Falanx (FLX) – A buy and build play in an industry ripe for consolidation
Falanx Group provides global cyber security and intelligence services, working with blue-chip and government clients. The company is now embarking on a buy and build strategy to consolidate a fragmented market, gain market share and cross-sell new services to existing clients. We think this makes for an interesting (but high-risk) investment opportunity.
In September, Falanx announced that it had been selected by SolarWinds as its first Threat Monitoring Service Provider (TMSP) for the UK and South Africa. SolarWinds is a billion dollar software solutions organisation whose technology helps to manage IT networks. It has a network of Managed Service Providers, of which 2,000 are in the UK using SolarWinds software. Globally, it has 22,000 MSPs – opening a huge new market for Falanx.
The annual revenues from the total addressable market are circa £360 million per annum from monitoring and £120 million from the professional side. Falanx believes that 20% of the MSP market in the UK is in a position to push forward aggressively, and with an average of 50 customers per MSP this gives around 100,000 SolarWinds end-users in the UK alone. Within this 20%, Falanx believes 5-10 customers per MSP will want to bolster their security state in the short-term. This target group would generate c. £400,000 per month of potential revenue.
The great deal for Falanx in this partnership is that SolarWinds will be introducing the new threat monitoring product to end-users and will be doing the leg work of the selling, giving Falanx a gross margin of around 50%.
The MidGARD platform is the gamechanger for the company. MidGARD is not a product and in this way it is unique on the market. It is a service, 24 hours a day, 7 days a week, which monitors everything coming in, tagging it, and then writing it to an index. The platform acts almost like a botnet as each new client connects to existing clients on the platform and so individual clients can leverage this, learning from each other.
For example, if a threat is identified from one client, MidGARD learns and assimilates this across the entire MidGARD system which immediately protects the other clients. This is all happening in near real time, literally seconds, and there has not been a single breach since the platform was launched. This is incredibly important as it will ensure low customer churn rate – there is only a reason to switch cyber security providers if the provider is not capable of doing its job or if customer service breaks down.
Given that there are only a handful of companies globally who can monitor constantly at both the device and the network level, this makes for tough competition. Costs of entry to any competitors are high as they would need to invest significant sums in order to create the ability to protect their future clients. MidGARD has been four years in the making and it is disruptive – it changes the cyber world as for the first time enterprise solutions are available to both small and medium sized businesses.
Assynt uses a team of in-house multilingual consultants to publish geopolitical analysis and security risk covering at least 35 countries. This analysis is continuously updated as a client needs to be constantly aware of any changes in financial markets, political environments, legal frameworks, etc., in order to be able to make a sound judgement based on the current situation. The pricing range is varied as assignments can cost £1,000 but a bespoke report can cost anything from £30,000 to £50,000. This is repeat and recurring revenue which typically carries around a 30% margin. Assynt grew 9% organically in the reported six months and with the arrival of a new MD and an enhanced senior team the capacity to drive higher revenues is highly boosted.
The environmental testing part of the business covers penetration testing, application testing, vulnerability, threat, and gap assessments, as well as Social Engineering (both physical and phishing). It is fully CREST accredited with all staff having to gain annual cyber accreditation. Falanx also has UK Govt CHECK Accreditation from the government which approves it to provide IT Health Checks on UK government organisations. This is repeat revenue and also carries approximately 30% margins.
The consulting part of the business ihelps companies achieve ISO accreditation and GDPR support. GDPR threatens to impose fines of €20m or 5% of global revenues on companies which suffer a data breach and are found to have taken insufficient measures to protect their data. This means that a single data breach could wipe off huge percentages of a company’s market value in one go due to the potential size of the fines, and so unsurprisingly companies are now taking cyber risk incredibly seriously. The consulting part of the business educates clients on GDPR and other regulations as well as providing a virtual CISO (Chief Information Security Officer) and also has 30% margins.
The market was a bit shaken when Stuart Blaydon left as CEO. Some assumed he was forced out. I have spoken to Stuart and he is a supportive shareholder still, on very good terms with Mike Read (acting CEO and Chair), so much so that if Mike needed his help he could call Stuart up. Stuart left for personal reasons and not for any operational reasons.
Mike Read has been successful in two previous buy and build strategies in fragmented markets. He did it with ISPs in the 1990s rolling up companies into one single entity which was sold for $300m, and he did the same in the 2000s with broadband and hosting. He’s here to complete the treble with Falanx, with value accretive acquisitions to consolidate what is a fragmented market. He has invested £300,000 of his own money into Falanx in the March placing, along with CFO Ian Selby buying £30,000.
Richard Morrell (CTO) is an industry veteran known as “Mr Smoothwall”. He has been around open source technology for twenty years and the technology he invented and wrote protects every school in the UK, all local authorities in the UK, Halfords, Ford, including over 290 million devices around the world. Both BT HomeHub and NetGear use the technology that he invented.
He started his own company, AuditSec, which provides consultancy services to GCHQ and intelligence agencies in the US and across Europe, which was acquired by Falanx where he is now CTO. He was previously CTO of Gartner Global Security and Risk Practice, and CISO of the Cloud Security Alliance. He is a Keynote speaker at global events and after dinner talks, and has a podcast which has over 3m listeners. Richard is very well known in the cyber security world. Richard joined FLX because he was very excited by the disruptive technology and was paid in shares, not cash, for the acquisition of his business.
Both Mike Read and Ian Selby increased their positions by purchasing shares after the FY 2018 results announcement.
Falanx is a high-risk/high-reward investment opportunity and as the company is not yet profitable it must be considered speculative. With heavy board alignment it offers exposure to a booming industry with a regulatory catalyst. The FY 2018 results disappointed the market somewhat; however, these were for the period ending 31 March and so do not take into account any of the progress since then.
With respect to its latest cash needs, Falanx re-iterated last week that it has “sufficient resources and facitilies to meet its current plans” – including the roll-out of the Solarwinds partnership.