Falanx Customer demand has grown significantly

Falanx Group Limited (LON:FLX), the global cyber security and intelligence services** provider, has announced its interim results for the six months ended 30 September 2021.  

Highlights for six months to 30 September 2021

Cyber Security division (continuing business) in line with the trading update given on 13 October 2021

Revenues from continuing operations £1.80m (2020: £1.40m) an increase of 28% 
Gross margin from continuing operations 40% (2020: 27%) driven by high utilisation levels and lower external licence fees following successful customer migration to single cyber security monitoring platform (“Triarii”)
Ongoing cyber division adjusted EBITDA* profit of £0.1m (2020: loss £0.28m)
Continuing Group adjusted EBITDA loss £0.40m (2020: £0.67m), a reduction of 40%
£1.0m loan investment by BOOST&Co in August 2021
Cash balances at 30 September 2021 £0.51m (2020: £0.22m), normal working capital position and HMRC in terms
Loss per share 0.13p (2020: 0.33p) from continuing operations
Shareholders’ funds £1.99m (2020: £3.58m) 

Post Period Financial Highlights

The Assynt Strategic Intelligence (“Assynt”) division disposed 6 October 2021 for a cash enterprise value of £4.6m. In the six months to 30 September 2021 this division recorded revenues of £1.00m (2020: £1.05m) and an adjusted EBITDA loss of £0.02m (2020: profit £0.05m)
Second £1.5m tranche of loan investment from BOOST&Co received October 2021 on the same terms as the August drawdown. Total amount £2.5m.
Cash balance at 30 November 2021 £4.3m, trade debtors were £0.55m, and trade creditors were £0.24m

Operational highlights

Disposal of the Assynt Strategic intelligence division allows expansion of and investment in the Cyber Security division
Strong inflow of customer orders in the Cyber Division, with high staff utilisation levels has contributed to the adjusted EBITDA profitability
Move to a single Triarii monitoring service complete, leading to significantly lower support costs whilst increasing customer functionality
Largest ever cyber order received in April 2021 for £1m of penetration testing to be delivered over three years from a global financial services company
N-Able completed spinout from Solar Winds in July 2021, confirming the opportunity to address this market of 25,000 MSP users and 500,000 end user customers with our cyber security services. Conversations are ongoing and Falanx expects this to start benefitting the next financial year
The launch of the new f:CEL (falanx: Cyber Exposure Level) product designed to help customers understand their Cyber risk at an affordable price point, supporting SMEs through to larger organisations, with Enterprise class service available for SMEs.  Increasing partner interest supports confidence in its growth potential 

* Adjusted EBITDA is a non-IFRS headline measure used by management to measure the Group’s performance and is based on operating profit before the impact of financing costs, IFRS16, share based payment charges, depreciation, amortisation, impairment charges and highlighted items

** Former operations sold in October 2021

Alex Hambro, (Non-executive Chairman) of Falanx Group, commented:

“Following the disposal of Assynt in October 2021, Falanx is now a ‘pure play’ Cyber Security services business which is well positioned and financed to address the growing market opportunity created by constantly increasing risks in the digital world. Customer demand has grown significantly compared with the pre-pandemic environment. Our new initiatives are gaining interest from both direct customers and from our larger partners,and we are beginning to achieve sales of these innovative services.  Our core service offerings of penetration testing, and protective monitoring are doing well, have moved into profitability and provide us with a solid foundation for growth with their large customer bases.

We view the future for Falanx with increasing optimism. We are operating in an exciting high growth market where there is increasing corporate and customer activity, and we look forward to updating shareholders with our progress over the next few months. “

Business Review

The business review focusses solely on the ongoing cyber operations of the Group.

Falanx Cyber Defence has achieved a much-improved financial performance in the six months to 30 September 2021. The division recorded revenues of £1.8m (2020: £1.4m) and adjusted EBITDA profits of £0.1m (2002: loss £0.28m). Gross margins were 40% (2020: 27%) with the improvement arising from much improved utilisation of professional services staff which were adversely impacted by project delays during the COVID-19 crisis in 2020. Gross margins also increased due to the cyber security monitoring service moving to a single Triarii platform and the consequent elimination of certain 3rd party licence fees from July 2021 onwards.

The division won £2.5m (2020: £1.5m) of orders for penetration testing in the period. Included in this was the division’s largest ever contract which was won in April 2021. This was from an existing global financial services customer and is for the provision of Penetration Testing services over a three-year period.

Triarii MDR / “Detection in Depth”

Triarii as the service brand gives our customers and partners a choice of technology stack, depending on their personal and technical preference. Our standard (default) Triarii offering is built on the enterprise-class elastic stack, including the big data database, SIEM tool and Elastic Endpoint Security (formerly Endgame). Our alternate offering replaces these technology components with Microsoft Azure sentinel and Endpoint technologies and are especially relevant for clients already heavily invested in Microsoft Azure.

Both stacks are then supported by a range of other tools looking at activity in a range of places both within and outside a client’s network, resulting in our Detection in Depth approach wherein we look in multiple locations for signs of potential hostile activity.

The licensing cost of running Triarii has been significantly reduced from our previous technologies – which have both now been retired from service. 

Falanx : Cyber Exposure Level (“f:CEL”)

This new solution plays an important role in protecting a company from cyber-attacks. The more an organisation understands its security posture, the more it understands the risk it carries of being attacked. f:CEL emulates the reconnaissance phase often adopted by criminals in deciding whether to attack a business. A rapidly deployed, automated service, this can be offered at mass levels to get a view of the overall risk of an entire community of companies (e.g., customers, suppliers, policy holders and many more) providing insight into the risk carried by a community and the steps to take to mitigate that risk at individual entity level. 

Pricing for f:CEL is disruptive, being affordable by even the smallest of businesses. The user can select the timing and frequency as to when they run the service so an ongoing picture of their security situation can be obtained.  f:CEL is sold mainly by annual subscriptions (with an effective average monthly price of circa £40)  which generates a predictable stream of high-quality recurring revenue. Users can select when to run their reports during the subscription period, so that they can have an ongoing view as to how their security profile is changing and with comparison to a wider cohort. The reports create a valuable database which can be used to help provide users, depending on the outcome of their report and in relation to a wider cohort, with their cyber security needs such as penetration testing or protective monitoring, and as the userbase expands this data is expected to become an increasingly valuable asset.   

The platform has been developed internally using a combination of proprietary and standard components.  This has allowed us to leverage our deep experience and sector expertise, to create a platform which can be highly configured to deal with a particular client or market requirement, which increases the relevance of our reports to their users.  We are in discussions with several larger partners (in addition to N-able) who each have thousands of potential f:CEL users, and we look forward to announcing further progress on this in the coming months.

Outlook Statement

The investment in our Triarii and f:CEL services has created two new service lines each with strong potential and increasing demand. They are typically sold on a recurring revenue basis which generates predictable cash flows and revenues over a period, and therefore increases the quality of our revenues and profits. The Cyber Security business has had high levels of interest shown by both longer term and newer partners. Our partners have large market access (typically with several thousand end user clients) and are engaging with us on its deployment, and we are adding further similar partners. With these services we are well positioned to address the growing needs of SMEs for increased defensive cyber security protection, and this fits alongside our highly skilled penetration testing teams who carry out offensive testing of our clients’ IT infrastructures. 

The board believes that the results of f:CEL reporting will improve the awareness in organisations as to their cyber vulnerabilities and risks and will provide a channel for further potential sales of XDR and penetration testing into large userbases. 

To properly exploit the potential of these services, the division will be using its increased financial resources to expand its sales and marketing efforts with the recruitment of certain strategic hires, initiation of marketing programs and ongoing investment in service delivery and innovation. We will also be expanding the highly skilled penetration testing team to satisfy growing demand.

The Group’s much stronger financial position, supported by good trading so far in the second half of the year, will also help enable acquisitions of complementary cyber security business to be made. Acquisitions are filtered to have highly relevant products and services, addressable customer bases and to be both earnings enhancing and cash generative.

Financial Performance

Continuing Operations (Cyber Security Division)

Revenues from continuing operations grew by 28% to £1.8m from £1.4m in the previous year, and much improved utilisation, and a streamlined technology platform, helped the gross margin to increase to 40% (2020: 27%). This combined with firm control of the division’s operating cost base (which fell by a further 4%), helped the division to produce an adjusted EBTIDA profit of c£0.1m (2020: £0.28m loss). Central costs were £0.49m (2020: £0.39m), with the prior period benefitting from the salary sacrifice scheme which was initiated as part of the Group’s initial response to the COVID-19 crisis.

Overall, the adjusted EBITDA loss from continuing operations was reduced by 40% to £0.4m (2020: £0.6m). 

Adjusting items were much lower at £0.02m (2020: £0.21m) and reflected lower investment costs and professional fees.

Discontinued Operations (Assynt Strategic Intelligence Division)

The Assynt strategic intelligence recorded revenues of £1.0m (2020: £1.1m) and its gross margin declined to 23% from 28%, and it produced an adjusted EBITDA loss of £0.02m (2020: £0.05m profit). This division was disposed of on 6 October 2021, and on disposal approximately £0.43m of divisional liabilities were taken on by the purchaser. 

Overall Group

Overall, the Group’s revenues were £2.8m (2020: £2.5m) with a gross margin of 34% (2020: 27%) and had an adjusted EBTIDA loss of £0.4m (2020: £0.6m).

Depreciation and amortisation charges were £0.25m (2020: £0.26m), with the vast majority being the routine amortisation of the customer bases acquired in 2018, as well as property lease costs related to IFRS16.  Share option charges were £0.02m (2020: £0.24m), with the comparative period representing higher costs associated with the grant of share options under the salary sacrifice scheme in April 2020.

Interest payable £0.04m (2020: £0.02m) included financing costs associated with the lease of the Reading office as well as the interest payable on the loan from BOOST&Co which commenced in August 2021.

Overall, the loss from continuing operations for the period fell to £0.71m (2020: £1.33m) against an overall loss of £0.75m (2020: £1.35m). The loss per share (both on a basic and fully diluted basis) from continuing operations was 0.13p (2020: 0.33p) and on an overall basis was 0.15p (2020: 0.34p)

Consolidated Statements of Financial Position at & Cash Flow

Non-current assets were £4.0m (2020: £5.8m) and principally comprised of the acquired customers bases and associated goodwill.  The £1.44m investment in Furnace Technology (which was spun out of Falanx in December 2019) was fully impaired in the year ended 31 March 2021.

Cash receipts were strong, with no incidence of bad debt being recorded, and debtor days were 42 (2020: 48 days).  Net cash outflow from operations was £0.88m (2020: inflow £0.19m). This reflected the positive impact of HMRC deferrals in the prior year as a response to COVID-19, and the consequent repayments of circa £0.25m in the current year, as well as timings of certain large customer receipts at the start of the period.

At 30 September net liabilities (mainly related to deferred incomes) of approximately £0.43m were held on the balance sheet related to the discontinued business and these were transferred to the purchaser on 6 October 2021.

In August 2021 the Company drew down the first £1.0m (of a £2.5m facility & before costs) of secured loan form BOOST&Co, the key terms of which are:

·      Annual interest of 11%, and straight-line amortisation of the loan commencing after 12 months

·      The loan carries a 3% early prepayment fee on the then amount outstanding

The proceeds of this loan (and its subsequent extension) are to provide investment capital in the expansion of the Cyber division both through the investment in sales and marketing, service innovation and the expansion of delivery capability, as well as supporting value enhancing acquisitions of cyber security businesses. 

Cash balances as at 30 September 2021 were £0.51m (2020: £0.22m) and overall shareholders’ funds were £2.0m (2020: £3.9m).

Events after the reporting period

·      On 6 October 2021 the Group disposed of the Assynt strategic intelligence division. This included Falanx Assynt Ltd and including its four overseas wholly owned subsidiaries in the UAE, USA, Hong Kong, and Ireland.  Assynt was acquired by Cross Atlantic Solutions Partners LLC, (“CAS”) which is backed by funds advised by a US based investment firm focused on investing in information, marketing, and tech-enabled services businesses.

The consideration (before usual deal costs) was comprised of a total consideration of £4.6 million before the deduction of a working capital adjustment of approximately £0.5 million. £0.35 million of the consideration is held in a 3rd party escrow account against any potential warranty claims against standard issues for twelve months from completion. 

Falanx made certain warranties to CAS in respective of Assynt’s historic business and the Company has put in a normalised level of working capital at completion as referenced above. All of Assynt’s employees transferred as part of the transaction, and Falanx is providing certain administration services to Assynt until the end of January 2022 as part of an orderly hand over under an agreement negotiated on an arm’s length basis.

·      On 13th October 2021 the Group drew down the final £1.5m of the Boost loan facility, under identical terms as the initial £1.5m drawdown in August 2021 outlined above.  

·      Cash balances  on  30 November 2021 were £4.3m  following the payment of the vast majority of deal costs related to the disposal of Assynt, working capital adjustments and certain cyclical payments. At this date trade debtors were £0.55m, and trade creditors were £0.24m and the group had a normal working capital profile, with all amounts due to HMRC being within agreed terms.

Click to view all articles for the EPIC:
Or click to view the full company profile:
Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Falanx Group Ltd

More articles like this

Falanx Group Ltd

Why cyber security operation centres should be UK based

The current financial environment has everyone money conscious, but many companies are still leaving themselves vulnerable to big pay-outs to cyber fraudsters. Cyber criminals earn three times the average salary of a FTSE 100 chief executive, according to

Falanx Group Ltd

You have to live and breathe entrepreneurship

Serial founder Nicola Hartland has scaled and sold several businesses from Aberdeen to Basingstoke. She reveals the secrets to her success. Falanx Cyber When Falanx Cyber – part of publicly listed Reading-headquartered Falanx Group – sought someone earlier

Falanx Group Ltd

Transport operator Go-Ahead flags cyber security breach

British transport operator Go-Ahead (GOG.L) said that it had detected “unauthorised activity” on its network earlier in the week, adding that the cyber security incident had no impact on its UK or international rail services. The incident has been notified

Falanx Group Ltd

The fallout from the NHS cyber attack

On August 4th, British software services provider, Advanced experienced a disruption to their systems that they have determined to be the result of a ransomware attack. It just so happens Advanced provides 85% of 111 services for the National Health

Falanx Group Ltd

Rob Shapland speaking at International Cyber Security Expo 2022

Where: Kensington Olympia, London.When: 28th September, 2022Session Time: 11.30am Rob will be presenting: How to Steal a Vaccine  The importance of vaccines in the age of Covid-19 cannot be underestimated. This session will describe how the speaker planned and executed a cyber

Falanx Group Ltd

How to develop a data breach response plan

Data breaches happen at all organizations. Even the most effective defensive layers — endpoint and managed detection and response, multifactor authentication and employee awareness training programs — are beatable if the attacker is sufficiently skilled or motivated. Having

Falanx Group Ltd

Falanx Group optimistic about outlook of the business

Falanx Group Ltd (LON:FLX), the AIM listed provider of cyber security services, has provided an update on its results for the year ended 31 March 2022 and the first quarter’s trading to 30 June 2022. Results for the

Falanx Group Ltd

Why are charities falling behind on cyber security?

According to latest research, charity leaders are lagging behind their counterparts in the public and private sectors in their understanding of cyber security. This knowledge gap is across a raft of areas, from reporting breaches and providing staff with adequate

Falanx Group Ltd

How resilient is your business against cyber threats?

Be cyber ready with a security assessment Falanx Cyber’s security assessment service evaluates your current security maturity and ability to respond and recover from cyber attacks. We use the 5 pillars of cyber resilience as a framework: Prepare

Falanx Group Ltd

Falanx Cyber’s Rob Shapland appears on DW’s The Day

Falanx Group plc (LON:FLX) is an AIM-listed security and intelligence provider based in London in the United Kingdom. Falanx Group is a team of security professionals and technology experts who work in close partnership with our clients to help them

Falanx Group Ltd

Could your business survive 21 days of downtime?

Business disruption All of our businesses have suffered a fair degree of disruption in recent years as we responded to the effects of the pandemic. But what would be the effect of losing access to all of your

Falanx Group Ltd

Ethical Phishing

Are your staff prepared for cyber attacks that are designed to coax sensitive information from them? Let us find out. Phishing is more prevalent than ever and becoming increasingly more sophisticated. We can help you minimise cyber attacks

Falanx Group Ltd

Why do I need Continuous Vulnerability Scanning (CVS)?

In 2021, the US-CERT Vulnerability database recorded 18376 vulnerabilities. That’s an average of more than 50 common vulnerabilities and exposures (CVEs) per day. With cyber criminals constantly scanning the internet looking for CVEs to exploit, if your organisation

No more posts to show