Interim Results

28 Sep 2020 – London, UK – Crossword Cybersecurity Plc (AIM:CCS, “Crossword”, the “Company” or the “Group”), the technology commercialisation company focused solely on cyber security and risk, today announces its unaudited interim results for the 6 months ended 30 June 2020.

Financial Highlights:

1. Total revenue increased by 18% to £674,008.

2. Orders received for Rizikon Assurance during the period were 41% higher than those received in the same period last year.

3. The number of Rizikon opportunities continued to grow in the period.

4. Product and Consulting revenue increased by 43% over the same period in the prior year.

5. Consulting recurring revenue more than doubled over the same period in the prior year.

6. Total comprehensive loss for the period was £1,393,193, an increase of £315,598 over the same period in the prior year.

7. Cash and Cash Equivalents at 30 June 2020 was £1,550,317.

Operational Highlights:

1. Sean Arrowsmith joined Crossword as Group Sales Director, strengthening the leadership team. Additionally, Dr Robert Coles took on the role as Non-Executive Chair of Crossword Consulting Ltd, the Group’s consulting subsidiary.

2. Crossword completed £1m equity fundraise through a placing and subscription of Crossword Ordinary Shares at a price of 230 pence per share.

3. Crossword had some notable client wins, including Cammell Laird, one of the most famous names in British industry, and Barron McCann, the IT Services company.

4. In Q2 2020, Crossword began collaborating with leading security reseller and managed security services provider Satisnet Limited, on the provision of third party assurance technology to its clients, as part of the expansion of Crossword’s partner programme.

5. Crossword’s cyber security consulting division continued to grow in a range of high-profile sectors including legal, insurance and financial services.

6. Rizikon Pro, launched post-period, is showing very positive early signs with substantially shorter sales cycle, in some cases as low as 4 weeks, from the typical 6-18 months. Conversion from trials to commitments is very high, running at around 50% at this early stage. This all points towards a material breakthrough in our Rizikon sales strategy.

7. .

COVID-19

1. Our flexible approach enabled us to quickly and effectively implement remote working, before it was mandated, with minimal impact on clients and sales activity.

2. Costs have been closely monitored and managed throughout this time of increased uncertainty in order to be prudent, with a hiring freeze in place, some redundancies and careful management of any discretionary spending.

3. Crossword issued guidance for businesses on how to address some of the most common security concerns for employees when working from home. The advice was made widely available as many of Crossword’s clients mobilised to keep their businesses running as normally as possible whilst adhering to UK Government and Public Health advice designed to control the spread of the COVID-19 virus.

Outlook:

1. and a loss before tax in line with current market expectations. Product and Consulting revenue is expected to growth by at least 35% over 2019. Crossword is dependent on the outcome of several large bids, including 2 multi-million pound opportunities, that are currently in progress, to deliver on market expectations for revenue for the full year. We therefore feel it prudent not to issue more detailed forward guidance until more clarity arises.

2. Software and process development in the first half of 2020 culminated in the launch of Rizikon Pro post period, on 16 July 2020. Rizikon Pro is an out-of-the-box, online SaaS solution, offered on a pay-as-you-go basis, giving smaller and medium sized organisations access to a set of core easy-to-use supplier assurance platform features, at a lower cost.

3. Crossword launched a series of webinars which cover topics from ‘the focus of the CISO in two years time’, a ‘live demo of a real world stuffing attack’ and ‘Diversity in the Cyber Security and Technology Industry’ hosted by Tom Ilube, Crossword’s CEO, which was attended by an audience of more than 400 people.

– Ends –

The information contained within this announcement is deemed to constitute inside information as stipulated under the Market Abuse Regulations (EU) No. 596/2014. Upon the publication of this announcement, this inside information is now considered to be in the public domain.

Contacts

Crossword Cybersecurity plc – Tel: +44 (0) 20 3953 8460

Email: info@crosswordcybersecurity.com

Tom Ilube, Chief Executive Officer

Mary Dowd, Finance Director

Grant Thornton (Nominated Adviser) – Tel: +44 (0) 20 7383 5100

Colin Aaronson / Jamie Barklem /Niall McDonald

Hybridan LLP (Broker) – Tel: +44 (0)203 764 2341

Claire Louise Noyce

About Crossword Cybersecurity plc

Crossword Cybersecurity plc focuses on the development and commercialisation of university research-based cyber security and risk management related software and cyber security consulting. The Group’s specialist cyber security product development and software engineering teams work with its university partners to develop the research concept into a fully-fledged commercial product that it will then take to market. The Group’s aim is to build up a portfolio of revenue generating, intellectual property based, cyber security products. Rizikon Assurance, Crossword’s leading product, is a SaaS platform that enables medium to large companies to assess and manage all risks from their suppliers. Nixer CyberML, Crossword’s most recently launched product, is a new tool for businesses that want to solve advanced security and cybercrime problems, such as detecting and dealing with compromised accounts, fraud, and in-application denial of service attacks. Crossword’s team of expert cyber security consultants leverages years of experience in national security, defence and commercial cyber intelligence and operations to provide bespoke advice tailored to its clients’ business needs.

For media enquiries contact:

Duncan Gurney, GingerPR

duncan@gingerpr.co.uk, 01932 485 300

Chief Executive Officer’s review

Crossword Cybersecurity plc (“Crossword” or “the Company”) weathered the first half of 2020 in good shape as the global pandemic hit, despite the UK economy experiencing its sharpest downturn in living memory. The Company took cost action early and adjusted quickly to working remotely.

Crossword continued to focus on recurring product and consulting revenue. In the first half of 2020, orders received for Rizikon Assurance increased by 41% compared to the same period in 2019. With several large bids awaiting decisions and some signs of gradual recovery, Crossword is hopeful of achieving further growth in the second half of the year. But this depends crucially on winning the major bids underway. In the period under review, Group revenue grew by 18% compared with H1 2019, with product and consulting revenue growing 43% over the comparative period with planned reduction in revenues from software development.

The continuing growth in cyber security incidents drives demand for Crossword’s products. Whilst discretionary spend has been cut back by many organisations, there are aspects of cyber security that are not discretionary, and investment continues in these areas. The UK Government highlighted the increasing importance of cyber security to organisations, reporting that eight in ten businesses say that cyber security is a high priority for their senior management boards (80%, up from 69% in 2016). Among the 46% of businesses that took part in a survey from the UK Government, completed in March 2020, that identify breaches or attacks, one in five (19%) have experienced a material outcome, losing money or data. Recent high profile breaches reported by Security Boulevard, such as Twitter, in July 2020, where accounts of high profile US personalities were hacked, and Zoom, in April 2020, “500,000 stolen Zoom passwords available for sale in dark web crime forums”, highlight that companies need to respond to an evolving threat.

Rizikon Assurance, our Software as a Service (SaaS) supplier risk assessment platform based on a recurring revenue model, addresses supply chain risks. The Business Continuity Institute’s report states that cyber-attacks and data breaches were the source of 26.7% of supply chain outages and disruptions, and 62% of respondents rate such supply chain risks as their primary concern for the coming year. Supply chain outages cost businesses real money. 13% of businesses in a recent report said that supply chain disruption costs them €1m or more. Rizikon directly helps mitigate these risks.

Software and process development in the first half of 2020 culminated in the launch of Rizikon Pro post period, on 16 July 2020. Rizikon Pro is an out-of-the-box, online SaaS solution, offered on a pay-as-you-go basis, giving smaller and medium sized organisations access to a set of core easy-to-use supplier assurance platform features, at a lower cost. Modules can be chosen according to need, meaning customers only pay for the features they use, and can be expanded as required. Crossword has seen an immediate uplift in the number of engagements with clients and prospects and a substantial reduction in the sales cycle with some deals being signed within 4 to 8 weeks versus the typical 6-18 month sales cycle. Most promising at this early stage is the proportion of Rizikon Pro trials converting into commitments, which is currently running at about 50%. This indicates that once we can get Rizikon Pro into the hands of clients on a mass market scale we may be able to drive significant take up. We see this new sales model as representing a significant breakthrough for our Rizikon sales effort and we expect this to be reflected in total Rizikon user numbers over the coming months and year.

Crossword continues to demonstrate Rizikon Assurance’s value within large and complex enterprises, with some notable client wins, including Cammell Laird, one of the most famous names in British industry, and Barron McCann, the IT Services company. In Q2 2020, Crossword began collaborating with leading security reseller and managed security services provider Satisnet Limited, on the provision of third party assurance technology to its clients, as part of the expansion of Crossword’s partner programme, which includes Leonardo MW, the global aerospace, defence and security contractor and NCC Group, the leading information assurance group.

We have been working on our second product, Nixer, with Imperial College London with a focus on identifying attack tools such as credential stuffing using machine learning techniques. We introduced the new, machine learning version of Nixer to prospective clients at the end of 2019 and have been hosting a series of Webinars on credential stuffing attacks to prospective clients which are being very well received.

Crossword’s Consulting division has been going from strength to strength under Stuart Jubb’s leadership, building a strong franchise in insurance, legal and financial services sectors in particular. Since the Consulting division launched its vCISO service (virtual Chief Information Security Officer), it has secured a number of high value, multi-year contracts, which will deliver recurring revenue through to 2022. vCISO is a virtual/remote CISO (Chief Information Security Officer) service, provided by Crossword Consulting cyber security experts at a fraction of the cost of an in-house CISO. Dr Robert Coles took on the role of Chair of Crossword’s Consulting division in addition to chairing Crossword’s Advisory Board. Robert was lead partner for KPMG’s Information Security consulting business prior to becoming CISO of GlaxoSmithKline.

On the corporate front, Crossword completed a £1m equity fundraise in April 2020 through a placing and subscription of Crossword Ordinary Shares at a price of 230 pence per share.

Outlook

Cash at 31 August was £1,313k.  Trading since the period end has continued to be encouraging. However, with the end of the furlough scheme likely to have widespread impact across the business sector and the shape of the economic recovery still unpredictable, the second half of 2020 is difficult to forecast. Continuing to convert pipeline into revenue, the Board is confident of achieving at least 25% revenue growth over 2019, for the year as a whole, and a loss before tax in line with current market expectations.  Crossword is dependent on the outcome of several large bids that are currently in progress to deliver on market expectations for the full year.  We therefore feel it prudent not to issue more detailed forward guidance until more clarity arises.

Notes to the Financial Information

The group and its operations

Crossword Cybersecurity plc (the “Company”) is a company incorporated on 6 March 2014 in the United Kingdom under the Companies Act 2006. The Company is the parent company of the Crossword group of Companies focusing on the cybersecurity sector. The principle activities are the development and commercialisation of university research-based cyber security related software and cybersecurity consulting.

The financial information includes the results of the Company and its subsidiaries (together referred to as the “Group” and individually as “Group entities”.

Basis of preparation of financial information

The financial information has been prepared in accordance with the requirements of the London Stock Exchange plc AIM Rules for Companies (“AIM Rules”) and in accordance with International Financial Reporting Standards (“IFRS”) and IFRS Interpretations Committee (“IFRS IC”) interpretations as adopted by the European Union and the Companies Act 2006 applicable to companies reporting under IFRS. As permitted, this Half Yearly Financial Report has been prepared in accordance with the AIM Rules and not in accordance with IAS 34 ‘Interim Financial Reporting’.

The financial information has been prepared on the historical cost basis. The preparation of financial information in conformity with IFRS requires the use of certain critical accounting estimates. It also requires management to exercise its judgement in the process of applying the Group’s accounting policies. Changes in assumptions may have a significant impact on the financial information in the year the assumptions changed. Management believes that the underlying assumptions are appropriate.

The financial information does not comprise statutory accounts within the meaning of section 435 of the Companies Act 2006. The financial information together with the comparative information for the six months ended 30 June 2019 are unaudited with the audited information included for the 12 month period ended 31 December 2019. The audited information received an audit report which was unqualified and did not include a statement under section 498(2) or section 498(3) of the Companies Act 2006.

The financial information was approved by the Board of Directors on 24 September 2020 and authorised for issue on 25 September 2020.

The accounting policies used in the preparation of the financial information for the six months ended 30 June 2020 are in accordance with the recognition and measurement criteria of the International Financial Reporting Standards as adopted by the European Union (‘IFRS’) and are consistent with those which will be adopted in the annual financial statements for year ending 31 December 2020.

These Interim Financial Statements have been prepared in accordance with the accounting policies, methods of computation and presentation adopted in the financial statements for the year ended 31 December 2019.

After making enquiries, the directors have concluded that under current fund raising plans, the Group has adequate resources to continue operational existence for the foreseeable future. The Company is presently reviewing fundraising options with a view to raising additional funds in the first half of 2021, which will be required to sustain the Company’s current trajectory and continued growth. The Group could scale back and carry on at a low level activity with low or even no growth and in that scenario it would not need to raise cash in the short term. Accordingly, they continue to adopt the going concern basis in preparing the half-yearly consolidated unaudited financial statements.

Basis of consolidation

Subsidiaries are fully consolidated from the date on which control is transferred to the Group. Control exists when then the Group has the power, directly or indirectly, to govern the financial and operating policies of an entity so as to obtain benefits from its activities.

The purchase method of accounting is used to account for the acquisition of subsidiaries by the Group.

All intra-group transactions, balances, income and expenses are eliminated on consolidation. Uniform accounting policies are applied by the Group entities to ensure consistency.

Revenue

Revenue comprises the fair value of consideration received or receivable for licence income and the rendering of services in the ordinary course of the Group’s activities. Revenue is shown net of value added tax and trade discounts. Income is reported as follows:

(a) Licence income

Technology and product licensing revenue represents amounts earned for licenses granted under licensing agreements, including up-front payments. Revenues relating to up-front payments are recognised when the obligations related to the revenues have been completed.

Revenues for maintenance and support services are recognised in the accounting periods in which the services are rendered.

(b) Rendering of Services

Services relate to implementation and deployment fees for the technology and products licensed to customers. Revenue is recognised in the accounting periods in which the services are rendered.

Revenue and segmental information

An analysis of the Group’s revenue for each period for its continuing operations, is as follows:

The IFRS 8 Operating segments requires the Group to determine its operating segments based on information which is provided internally. Based on the internal reporting information and management structures within the Group, it has been determined that there are two geographic operating segments (UK and Poland) supported by one centralised cost segment (UK and Poland) and one revenue segment (UK). Reporting on this basis is reviewed by the Board of directors which is the chief operating decision-maker and is responsible for the strategic decision-making of the Group.

No analysis of net assets by geographic segment is provided as the net assets are principally all within the UK.

Share Options

27,500 share options were issued by Crossword Cybersecurity plc in June 2020. Total options issued amount to 193,889 as at 30 June 2020. The fair value of these share options is calculated by the Company using the binomial option valuation model. The expense, where material, is recognised on a straight-line basis over the period from the date of award to the date of vesting, based on the Company’s best estimate of the number of shares that will eventually vest.

Earnings and diluted Earnings per Share

Earnings per share is calculated by dividing the loss for the period attributable to ordinary equity shareholders of the parent by the weighted average number of ordinary shares outstanding during the year. During the period the calculation was based on the loss for the year of £1,397,047 (full year 2019: £2,095,570) divided by the weighted average number of ordinary shares of 4,855,919 (full year 2019: 4,679,965). Diluted earnings per share is calculated by dividing the loss of the year by the weighted average number of ordinary shares outstanding during the year plus unexercised share based payments. The weighted average number of ordinary shares used in the calculation of diluted earnings per share was 5,370,641 (2019: 5,190,283).