Earnings Call Transcript
Radware Ltd (RDWR)
Earnings Call Transcript - RDWR Q1 2023
Operator, Operator
Ladies and gentlemen, welcome to the Radware Conference Call discussing First Quarter 2023 Results and thank you all for holding. Today's conference is being recorded, and all lines have been placed on mute to prevent any background noise. After the speaker's remarks, there will be a question-and-answer session. Thank you. And I would now like to turn the call over to Yisca Erez, Director of Investor Relations at Radware. Please go ahead.
Yisca Erez, Director of Investor Relations
Thank you, Avi. Good morning, everyone, and welcome to Radware's first quarter 2023 earnings conference call. Joining me today are Roy Zisapel, President and Chief Executive Officer; and Guy Avidan, Chief Financial Officer. A copy of today's press release and financial statements, as well as the investor kit for the first quarter, are available in the Investor Relations section of our website. During today's call, we may make projections or other forward-looking statements regarding future events or the future financial performance of the company. These forward-looking statements are subject to various risks and uncertainties, and actual results could differ materially from Radware's current forecast and estimates. Factors that could cause or contribute to such differences include but are not limited to the impact from the changing or severe global economic conditions, the COVID-19 pandemic, general business conditions and our ability to address changes in our industry, changes in demand for products, the timing in the amount of orders and other risks, differences from time to time in Radware's filings. We refer you to the documents the company files and furnishes from time to time with the SEC, specifically the company's last annual report on Form 20-F as of March 30, 2023. We undertake no commitment to revise or update any forward-looking statements in order to reflect events or circumstances after the date of such statement is made. I will now turn the call to Roy Zisapel.
Roy Zisapel, President and CEO
Thank you, Yisca, and thank you all for joining us today. We ended the first quarter of 2023 with revenue of $69 million and earnings per share of $0.14. The macro challenges that we experienced in the first quarter were stronger and broader than in previous quarters. These challenges translated into longer sales cycles, more cautious spending and closing delays across all regions. Despite that, we saw strong cloud security bookings, and our cloud ARR grew 21% year-over-year, in line with Q4 2022 growth rate, highlighting the strength of our offering and the critical nature of our solutions. While the macro environment is creating business challenges, organizations remain under pressure as they face more frequent and more complex cyber-attacks. Attacks accelerated during the first four months of the year. There were significant attack campaigns against the U.S. healthcare sector, the Canadian government, Australian ports and government websites, Israeli government and banks, as well as airlines and airports in Scandinavia, to name a few. Russia's invasion of Ukraine has ushered in a whole new wave of activism that is generally bolder and more determined than ever before. Any organization, independent of size and industry, can become a target for activists who desire to advance their cause. According to our recent Threat Intelligence Report, three activist groups claimed responsibility for more than 60% of DDoS attacks between February and April. As a result of the escalation in attacks and downtime in enterprise networks, we saw multiple emergency onboarding to our cloud platform by organizations under attack. We estimate that many of the companies that were onboarded under attack during the first quarter will convert into longer-term customer contracts. It's clear that so-called good enough security is not good at all. You need best-of-breed security, and Radware, by any technical and analyst evaluation, is best-of-breed. We believe that while security purchasing decisions might be delayed, they cannot be ignored indefinitely without creating added business risk and exposure. This, combined with the operational and cost benefits that our fully managed cloud security solution offers, continues to give us confidence in our positioning and long-term growth prospects. Just last week, I attended the RSA conference. Compared to 2022, we saw a significant increase in customer activity. We believe this is one more indicator that the increase in cyber-attacks is driving a critical business need and causing organizations to rethink and reprioritize security spending despite budget scrutiny. Consistent with the strategy that we shared during our Investor Day in February, we have continued to focus on transitioning our business to a subscription-based model and doubling down on our cloud security offerings. During the first quarter, subscription booking crossed for the first time, 50% of our total bookings, highlighting our progress. Furthermore, we are pleased to report a strong cloud security business. We recorded close to 30% year-over-year growth in cloud total bookings, strong growth in the total number of cloud customers, many of which were mid-sized enterprises. And in addition, as I highlighted before, we saw 21% growth year-over-year in cloud ARR. Our cloud performance was backed by several major wins. For example, we signed a $1 million cloud DDoS deal with a world leader in data center design and operation. The company was hit by several large attacks that resulted in downtime for its largest customers, triggering this deal. We also won the cloud application of a major digital entertainment services provider in the Americas. The customer was faced with both attacks and technical issues while dealing with an incumbent provider. Our proof of concept demonstrated our superior cloud security solution. On the product front, we announced major new product launches. For instance, we released new algorithms to mitigate web DDoS attacks, a new AI algorithm that automatically detects false positives and false negatives and supervises our cloud systems. We strongly believe our algorithms are an important competitive differentiator and are in lockstep with what customers need in order to withstand the type of attacks we are seeing today. In addition, we rolled out our new best-of-suite offering for cloud application protection, which delivers seamless 360-degree application protection from the user's browser to the application. This best-of-suite offering includes Cloud DDoS protection, Cloud WAF services, API, and bot management, and it also includes our newly introduced client-side protection solution, which secures the less protected and further monitored client-side supply chain. During the first quarter, we also introduced our next-generation DDoS mitigators, DefensePro X and Radware Cyber Controller, a new state-of-the-art management, security operation, and orchestration system. Together, this next-generation solution combines industry-leading performance with enriched usability and visibility to defend against encrypted attacks and application layer DDoS attacks in real-time. This is a major advancement in on-premise DDoS protection, which was traditionally focused on just mitigating network effects. DefensePro X uses our hardware mitigation engine rather than internally developed high-capacity security FPGA. Leveraging the HME, DefensePro X is the fastest and most scalable mitigation platform in the market today. Its superior performance and scale provide us with a long-term competitive advantage. Our state-of-the-art solutions continue to earn industry recognition in the first quarter. Our API discovery solution and SecurePass architecture won the gold Cybersecurity Excellence Award for innovation and leadership in application security. SecurePass also received honors when it was named a gold winner in the 2023 Global Cybersecurity Awards for its innovative approach in ensuring security in the digital age. In closing, while we experienced strong macro headwinds, we believe that the slowdown is temporary. We are confident that organizations will have to resume investments in real-time attack mitigation and cyber protection regardless of the environment. In order to capitalize on future opportunities and to be the natural cybersecurity provider of choice for organizations, we are determined to grow a strong and sustainable business with a core focus on our fully managed cloud security offerings. We remain mindful of the macro environment and disciplined in our expense management so that we can deliver profitable growth. With that, I will now turn the call over to Guy.
Guy Avidan, Chief Financial Officer
Thank you, Roy, and good day, everyone. I'm pleased to provide the analysis of our financial results and business performance for the first quarter of 2023 as well as our outlook for the second quarter of 2023. Before beginning the financial overview, I would like to remind you that unless otherwise indicated, all financial results are non-GAAP. A full reconciliation of our results on a GAAP and non-GAAP basis is available in the earnings press release issued earlier today and on the Investors section of our website. First quarter 2023 revenues declined 6% year-over-year to $69 million compared to $73.7 million in the same period of last year. The decline in revenue was on the back of the ongoing and increased macroeconomic environment that we have experienced since the second quarter of last year, which intensified in the first quarter of this year. The impact of the macro environment is still evident in an elongated sales cycle, budget scrutiny and extended multiphase deployments. As Roy said, and as we are witnessing for some time, levels of attacks are growing consistently in the last few years. However, these attacks are not fully expressed yet in the demand of organizations for our cyber solution due to budget cuts as a result of macro uncertainties. Despite the macro headwind, our cloud business was strong in the first quarter. Cloud ARR in the first quarter of 2023 grew 21% year-over-year, similar to the growth in the fourth quarter of 2022, and accounted for 27% of total ARR compared to 24% last year. The growth of our cloud business is also reflected in our recurring revenues and increased from 68% in Q1 2022 to 73% in Q1 2023. As we highlighted in our Investor Day in February this year, we are focused on scaling our cloud business and accelerating its growth to improve visibility and profitability. On a regional breakdown, revenue in the Americas in the first quarter of 2023 decreased 8% to $27 million compared to Q1 2022. On a trailing 12-month basis, America's revenue decreased by 2%. We are working on multiple fronts to improve our execution in the U.S., as we highlighted in the Investor Day. We are expanding our relationship with OEMs, building the mid-sized market infrastructure, and applying sales force changes. We believe that these actions will lead to an improvement in performance by the end of the year. EMEA revenue in the first quarter increased 6% compared to Q1 2022 to $30 million and was flat on a trailing 12-month basis. APAC revenue in the first quarter of 2023 was $12 million compared to $16 million in the same period of last year, representing a 24% decrease year-over-year and a 3% decrease on a trailing 12-month basis. Americas accounted for 39% of total revenues. In the first quarter, EMEA accounted for 43% of total revenue, and APAC accounted for the remaining 18% of total revenue in the first quarter. I'll now discuss profits and expenses. Gross margin in Q1 2023 was 82.3% compared to 83.2% in the same period in 2022. The change in gross margin is related mainly to higher costs related to recently launched cloud security centers and economies of scale. During this time of market challenges, Radware is mindful of its expenses and is agile to adjust the cost structure as needed. Our flexible structure and ability to align expenses with the changing market conditions will enable us to come out stronger. We are committed to improving profitability over time. Operating expenses in the first quarter of 2023 were $52.4 million, below our lower end guidance, representing an increase of 1% compared to the same period of 2022 and a 5% decrease compared to Q4 2022. Operating expenses decreased versus Q4 2022, a decrease attributed mainly to a headcount reduction. Financial income grew gradually in the last year. In the first quarter of 2023, financial income was $2.7 million, an increase of $1.9 million from Q1 2022. This increase is attributed to higher interest rates in the market. Net income in the first quarter was $6.1 million compared to $8.8 million in the same period of last year. The average adjusted EBITDA for the first quarter was $6.5 million, which includes a $2.7 million negative impact from the loss. Diluted earnings per share for Q1 2023 was $0.14 compared to $0.19 in Q1 2022. Turning to the cash flow statements and balance sheet. Cash flow from operations in Q1 2023 was negative $1.2 million compared to negative cash flow from operations of $10.5 million in the same period of last year. Cash flow from operations in the first quarter of 2023 was impacted mainly by the increase in trade and other receivables and a decrease in other payables. During the first quarter, we repurchased shares in the amount of approximately $12.7 million out of the $100 million share repurchase plan that we have in place. We ended the first quarter with approximately $419 million in cash, bank deposits, and marketable securities. I'll conclude my remarks with guidance. We believe that the current macroeconomics will remain during 2023. And although we cannot estimate the timing, we believe that our current cash position and agile cost structure will help us come out stronger than others. We expect our revenue for the second quarter of 2023 to be in the range of $68 million to $70 million. We expect Q2 2023 non-GAAP operating expenses to be between $52 million and $54 million. As for Q2 2023, we expect non-GAAP diluted net earnings per share to be between $0.12 and $0.15.
Operator, Operator
Thank you. We will take our first question from Alex Henderson with Needham. Your line is open.
Alex Henderson, Analyst
Great. Thanks so much. Just looking at the guidance for a second. Can you give us some sense of what you think your interest income tax rate will do just to round out the numbers a little bit? Obviously, those have been moving around a little bit.
Roy Zisapel, President and CEO
Yeah. So as mentioned before, we expect the interest rate and financial income to continue to grow based on current interest rates.
Alex Henderson, Analyst
Do you have any guidance for the interest income for Q2?
Roy Zisapel, President and CEO
No, we haven't guided. The only thing we said is that we expect to continue to grow at more or less the same pace as we did in the last quarter. And the tax rate will remain the same as before.
Alex Henderson, Analyst
Okay. And then, if you could just remind us how you're positioned against the FX. Obviously, the shekel is quite weak as a result of the political turmoil there. So how are you positioned on that?
Roy Zisapel, President and CEO
We're hedged for the rest of the year. So new Israeli shekel versus the U.S. dollar, FX should not impact our P&L. That's it. For next year, we're not hedged yet.
Alex Henderson, Analyst
All right. And then going back to the numbers, it looks to me like the U.S. was the particular problem, but it also looks like the problem was heavily skewed to service providers in the quarter. So could you talk a little bit about what's going on with that vertical? Because obviously, it was a big part of the overall decline here and significantly worse than the corporate averages. Is that a function of the shift in the business mix away from what you've traditionally done for them, and therefore, we should expect that to continue and when does that flatten out?
Roy Zisapel, President and CEO
So I think there are several factors. First, we saw overall weakness across the globe. Yes, America was weak, but I can tell you that was our feeling also on the rest of the theaters. Second, we're definitely now more geared, especially with the focus on cloud security, towards enterprises. And I think that you see that over the last several years and also now. And third, I believe that the major weakness was in large CapEx projects. That's where the biggest headwind is. And obviously, carrier deals tend to be larger, tend to be CapEx. Therefore, I think we saw it also there in large magnitude. I think also large enterprise CapEx deals suffered, but this is masked by our cloud performance. So I think internally, there's nothing to cover the reduction in the CapEx deals.
Alex Henderson, Analyst
Just to clarify, when you said weak globally on demand, that was not company-wide, that was a comment about service providers, specifically, right?
Roy Zisapel, President and CEO
So I think company-wide, we...
Alex Henderson, Analyst
So company-wide means globally and also in service provider?
Roy Zisapel, President and CEO
Yes.
Alex Henderson, Analyst
Okay. I see. If I could just ask one more question. As I consider the challenges facing the U.S. business, which is currently experiencing a downturn, I understand there is a reorganization in the go-to-market strategy that should help stabilize the situation eventually. How do you see that progressing throughout the year? When do you anticipate the realignment will start to yield improvements?
Roy Zisapel, President and CEO
From a numbers point of view, we didn't see that in Q1, but from other measures and other KPIs, we do see improvement in the execution in the U.S. We have many KPIs we track before revenues from proof-of-concept to engagements to pipeline and so on. So, all in all, we feel better about the U.S. organization. We feel better about pipeline penetration. I mentioned also the RSA and the customer activity. So while Q1 was difficult, we're actually feeling much better going into Q2 and beyond.
Alex Henderson, Analyst
All right. I’ll see the floor and get back in queue. Thanks.
Roy Zisapel, President and CEO
Thank you, Alex.
Operator, Operator
And we will take our next question from George Notter with Jefferies. Your line is open.
George Notter, Analyst
Hi, guys. Thanks very much. Yeah. I guess I wanted to expand on that. You guys have made a lot of changes, I think, in the sales organization. I know you've changed the compensation plan. You're reorienting folks around more medium-sized enterprise deals and obviously, the cloud products. Could you talk a little bit about what the early returns are there in terms of the new comp plan and the changes you're making? Any more you can tell us would be great.
Roy Zisapel, President and CEO
Okay. So first, obviously, it's early to say, but if I need already to ask you to look at one figure, the booking of subscriptions in Q1, for the first time, crossed 50% of our total bookings. So we definitely saw some of our sellers in growing quantity, focusing on everything that is subscription more than a regular product. So that we are already seeing. I think also very strong pipeline and activity in the cloud as a result of that because we're highlighting not only subscription but cloud security in specific. So all in all, I think we are moving in the right direction. It's aligned with the focus areas we covered in the Analyst Day. We'll see how it's progressing. But so far, I think it's going in the right direction.
George Notter, Analyst
Got it. And then I know you made some changes to the Cisco OEM relationship also. I know that they included Radware in their enterprise-wide license agreements. Can you talk about what you're seeing through that channel?
Roy Zisapel, President and CEO
Yes, it was a very good quarter with Cisco. Beyond record revenues, we are experiencing significant activity in the field. There is a notable increase in deals, engagements, and events. We are now part of Cisco's enterprise agreements, which has led their security team to engage with customers to include our portfolio. We are also working on Turbo accounts to collaborate on large Cisco accounts. Overall, it was a strong quarter with positive momentum, and we have optimistic expectations for the upcoming quarters.
George Notter, Analyst
Got it. At what point do you think that would be a relationship that you might break out for investors, give us a sense for how big that is? Is that on the horizon?
Roy Zisapel, President and CEO
I hope so. We are progressing. We are progressing well. Let's say, as it grows more, we'll determine the right time.
George Notter, Analyst
Okay. Great. Thank you very much, guys.
Roy Zisapel, President and CEO
Thank you, George.
Operator, Operator
We will take our next question from Chris Reimer with Barclays. Your line is open.
Chris Reimer, Analyst
Hi. Thanks for taking my questions. I wonder, if you could touch on the process for onboarding the emergency customers. You said there was an uptick this quarter and a few more of those. Can you just walk us through the process of how they get onboarded, how long they can remain customers until they do become actual customers and what kind of traction do you see in them converting as permanent customers?
Roy Zisapel, President and CEO
Thank you for the question. When we discuss emergency onboarding, we refer to situations where a customer is facing an attack. In such cases, they are likely experiencing downtime with their applications and network. There is typically heavy traffic directed towards their data centers and applications. The onboarding process can be quite rapid, potentially completed in an hour, and we aim to achieve this within several hours. A crucial element is obtaining a letter of authorization from the customer to their ISPs, allowing Radware to operate on the network on their behalf. Once this authorization is received, we can quickly onboard the customer to our network. While we protect them during onboarding, we usually provide a trial period of about a week to ten days for them to experience our service. After this period, we expect to finalize the contract. However, for larger enterprises and certain government entities, the process may take longer due to RFP requirements. Despite this, the key advantages of having onboarded our network and experiencing proven service in real-time significantly benefit the customers. We see conversion times ranging from several days to several months, and it is a sensitive issue. If progress stalls and budget constraints arise, we must assess whether to continue providing service or enhance their experience. Overall, customers in distress situations tend to convert at a high rate, especially given the effectiveness of our solutions in saving them. Recent increases in cyber-attacks since mid-February, particularly in March and April, have created a promising pipeline with a high probability of closing, which is certainly a positive outcome for us.
Chris Reimer, Analyst
Got it. Thanks. That’s really helpful. And just following on your comments around the reorganization in the U.S. and getting to the point where you feel execution is optimal. Looking at the other regions, do you see that execution there is also optimal or might there be a need for reorganization in the other geographical areas as well?
Roy Zisapel, President and CEO
We are not planning any further sales reorganization in the field. Our focus is on improving our go-to-market strategy through initiatives like the compensation plan and aligning with OEMs and mid-sized enterprises. Currently, we do not have plans to restructure the sales organization.
Chris Reimer, Analyst
Got it. Thanks. That’s all for me.
Roy Zisapel, President and CEO
Thank you.
Operator, Operator
We will take a follow-up question from Alex Henderson with Needham. Your line is open.
Alex Henderson, Analyst
If I could return to the question about service providers for a moment. Are you providing services in the security sector to these providers, or is it more related to your traditional business? Could you explain what you're offering and how you categorize these service providers?
Roy Zisapel, President and CEO
Yeah. So I think the three buckets there. First, we're selling the application delivery controller to the carriers, predominantly to their IT and network services organization to load balance and do traffic management for key applications. So that's the first bucket. The second bucket is we sell our high-end mitigation devices to secure the DDoS mitigation devices when they are generally using them on their network to clean DDoS attacks. Those are generally large projects, large CapEx. The third is we are delivering our mitigation devices and our web application firewalls to their MSSP businesses to those carriers that are engaged in the MSSP business, although it obviously depends on the traction with their customers. If they grow and scale it, they will probably purchase more. If not, they would not need more capacity and more solutions. So those are the three buckets that we are engaged with the carriers. I would say that the major headwind is on the first two buckets, the ADC and the large security mitigators. Those are the large CapEx equipment purchased by the carriers.
Alex Henderson, Analyst
Could you give us any sense of what the scaling of these three are? Are these similar sizes or is the ADC business actually the largest piece? How do we think about this scaling?
Roy Zisapel, President and CEO
I think actually, the DDoS mitigation is the largest piece of the network. Also there, I believe they cannot hold those purchases for long because attacks are growing, and the asset that they need is growing. We do see increases in the pipeline in this segment. We just didn't see a lot of purchases that were actually done in the first quarter. But I don't believe they can carry on with this approach for long because it's against the dynamics we see in the market, more capacity, and more attacks.
Alex Henderson, Analyst
I see. Okay. I get the gist of it. Going back to the pipeline comments you made earlier. It sounds like you felt the pipeline was improving, at least in the Cisco piece and somewhat in the U.S. piece. Could you comment on the company-wide pipeline? Is the linearity during the quarter an issue, i.e., the late March timeframe with all the financial debacle cause a perturbation in the closure rates but your pipelines are healthy. What's the flavoring there?
Roy Zisapel, President and CEO
The pipeline is improving. So we feel better about that. I think also the velocity of the pipeline, especially those that I've mentioned that are triggered by attacks, those deals generally are accelerating faster to close. So all in all, I think the quality of the pipeline and the velocity is better. As you pointed out, both America and Cisco are key areas. Cloud, obviously, is a key area and so on.
Alex Henderson, Analyst
Okay. And so again, was there any impact because of the banking issues that happened in March? Did that perturbate the linearity or cause anything to slide out of the quarter that would have stopped what closed normally? Any thoughts on…
Roy Zisapel, President and CEO
I don't know. I don't know how to say. I don't think so, though.
Guy Avidan, Chief Financial Officer
None of the banks that were affected were actually our customers. So there is no direct impact; however, there is some uncertainty in that segment, which is causing longer sales cycles.
Alex Henderson, Analyst
Okay. A lot of companies doing risks. Any thought about maybe doing something more aggressive on the cost side to mitigate some of the pressure on margins? Thanks.
Roy Zisapel, President and CEO
At this point, we don't plan one. We believe we are well positioned. With cloud security and growing subscriptions, we need to maintain our current investment level. Our goal is to continue building a competitive edge on the product side to deliver excellent service to our customers. As mentioned, we view this pause as temporary. The ongoing attacks highlight a significant need, and we aim to support our customers. While we are cautious about expenses, we are confident that profitability will increase as we expand the business and improve our results.
Alex Henderson, Analyst
Great. Thank you so much.
Operator, Operator
And there are no further questions at this time. I will now turn the call back to Mr. Roy Zisapel for closing remarks.
Roy Zisapel, President and CEO
Thank you very much for joining us today, and have a great day.
Operator, Operator
Ladies and gentlemen, this concludes today's conference call and we thank you for your participation. You may now disconnect.