for the second quarter of 2016. Net cash flow for the quarter also includes a one-time item that shows up in the cash flow statement as proceeds from the sale of an affiliate in the amount of $450,000. This line item is also reflected in the GAAP P&L statement under Other Income. The company's cash balance at the end of the second quarter stood at $11.6 million compared to $13.5 million at the end of the first quarter. We also maintained debt in the form of convertible notes issued at the end of Q1, with an aggregate principal value was $6.3 million. This is expressed as 2 line items on the balance sheet, both as a long term convertible notes in the amount of $4.3 million and an embedded conversion feature listed as $1.9 million. The maturity of these notes is September 2019. During the first half of 2017, we have seen some very good trends and positive momentum in our Enterprise business. During our call in February, we first disclosed that the Enterprise business had contributed over 10% of revenues for 2016 and during the first half of 2017, Enterprise has contribute approximately 13% of revenue but has accounted for over 20% of new customer bookings. The average deal size, both the number of seats and also in annual contract value has been steadily increasing in both Europe and North America. During Q1, roughly 60% of new enterprise customers had deployed e-mail security only, while 40% had deployed either web security or both e-mail and web. During the second quarter, the percentage of new customers deploying web security or both e-mail and web grew to about 50% and we believe this trend will continue. Thanks to our converged CCS platform and the connections customers are seeing between e-mail phishing attacks and web-based malware threats. Looking towards the second half of 2017, we anticipate revenue recognition from the new and expanded Threat Intelligence contracts to have a more significant impact by Q4 2017 which we believe will offset those contracts that were terminated earlier in the year. Additionally, we expect to see an acceleration in the number of new enterprise customers who are utilizing Cyren Cloud Security and continued expansion in the average deal size as we begin to see a larger mix of Enterprise customers compared to SNB accounts. With that, I will open up the lines for Q&A.
  • Operator:
    [Operator Instructions]. And we'll go to Chad Bennett with Craig-Hallum.
  • Chad Bennett:
    So Lior, it looks like you had a couple of really nice wins on the cloud SaaS platform side, 100,000 C+. I guess, you just from a pricing standpoint, kind of pricing per pay or pricing per seat, can you give us idea of, kind of, what those deals look like as much as you can and kind of the significant or relative size of the deal from an ATV standpoint? And also, I'd like to know competitively, kind of who did you see in those deals? And are you seeing more and more of the likes of Z Scaler or anybody else out there in the market?
  • Michael Myshrall:
    Okay. Sure. Chad, this is Mike. I'll take your question. So the 2 deals that you referenced, 100,000 C deals actually closed at the beginning of Q3, so they're not really reflected in the Q2 numbers. But as you said, they are great indicators of new business wins on the enterprise side. Those 2 deals were primarily e-mail security and because they are larger deals, the price per user is a little bit lower than it would be in our average-sized deal. Our average-sized deal are still quite a bit smaller than that, several 100 seats, where the price per user on the e-mail side is in the low teens, the price per user on the web side is in the 20s. But on these much larger deals, obviously, they come at a discount. It's fair to say that both of those deals are 6-figure deals which is quite a bit larger, obviously, than our average deal size. But they're great indication of future deal opportunity there.
  • Lior Samuelson:
    Let me just -- Chad, let me just address the competitive nature of things. So we're running into -- for the most part, we're running into a lot of the box manufactures in many of the deals that we have been winning on the enterprise side. And obviously, we wanted to and I expect, it will be more so into the likes of, let's say, Mimecast and Forcepoint. And I suspect that, over the next -- in the next -- this quarter, next, what I will see more and more of these competitions. And so yes, I guess, we'll be competing with everybody which actually, to be honest, I'm kind of looking forward to. Now and again, I'm embellishing, but as you know, we think that our security is quite superior to any of our competitors.
  • Chad Bennett:
    Right. And do you get us -- should we -- relative to the 6 months ago on your cloud platform business in the pipeline there, I guess, the larger enterprise deals of the mix in the pipeline, has it gone up materially? And in the second half, I think you alluded to more of the same in terms of larger enterprise deals that we should see you guys win. And I guess, so percentage of pipeline, that's changed in the last 6 months. And what is changed in the market that has allowed you do win these deals? Is it credibility, maturity, kind of, what -- how are you doing it?
  • Lior Samuelson:
    So I think that we are taking is what I would call a stepwise approach to the customers how we acquire customers. Our approach was -- into begin acquiring a smaller-sized customers and then begin to grow up the food chain. So what we will see, is we will see -- as the number of these increase, we will see our focus slightly changed and it will change over time, because that is our plan. And we will begin to move to a large and larger enterprises. So that mix will change. We will to continue to acquire small and midsize and also we will begin, we'll continue to acquire larger enterprises although our core focus, right now, let's say, for the third quarter and the fourth quarter is not going to be solely or on large enterprises. But we will definitely see the mix change. I think, though, what's changing in the market is, one, it's clearly -- I think there's an increased recognition -- up and down the size of enterprises that the only long term solution is really going to the cloud. They're not a lot of cloud are solution providers. There is going to be more on the male side than there is on the website, there are hardly any on the website, D scaler, as you mentioned, so the biggest and out there, that's #1. #2, I think that I think, the more customers we acquire, the easier it becomes for us to acquire more customers because we have more reference customers. And so if you had -- if you have a 20 reference customer post of several hundreds, you have several hundreds, it's a lot easier for you to sell more because we can use them as reference. I also think that as our feature side improves and we get more and more features on our platform, it will be easier for us to, #1, sell more and #2, sell at the much larger enterprises. So it's all in the plan. It's all on our part of plan. And what you will see and what we anticipate, we'll hop in over the next several quarters is a consistent increase in the number of deals that we do every quarter. And also, the average size of the deal we do every quarter. And so far, it's proven to be true.
  • Chad Bennett:
    Sounds good. And then one last one for Mike. Just on the Threat Intelligence, kind of, the OEM side of the business, I guess, on an annual dollar basis, the customers that went away versus the customers you added which sound really good. Net-net on an annual dollar basis, are we flat? Up? Is there any way to kind of, characterize that, Mike?
  • Michael Myshrall:
    So yes. I think in the short term, what you'll see is that it takes about 1 to 2 quarters to replace the revenue that we have lost with the new contracts ramping up, but as Lior mentioned, one of the winds that we had in the quarter was a huge upsell. It was one of their existing customers, where we more than double the size of the contract and it's now more than $2 million on an annualized basis. So that a lot had a lots of the smaller contracts that we terminated for competitive reasons.
  • Lior Samuelson:
    Let me add one more thing, Chad. We've been talking for a number of quarters about the fact that in the Threat Intelligence business, we -- some of our smaller customers are basically, either disappearing, because all we are not renewing their contracts occurs it's not -- it's really -- these are not very economical contracts. And what we are seeing is we're seeing an increased demand for better securities on the part of some of our larger customers and enterprises or, let's say, potential threat intelligence customers, who are currently not our customers, but seeking to enhance the security posture as a result of all the newer tax who've come online. Also, basically phishing which is become a really big issue and many, many of the potential friendless customers are unprotected. So we are seeing increased interest, what a big increased interest in -- from that part of the business. But as Mike said, these things are -- the sales cycle is a little bit longer and about the size of the contracts are very, very, very large. So I'm actually -- I feel, very -- that over the next, let's say, several quarter, 1 year or 2, that doesn't -- that business will prove to be very, very strong.
  • Operator:
    [Operator Instructions]. And gentlemen, we have no further questions at this time.
  • Lior Samuelson:
    Okay. So first, thank you for joining us today. Let me just say that in closing that -- this is pretty exciting time for us as we grow nearer to the inflection point of our transition to an enterprise cloud security company. And third quarter, I started off very strongly. And we look forward to continued success in the second half of 2017. Thank you and have a great day.
  • Operator:
    Thank you. And that does conclude today's conference. Thank you for your participation. You may now disconnect.

Other Cyren Ltd. earnings call transcripts: