We were delighted to welcome Mary Dowd, CFO of Crossword Cybersecurity to present at the latest Yellowstone Advisory webinar which you can watch here.
Crossword Cybersecurity plc is listed on the AIM market and has a market cap of £26 million. The company was founded in 2014 and joined AIM in December 2018. The company is focused on commercialising university research-based knowledge in the cyber security area. As well as a software arm, the company has a cyber security consulting division.
The presentation started with an overview of the leadership team which has a huge amount of experience for such a small company. It includes a former head of MI6, a FTSE100 NED along with others deeply ingrained in the tech and cyber security industries for many years.
Crossword Cybersecurity has 3 core product offerings as well as a consulting arm and two non-core product offerings and these are targeted at large and growing market. It is estimated that the UK cyber-security market is worth $7bn and is the largest in Europe. In the last 12 months it was reported that 4 out of 10 businesses and 25% of charities experienced a cyber attack of some sort. The costs of dealing with cyber attacks can be large with Solar Winds, a US company, reporting their latest cyber attach had cost them $18 million. Interestingly, software giant Microsoft has warned of increased phishing campaigns from attackers trying to access Office365 client data. This presents a big opportunity for cybersecurity firms.
The first product that Crossword Cybersecurity brought to market in 2018 was Rizikon which originated at the University of London. The software helps companies manage risk in their supply chain by analysing essential corporate information and displaying it in easy-to-use dashboards. There are three pricing options depending on the size of the firm ranging from £3kpa of recurring revenue to £100k+ of recurring revenues. There are currently over 300 organisations using Rizikon to assure 3,750 suppliers, a ten-fold increase in the last 6 months. Growth has accelerated recently through the use of partnerships with CIISec and ICAEW who have promoted the service to their members. Rizikon has also received funding from Innovate UK and is working in partnership with Liverpool John Moores University on a potential new product in the supply chain risk management area. Success has been achieved across multiple sectors showing almost all companies have demand for better supplier risk management tools. Specific sectors mentioned were government, nuclear chemical and financial services.
Nixer CyberML was the next product brought to market and was launched in November 2019. The software helps companies protect against credential stuffing, which is the use of stolen credentials (username and passwords) into multiple sites as users often use the same username and password combinations across multiple sites. Attackers steal/hack the credentials, sell them on the dark web and criminals who buy the data try to use it to access and gain control of multiple accounts across multiple sites. The Nixer software uses AI and machine learning to detect and prevent credential stuffing and other “account takeover” attacks.
The third part of the core Crossword Cybersecurity software offering is Identiproof which was acquired when Verifiable Credentials was purchased in May 2021. The business was founded by Professor David Chadwick as a spinout from the University of Kent. Identifproof helps companies and organisations verify the digital certificates consumers are increasingly relying upon on a regular basis. These include tickets for concerts and festivals, insurance certificates, education certificates and many more. The software is in an early stage of its development and is currently being demonstrated to potential clients and a number of possible pilots are being investigated.
The consulting division counts 75 clients across many different sectors. They provide specialist consulting advice across the cybersecurity spectrum either on a project-by-project basis or on an ongoing recuring revenue basis. Recurring revenues have increased 2.5x in 2020 compared to 2019 and are growing again this year. The are some synergies between the consulting division and the software side and Crossword hopes to make more of this opportunity. In August 2021, Stega UK was acquired and this has been integrated into the consulting division. Stega adds capabilities in the threat intelligence and monitoring areas. The acquisition brings 30 new clients and is currently breakeven and enjoys recurring revenues of 75%.
Also, this year Crossword Cybersecurity expanded into Oman. They are partnering with the Al-Rawahy group and bring their consulting expertise as well as their software products to the region. The first sales are expected to be rolled out in the second half of this year.
A lot of progress has been made in 2021 already but perhaps what is of more interest is the expectations and guidance going forward. Revenues are expected to grow 50% this year to £2.6m and by 60% next year to £4m. Mary commented she expects the company to be profitable in 2023. Growth is going to be driven by the further roll out of Rizikon, the development/acquisition of two more products by the end of 2022 and the Middle Eastern expansion.
All in all, a very informative introduction to the company. There is a very big market opportunity and Crossword Cybersecurity is making strides towards taking a meaningful market share. A recording of the webinar can be found on the Yellowstone Advisory YouTube channel or by clicking here.
If you would like to receive information about future Yellowstone Advisory webinars, please email firstname.lastname@example.org. Follow us on twitter @ystoneadvisory.