WithSecure as an investment

2023-2024 hasn’t been particularly great for companies.

Our revenue dropped to half of what it was in 2022. From here, it’ll start growing again in 2025.

In that sense, WithSecure has done quite well. Growth is small, but still staying on the positive side for 2024… in times like these.

Once this economic cycle turns positive, which it has already started to do, WithSecure will follow, just like the others.

2025 is just around the corner and guidances for many are starting to head towards the major key (positive side).

Let’s hope it hits the upper end of the new guidance; then it’ll almost hit the range of the previous guidance.

I wouldn’t panic even if I had more shares tied up in this.

Yeah, I wouldn’t start panicking based on that guidance yet either, and EBITDA is expected to be positive. Could this even be an opportunity to strike, now that the stock took a bit of a plunge and divestment news is still on the way…

The profit warning mentioned losses of major customers in managed services. WithSecure lost some large clients last year, but it’s hard to say if these are the same previous customer losses. In those managed services, contract sizes can be in the millions, but the company’s focus nowadays is on the so-called mid-market. In the previous update, Atte expected 11% revenue growth for cloud-based products, and the new guidance midpoint is at the 10% level.

The profit warning wasn’t major, but it erodes confidence, and forecasts for the coming years will likely need to be lowered slightly as the growth trajectory of annual billing for cloud-based products is declining.

Growth is slowing, and based on the midpoint of the guidance, revenue would grow by 3.5%, whereas Inderes expected 5.6% growth. Furthermore, Atte correctly anticipated the profit warning. Now that WithSecure’s software business is seeing low single-digit growth, the company seems—to quote Vesa-Matti Loiri’s lyrics—doomed to walk in a stagnant state with EV/S multiples of 1x.

The background information behind this profit warning is significantly more worrying than the numerical guidance downgrade itself. It is incredibly difficult for WS to acquire more of those large managed customers because competition is extremely fierce and, as I see it, WS is not very competitive in this area either; large customers want a broad portfolio of products that WS simply cannot offer.

If I had to guess, WS will be sold to a larger player or even to PE (Private Equity) by the end of next year; the board and major owners are starting to realize the harsh reality of the situation, and the game is getting tougher all the time. Their own product requires massive investments constantly, while competitors 10-20x larger are ramping up the pressure in the field.

But if WithSecure were sold to a larger player, I believe it would only be good for us retail investors, or what is your estimate for what the offer per share would be?

Well, it would certainly require a premium, but how big—I can’t say, 30%?

I just find it so hard to see how WS could succeed, following the industry as closely as I do; maybe the DACH market and Southern Europe can drive growth because the requirements there are less stringent than in Finland/the Nordics.

Large managed accounts are also the ones to whom it’s easier to sell consulting and high-margin value-added services; when those customers leave, the loss hits in several ways. A 100-person shop doesn’t buy much of those services compared to a 1,000-customer outfit.

I share the same sales assumption. Whether the sale of WS happens during next year, time will tell. But on that assumption, I’m staying on board and buying small lots as my financial situation allows. Small growth and the improvement in results over time is positive, though.

I see it as natural that as the strategy focuses on the midmarket, something is lost.

It is also natural that something is added, which the current failure to meet forecasts does not fully represent under these challenging conditions… And I am not even surprised by this; there was certainly a hope that we could stay within the set range this year.

Things turned out differently; as in many other sectors, the slump has lasted longer than anticipated.

The midmarket strategy was chosen during challenging times; it is unlikely that its background was ever intended as a short-term plan.

It will mature over those years as planned, and that strategy is by no means intended for 2024.

Signs of recovery are starting to bloom across various sectors, and the first signs of growth in order backlogs have already been seen in European industry.

For our outfit as well, we are already seeing 50% growth for 2025, albeit compared to the 2024 dip. 2026 is already seen at the same level as the 2022 peak year.

Companies recover, that’s just how it goes. That is when the ground lost or missed forecasts are caught up, and the strategy bears fruit.

WithSecure has good products for the right market; purchasing power is just on hold for now, and for good reason. WS is not losing its competitiveness; I personally just don’t see it. I won’t let the European economic situation distract from the long-term plan’s successful strategy. You can’t see far with a short nose.

Actually, right now WS has relatively good conditions because it is clearly more affordable than, for example, Microsoft’s advanced solutions. What happens when companies have more money to invest in cybersecurity again?

This links quite well with companies’ upcoming cost down projects that are already on the horizon. This is already in the project scopes of some companies.

Savings are being sought; for example, materials or other services are sourced more cheaply and new contracts are signed.

Covid caused a massive spike and also a correction. During the spike, price didn’t matter; everything available was taken and things “went well.” Now the situation is the opposite: they want it cheaper.

Europe and demand now and in the near future require lower prices. WS is in a key position here as one service, because the quality is good while the cost is lower. It fits the strategy like a bullseye.

All of this leads even further in a direction where inflation just keeps falling and the risks grow that policy rates will unfortunately return to zero, which isn’t healthy either.

During cost down projects, companies don’t look for more expensive cybersecurity services. These projects have already started from the end of the supply chains, where cost down projects and breakdowns are demanded from the entire chain all the way to the beginning.

A takeover bid for WithSecure might come, but since the situation is, in my eyes, quite deliciously favorable for WS, I wouldn’t necessarily even accept the offer.

Of course, I don’t have a crystal ball, but this is what my nose tells me.

For now, uncertain inflation risks remain these global posturings and little boys squabbling over different plots of land etc., including oil, which will either end in WW3 or not.

Industry is moving away from China: Taiwan, Vietnam, and Europe. Demand will come from there too, which must be implemented more cheaply and competitively. One won’t choose expensive cybersecurity services, at least in the case of Europe, to burden competitiveness. You just can’t, if you intend to compete with China on price.

Well, I completely disagree with this. WS is missing a lot of what competitors have, or it is less well executed. And some competitors are encroaching on WS’s territory with their pricing.

I see this race as an elimination game where the chances of succeeding are to focus on a niche area that can be acquired separately, act as a broad “full stack” player with solutions for all areas, or remain a pure low-cost product with a limited offering and scrape by there.

What cybersecurity companies have to offer in the short term is, in a way, irrelevant. (And yet, it isn’t.)

The only thing that will “matter” in the coming years is which cyber services deliver value to different companies, which ones don’t, and what kind of value. The WS service is comprehensive enough, and of course, missing valuable services can be launched.

In cost-reduction projects, services and components that provide less value are cut because you can survive without them. However, everyone must secure their own competitiveness and profitability.

“Niche” sounds exactly like what it will be, albeit very much in the top corner and bordering on visionary territory.

They are unlikely to break into the “Leader” side, but a solid, profitable, and productive European foothold is perhaps the area they can achieve.

I don’t see it as a weakness that WithSecure is missing something others have; it’s the current strategy and a choice.

Of course, other competitors will challenge WS on price; the competition is fierce. Every niche/visionary cybersecurity company is likely in the exact same situation.

WithSecure will no more become a global market leader than Pirkko’s local grill will.
But Pirkko makes good burgers, and there’s enough demand and growth in her own area for a quite favorable future.

Nordea maintains its buy recommendation and lowers the target price to 1.40 (prev. 1.50). This info from Nordea was spotted in Kauppalehti.
On OP’s side, only a Q3 preview was published on Friday, which does not yet include information on the negative profit warning.

And here is Inderes:

Target price 1.15 and Accumulate. (Prev. Accumulate and 1.30)

Here are the charts from that recent profit warning update/Q3 preview, showing the revenue distribution:

Locally managed products have long been a drag, as WithSecure seeks to migrate these customers to cloud products. Additionally, consulting (2024e 22% of revenue) has developed softly in recent years.

@Iikka’s comment from the day before yesterday aligns well with my own thoughts regarding WithSecure. Unless the growth rate can be revived, the low revenue multiple will not recover sustainably from those levels. But now is indeed the time for the company to prove itself and put things back on an accelerating track next year; by then, a pickup in the market situation could also provide some tailwind. At the moment, it feels that if the company provides guidance predicting accelerating growth in connection with the financial statements, the market is unlikely to accept it without question after several guidance cuts in recent years. Evidence of acceleration is therefore needed in future quarterly reports so that confidence in the growth recovery can begin to strengthen..

Positive signals are starting to emerge from the industrial sector, though the trend seems to be from Q1 2025 onwards. Q4 2024 is still seen as quite flat for Europe; no positive recovery is visible for the final quarter.

In the Netherlands, things are already picking up speed, while in Germany, it’s still dragging on a bit.

Therefore, we set off with cautious positivity starting right from the beginning of next year. Despite profit warnings still being issued for a short while longer, WithSecure, like others, has good opportunities to get involved in the recovering economy from the start of next year.

It’s just great to see that the bottom has been reached; the journey is now upward.

Light in the gloom, then; let’s hope for good signals from the interim report as well. I’m sure they’ll share some small signals about next year already—at least it would be good if they did.

I don’t follow the company, but it sounds significant, given the market cap is 145 million: WithSecure Oyj, Sisäpiiritieto: Konsultointiin liittyvän liikearvon alaskirjaus 15,5 miljoonaa euroa | Kauppalehti

As part of the preparation for the third-quarter interim report, WithSecure tested the carrying amounts of intangible assets and goodwill. As a result of the testing, a goodwill impairment of 15.5 million euros related to cybersecurity consulting was recorded, which is included in the result for the third-quarter interim report. The entry has no impact on WithSecure’s cash flow or adjusted EBITDA.

The goodwill related to consulting has arisen from the following acquisitions: nSense (Denmark) in 2015, Inverse Path (Italy) in 2017, Digital Assurance (United Kingdom) in 2017, and MWR Infosecurity (United Kingdom) in 2018.

In 2024, WithSecure lowered the revenue forecast for consulting due to financial constraints observed in some key customer accounts. At the same time, the elevated risk level in the stock market has increased the weighted average cost of capital used to estimate the present value of the business’s future cash flows.

The carrying amount of goodwill related to cybersecurity consulting after the write-down is 28.7 million euros.

Juha Varis and write-down

Could it be that we’ll get divestment news about the consulting business tomorrow? Wasn’t Atte’s estimate also that they could get around 30 million from consulting, and that value would fit quite well? What do others think?

Annual recurring revenue for cloud-based Elements products and services decreased by 1% compared to the previous quarter

@Atte_Riikola is there a reasonable explanation for this? If not, it’s quite a big red flag.

Here are the first takes on the WithSecure report:

It’s positive that the profitability turnaround in the core business (Elements) is progressing well, and the figures in the CPSF business also developed strongly after several soft quarters.

Consulting continues to struggle, and hopefully, this business can be divested as soon as possible. According to the company, discussions have continued actively. The write-down in consulting is not dramatic for the stock, as significantly more value than that has already evaporated from the company’s market cap earlier, and in our sum-of-the-parts valuation, consulting was valued at approximately EUR 20-27 million (goodwill remaining on the balance sheet is EUR 28.7 million). The write-down speaks more to past mistakes, where the consulting business was acquired at far too high a valuation relative to the actual performance of the business.

From the perspective of the stock, growth needs to be accelerated to close the valuation gap. The weak development of the German market was already mentioned in connection with the profit warning, and at least for now, economic forecasts do not predict particularly rosy developments for next year either, which is one challenge for growth..