Cyren Ltd.
Q1 2015 Earnings Call Transcript

Published:

  • Operator:
    Good day and welcome to the CYREN Ltd. First Quarter and 2015 Earnings Conference Call. Today's conference is being recorded. At this time, I would like to turn the conference over to Mr. Garth Russell, KCSA. Please go ahead sir.
  • Garth Russell:
    Thanks Tom and welcome to our conference call to discuss CYREN's first quarter 2015 financial results. This call is being broadcast live and can be accessed on the Investor Relations section of the CYREN website. Before we begin, let me please remind you that during the course of this conference call, CYREN's management may make certain forward-looking statements. These forward-looking statements are based on current expectations, that are subject to a number of risks and uncertainties that may cause actual results to differ materially from expectations. These risks are outlined in the Risk Factors section of our SEC filings, including our prospectus filed on May 15, 2015. Any forward-looking statements should be considered in light of these factors. Please also note as a Safe Harbor, any outlook we present is as of today and management does not undertake any obligation to revise any forward looking statements in the future. Also during the course of this conference call, we may discuss non-GAAP measures when talking about the company's performance. Reconciliations of the most directly comparable GAAP financial measures are provided in the tables in the earnings press release issued earlier today and available on the Investor Relations section of our website. These financial measures are included for the benefit of investors and should be considered in addition to and not instead of GAAP measures. With me on the call today are Mr. Lior Samuelson, CYREN's Chairman and Chief Executive Officer and Mr. Mike Myshrall, Chief Financial Officer. With that, I would now like to turn the call over to Lior. Lior, the floor is yours.
  • Lior Samuelson:
    Thank you, Garth, and thank you for joining us today as we provide an operational update and discuss our 2015 first quarter results. The first quarter of 2015 was very significant in our evolution from a detection technology provider to one of the world's top security companies. We took several steps to enhance our leading cloud-based cyber security platform. For example, we developed a breakthrough automated system to analyze malware using a massive multilayered sandbox array in the cloud. This sandbox array, together with our new [repetition] [ph] service creates one of the most sophisticated cyber security protection capabilities in the world. It is very unique. Also during the quarter we released DNS-based policy and security enforcement a major feature enhancement for CYREN WebSecurity or CWS. This enhancement lets us compete in additional service provider or in end markets by offering WebSecurity protection for public and consumer networks. DNS-based enforcement also provides CWS enterprise customers with a fast, reliable security policy enforcement mechanism that can streamline the deployment process and enable protection for new locations in a matter of minutes. We believe that as the number of bake-offs that we participate in increases, so will our win rate. Our superior detection technology will over time differentiate us from many of today's security providers. In fact, in March we successfully won a bake-offs and signed our largest CWS customer to date with an enterprise that has 5000 users. This important win demonstrates the superiority of our platform and detection capabilities which are based on the industry's most sophisticated, automated detection engines and algorithms and on the industry's largest security data base. As a reminder, we conduct more than 17 billion transactions in the cloud everyday and serve more than 600,000 endpoints per day. During the quarter, we accelerated the implementation of our direct-to-enterprise CWS sales model that was first introduced last quarter. The model is an import strategic step for CYREN that allows us to address opportunities with enterprises that prefer to buy directly from the vendor. It also gives us great insight into the market and the sale process. The market is still in the early stages of a major transition in how enterprises address cyber threats and we are at the forefront of this shift. According to Gartner, the vast majority of the enterprise over 75% still use appliances for web security, though cloud secure deployments are growing over 20% a year. Organizations are actively looking to replace their outdated appliances with modern sophisticated cloud solutions to address cyber threats with added protection for roaming and mobile workers. Accordingly we've been targeting customers who are undergoing this process leading to new business wins and a robust new business pipeline. Today, our pipeline includes a larger number of enterprise deals that we've seen in previous quarters. In fact, the traffic in our network for evaluation purposes has increased by thousands of percentage points. Our added DNS capabilities are already enhancing CYREN's ability to compete in several key industry protocols such as healthcare, education, hospitality, retail and airports where public Wi-Fi infrastructure is deployed. We are currently in the evaluation stage at several customer deployments within these target markets and converting these opportunities could bring tens of thousands of users onto our CWS network. We also continue to make progress on the development of our cyber intelligence suite which includes a number of real time data feed solutions. These solutions enable organizations to analyze and apply the vast amount of secure data CYREN generate in real time to improve the detection of their solution or the security of their environments. We already have a number of customers who are subscribing to these services in order to prevent advanced malware and zero day attacks. As we discussed previously, during the second half of 2015 we anticipate the release of a cyber security module for CWS that will let us bring our advanced cyber security detection and analytics to enterprise customers. During the quarter, we also added and expanded several new partnerships with our channel partners. Earlier this month we announced an agreement with Dell that add CYREN's antimalware technology to Dell SonicWALL Email Security appliances, software, virtual appliances and hosted services. In a similar vein, we recently announced that Primetals Technologies, a joint venture between Mitsubishi Heavy Industries and Siemens selected CYREN's cybersecurity solution as its main defense against cyberattacks, malware and email threats. This joint venture provides significant visibility for CYREN. Primetals has more than 9000 employees spanning more than 40 locations worldwide. In February we continued to grow our global partner network with the addition of KBSL Information Technology Limited, one of Sri Lanka's leading business systems integrated companies. KBSL now offers our cloud-based CYREN WebSecurity solution to address the security as a service market. And just last week we announced the German based G DATA Software will extend its integration of CYREN malware attack detection with its portfolio of consumer and enterprise cyber security solutions. The multiyear partnership expansion helps protect millions of G DATA end users in more than 90 countries. CYREN's malware attack detection solution is a key component in our cyber intelligence suite and provides one of the industry's fastest response time to remove malware outbreaks, locking potentially harmful malware in the earliest minutes of attack. This key capability leverages the billions of transactions we see daily and is already embedded in our CWS platform in order to protect our growing enterprise customer base. Just recently, the superiority of our detection was confirmed again by increasing a large multiyear renewal agreement with Intel Securities McAfee division, one of the world's largest security companies. This agreement builds on the previous McAfee contract that was previously mentioned during the Q3 2014 earnings call. We have made superb progress toward establishing CYREN as a major player in the cloud-based cyber security field. The combination of our detection technology, data and automation position us well for the future. With that, I'll hand over the call to Mike to further elaborate on the results. Mike?
  • Michael Myshrall:
    Thank you, Lior, and good morning everyone. I will now provide you with a summary of our first quarter 2015 results. For the more detailed results, please refer to the press release we issued earlier today which is posted on our website. In addition please note that we compile our financials under U.S. GAAP, which includes non-operating expenses. In order to better analyze our business performance I will also discuss certain financial metrics on a non-GAAP basis, which excludes those non-operating items. You can refer to today's press release for a full reconciliation of our GAAP and non-GAAP results. GAAP revenue for the first quarter of 2015 was $7 million, compared to $7.8 million in the fourth quarter of 2014 and $8.1 million a year ago. Non-GAAP revenues for the quarter also totaled $7 million compared with $7.9 million last quarter and $8.1 million in the first quarter of 2014. The reduction in revenue was driven in part by the continued decline of the euro during the first quarter along with the full quarter impact of customer terminations that happened during the second half of 2014. Several of our OEM partners reported weaker than anticipated usage of CYREN services during the quarter and the full effect of the record bookings we experienced during the fourth quarter of 2014 has not yet taken full effect. It often takes up to two full quarters before revenue recognition can begin for OEM customers in CYREN's embedded business model. Our GAAP gross margin for the quarter was 71% compared with 75% for the previous quarter and the first quarter of 2014. Non-GAAP gross margin for the quarter was 74% compared with 77% during the previous quarter and 78% a year ago. GAAP operating expenses for the first quarter were $6.4 million, down significantly from $7.9 million last quarter and $8.2 million in the first quarter 2014. Non-GAAP operating expenses for the quarter were $5.9 million compared with $7.4 million in both the previous quarter and the first quarter of 2014. The weaker euro and shekel positively impacted our U.S. dollar cost base for our operations in Germany and Israel. In addition, approximately $0.6 million of one-time G&A expenses from Q4 2014 were eliminated. First quarter GAAP net loss was $1.7 million or a loss of $0.05 per basic and diluted share compared to a loss of $2.1 million or a loss of $0.08 per basic and diluted share in the first quarter 2014. Our first quarter non-GAAP net loss was $1 million or a loss of $0.03 per basic and diluted share compared to a non-GAAP net loss of $1.4 million or $0.05 per diluted share in the first quarter of 2014. The reconciliation between GAAP and non-GAAP net income is including in our press release. Now turning to the balance sheet. Our cash balance at the end of the quarter stood at $8.5 million compared with $11.1 million as of December 31, 2014. Operating cash used in the first quarter was $2 million compared to operating cash usage of $2.4 million during the first quarter of 2014. Cash usage during the quarter was lower than planned and included a nonrecurring prepayment of services of $1 million. In addition, we paid down $0.4 million on our line of credit reducing the balance to $4.4 million as of March 31st compared to $4.8 million on December 31st 2014. During the quarter, we renewed our line of credit for another year and reduced the total borrowing limit from $7.5 million to $6 million. Subsequent to quarter end on May 15th we filed a prospectus supplement to our F-3 Universal Shelf Registration dated June 20, 2014. Under the new prospectus supplement CYREN has entered into an at-the-market offering agreement to sell up to $12 million of ordinary shares at market price over the next 12 months. To-date, we have not sold any shares under the ATM agreement. At this point, I would like to turn the call back to Lior for closing remarks.
  • Lior Samuelson:
    Thank you, Mike. We are making significant and steady progress toward establishing CYREN as a major player in the changing world of cyber security. We continue to improve our technology, introduced products and features at a very fast pace. Our pipeline has increased dramatically and the current number of CWS evaluations is very large. We are confident that the pipeline evaluation activities will translate into significant additions to our customer base in the near future. And with that, we'll open the call up to questions.
  • Operator:
    [Operator Instructions] We'll take our first question from Lisa Thompson with Zacks Investment Research.
  • Lisa Thompson:
    Good morning. Could you talk a little bit about how revenues were impacted by currency, and now that you said, I think you said last quarter that 40% of sales was the euro, is that similar this quarter and how do revenues look on a constant currency basis?
  • Michael Myshrall:
    So you're correct. 40% of our revenues are in euros and that continued to have an impact on the first quarter. We estimate that the total impact on Q1 revenues was approximately $300,000 in the quarter. Some of the decline was related to some customer terminations that we had in our German business during the second half of last year and the revenues on a constant currency basis in Germany are basically flat to a slight decline, but given the currency impact are having a negative impact on U.S. dollar translated revenues in Europe.
  • Lisa Thompson:
    Okay, and so far in this quarter as far as you are now is it going to be similar in Q2?
  • Michael Myshrall:
    Where we are right now, I think is up slightly for the quarter. So we would anticipate that revenues in the current quarter would be impacted about the same as they were in Q4. During Q1 if the euro turns around and becomes more positive during the second half of Q2, then we would expect a slightly positive effect during Q2.
  • Lisa Thompson:
    Okay, and then just to get back to a general kind of question. You talked about the increase in the number, in the pipeline and the bake-off, from your experience so far when you go into a bake-off what seems to be the major reason for winning or not winning at this point?
  • Lior Samuelson:
    I mean, I think there's really a couple of reasons. One is I think people increasingly recognize that the superiority of the approach that we're offering, and number two, I think that and I mean by that I mean [some of current] [ph] solution and all the features that go along with it. And I think the second reason is that, I think we do have we believe a superior detection capabilities. As you recall, we own all our detection engines. We have very sophisticated anti-malware engines, you know, [URLS] [ph] and all the other engines that we own and continue to enhance and perfect, it’s an ever changing scenario, everyday new malware, and I think we're really at the forefront of the anti-malware technology and I think that's the reason that I think that we will be going to a bake-off and so far I think we're doing well and as our ability to increase the number of times that we compete, which of course is our marketing and sales effort I think that our win rate will increase primarily as a result of our approach and our superior detection capability.
  • Lisa Thompson:
    So, but ones you don’t win what do they tell you, that you don't have certain features or that they don’t have anybody - that you don't have any reference accounts like what is that they say to you?
  • Lior Samuelson:
    I guess look, I think at this stage in where our products are I don't think that reference accounts have been an issue for us. I think that for us it's more really continue to execute on marketing and sales efforts and again you're right. I think that we do in order to we are continuing to go up the size chains or the food chains on the size of the enterprises that we can sell to and hopefully and our plan, our development plan, say by the end of this year, we'll be by the end of this calendar year we'll be able to compete with any size enterprise.
  • Lisa Thompson:
    Great.
  • Michael Myshrall:
    And that's a feature issue.
  • Lisa Thompson:
    Okay, it is a feature thing. So and then can you give a little bit more specifics about, you said that you're on track for new products and things. Could you give us an update on the timetable of when things are coming up?
  • Lior Samuelson:
    So we have some fundamentals, we release a new version of our platform CWS every month and so we have a timetable with a set of features that we need to enhance or produce, but one of the major features that are, so you know, one of the things that we'll come out, that we came out with, now as we mentioned few minutes ago, DNS the future that we released now enables us to compete very easily for very large public Wi-Fi networks. And one of things that we are going to release in the third quarter, the first half of it, will be what we call our cyber module that will sit on top of our CWS, will be an up sell on CWS. We are already selling some of the components as components of the cyber security solution, but sometime in the third quarter we are going to come out with the entire module that will sit on top of our cloud. It will be we believe one of the first if not the first and very unique solution, cyber security solution on the cloud.
  • Lisa Thompson:
    Great, is that going to be held at some sort of event or trade show or anything, now is that going to be a private release…?
  • Lior Samuelson:
    No. We'll just, we’re just going to, I mean as I mentioned it's probably kind of a private release. I mean we might, our marketing team will decide to make a little bit, sort of advertise it, but I think there are some people as I said already using part of the, not the entire module, but components of the module. In fact one of the largest networking company in the world is already embedding that technology in their products. So we are selling components with it, but we are not selling the entire package because it will be released in the third quarter.
  • Lisa Thompson:
    Great, thank you so much. That's all my questions.
  • Lior Samuelson:
    Thank you.
  • Operator:
    We'll take our next question from Alex Silverman with Special Situations Fund.
  • Alex Silverman:
    Thanks for taking my question. Couple of my questions have been answered, but I would like to go back to the cancellations in Germany and another comment you made about lower use by some customers. Can you give us a little more granularity on what was behind that?
  • Michael Myshrall:
    Sure. So thanks for the question Alex. So in previous calls we talked a little bit about some of the terminations that we had during the second half of last year was primarily in the email security business in Germany and what we're seeing is that some of our customers, our OEM partners, who are primarily using the email security and the antispam technology are reporting lower volumes of usage than they have in previous years. We think part of that is related to the overall decline in email and decline in spam technology, but the positive thing is that it's being offset by more advanced malware threats and phishing attacks and so we're actually seeing an uptick in our interest for our other solutions. So for instance on the earnings call Lior mentioned the Dell contract which is an antimalware SDK solution. We also signed a significant extension to our contract with McAfee on the antimalware side and we have some anti-phishing feed technology which is part of the cyber security in our cyber intelligence suite. So we think that what is happening is, there is a substitution effect where some of our customers are seeing lower volumes on the pure spam side, but we're seeing an increase in demand for some of our more advanced technologies instead.
  • Alex Silverman:
    Are the customers bringing the spams threat presumption in-house or are they going with another, with a competitor, I mean I can't imagine they are simply abandoning it?
  • Lior Samuelson:
    So each situation is a little unique and a couple of the contracts that turned over last year, in one case it was a service that got discontinued altogether, in another case it was a service that was being brought in-house using open source technology and then in a third case it was a contract that we actually lost to Cisco. Cisco bundled in their antispam solution into a lot of other networking gear. So I think what you're seeing is that the emphasis on pure spam solutions is going down and what customers are looking for are more advanced technology to prevent the advanced malware and the advanced persistent threats and the cyber threats that are occurring now.
  • Alex Silverman:
    Okay, very good. Thank you.
  • Operator:
    [Operator Instructions] We'll go next to Marcel Herbst with Herbst Capital Management.
  • Marcel Herbst:
    Thanks so much for taking my question. First question is regarding your WebSecurity reseller network. In the fourth quarter you mentioned that you have about 50 to 100 entities that are using your provisioning system. Has this number expanded at all or do you have a target in mind where you want to be by the end of the year?
  • Michael Myshrall:
    Yes, so thanks Marcel, for the question. So I would say that we are approaching about 100 different entities that are using the service now and we are in various stages of deployment of trials of live production users and those who are in the integration phase. By the end of the year what we're targeting and what we're hoping for is that we’ll have several hundred users or several hundred entities using the network and tens and thousands if not hundreds of thousands of users on the solution in live production environment.
  • Marcel Herbst:
    Okay great. That’s very helpful. By the way congrats on your appliance deal with Dell SonicWALL. I was wondering if this deal offers significant size or in other words, what's the annual revenue potential there?
  • Michael Myshrall:
    So the Dell deal is significant in a couple of different ways. Number one, as I mentioned earlier, it is using our antimalware technology and it is further validation at our antimalware engine is a very strong solution for OEM players out there like Google, Microsoft and now Dell. In terms of its revenue impact it’s a multi-year deal over three years and it is a minimum commitment contract where Dell has agreed to pay us a certain minimum commitment plus they will report additional usage on top of their minimum commitment. So it’s - the deal itself is a six-figure deal and over the course of three years depending on their usage factor it could exceed a seven-figure deal if things go well. Now the other interesting thing that we think that is very positive about working with Dell obviously is that Dell is a large organization. This contract is only with their SonicWALL appliance division. However, Dell also has a very large managed security service provider division called SecureWorks and SecureWorks is probably the leader in terms of MSSPs out there and so they’re an ideal customer for our CWS solution. So longer term, we’re hoping that this contract with the Dell SonicWALL division could lead to further inroads with Dell perhaps into SecureWorks to sell our CWS solution as well. So that’s why we are very positive on this contract.
  • Marcel Herbst:
    Do you have similar appliance deals in the later stage of your pipeline currently?
  • Lior Samuelson:
    Yes, we have a number of appliance type of solutions, our appliance type of OEM partners out there as you know Checkpoint, and WatchGuard and so now so forth are all customers of ours using our technology in their appliances. We already mentioned one of the very largest equipment manufacturers in the world, a Chinese based company is also using our technology, but we’re also in discussions with other customers in the appliance industries who are looking to integrate our cyber security technology into their appliance in our traditional embedded OEM business model.
  • Marcel Herbst:
    That’s very helpful, thank you. Then given the all-time record bookings in Q4 and you mentioned it takes a quarter or two for this to take in, would you expect year-over-year revenue growth in Q2 on a constant currency basis?
  • Michael Myshrall:
    So Q2 over Q2, I think is when comparing to 2014 is going to be a bit of a challenge. We would anticipate that the Q2 revenues will be fairly similar to the current Q1 revenues depending on what happens with the euro. I think overall for the year, we are anticipating growth during the second half of the year, but Q2 in particular is a little bit more difficult to predict.
  • Marcel Herbst:
    Okay, great. Thank you.
  • Operator:
    We will take our next question from Walter Ramsley with Walrus Partners.
  • Walter Ramsley:
    Thanks a lot. I have got a few additional questions. Going to that last caller’s question about the legacy business, do you think that business is beginning to tail off or is this kind of a temporary swing that you will get back to last year’s run rate before Q1?
  • Lior Samuelson:
    So, I think what we’re seeing, I think what we’re seeing is we’re seeing as Mike mentioned, really we’re seeing a little bit of a substitution effect in that market. I think the number of emails we see so far are declining. I mean there is a significant uptick in email for marketing purposes and so on and so forth but kind of general communication emails are declining. But we see a substitution effect. I think that we’re seeing in the pipeline other thing we’re seeing demand, consumer demand for our WebSecurity especially the SDK and sort of our kind of the technology and also we’re seeing increased demand for our antimalware technology. So I don’t see the market is disappearing, I don’t see but there is now pressure on it, but I think that the – I think the overall the embedded business is alive, it’s doing well. But as you know that, so we continue to invest in enhancing our detection engines which we do for two purposes, one is to maintain and improve our OEM business and two, these are also the foundations for some of the detection for CWS in our new platform and a lot of innovation comes from it. So, but I think that really that we will continue in this market. I think it will be a pretty good market for us in the foreseeable future, but again most of the emphasis of our R&D team and what we’re doing is really in the Cyber, the new malware and CWS, that’s where we’re investing much of our resources.
  • Michael Myshrall:
    And Walter, if I can just add that many of our contracts are very longstanding contracts and customers have been with us for many years a very sticky service that we mentioned the McAfee contract enhancement and renewal, they have actually been a customer of ours now since 2004 and just signed another multi-year multimillion dollar extension which is an uptick in their contract value as well. So there is a lot of stickiness to our customer base even if you look at the customers from 2014 that contributed about $32 million in revenue in 2014. Over the life of the contracts, those customers have generated $170 million of lifetime value to CYREN. So what we think is that any decline in that OEM business is going to take time and these customers are very sticky.
  • Walter Ramsley:
    Okay. So just following up on that a little bit, when the legacy contracts did come up for renewal or have been coming up, have you maintained essentially 100% renewal rate with like lower feed prices or I mean what’s the dynamic there?
  • Michael Myshrall:
    So, as we mentioned in previous calls, we generally do with the pricing pressure on a per user basis when contracts are up for renewal. So a lot of times customers are asking for lower price per user and we may maintain the total contract value when we renew it. But the effective price per user goes down because they’re adding more users into the service. In some instances, so for instance McAfee is a good example, we actually see an increase in value when we renewed the contract. Microsoft was another example of that last year. Generally speaking, we model it at around 85% to 90% renewal rate in our OEM business and I think we have an update that proves out that our renewals will continued at about that rate.
  • Walter Ramsley:
    Okay. Okay. That’s pretty good and just one last thing, I guess the previous caller also had talked about the report that I guess you put on the last conference call about the Q4 bookings. Can you have any comment on how the bookings were in Q1?
  • Michael Myshrall:
    So yes, Q4 was a very strong quarter for us and we started to see some recognized revenue in Q1, but we won’t see the full effect until probably into Q3. Q1, there was a bit of seasonality in our business where our Q1 is generally a little bit lighter than the other quarters, but Q1 came in greater than Q1 bookings a year ago, but a little bit lower than Q4 which was at a much higher rate.
  • Walter Ramsley:
    Okay. Thanks again, congratulations.
  • Michael Myshrall:
    Okay. Thanks Walter.
  • Lior Samuelson:
    Thank you.
  • Operator:
    And that does conclude the question-and-answer session. Mr. Samuelson, I’ll turn the call back over to you for any closing remarks.
  • Lior Samuelson:
    Well, all of you that are on the call and those listened via the Internet, thank you for the interest and participation in our Q1 earnings call. As we look forward into the rest of 2015, we are very encouraged with the achievements that the company has made and we’re extremely excited for the continued rollout of our CWS and Cyber Security Solutions. We believe that the future for our solutions had never looked stronger and we will continue to update you on our progress. Thank you very much.
  • Operator:
    Ladies and gentlemen, this does conclude today’s conference. We appreciate your participation.

Other Cyren Ltd. earnings call transcripts: