Cohen & Steers Annual Report 2013

Plain-text annual report

FIRST LINE OF DEFENSE Corero Network Security plc Annual Report & Accounts 2013 C o r e r o N e t w o r k S e c u t i r y p c l A n n u a l R e p o r t & A c c o u n t s 2 0 1 3 FIRST LINE OF DEFENSE Registered Ofﬁce Regus House Highbridge Oxford Road Uxbridge Middlesex UB8 1HR Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 65 Advisors Directors Jens Montanana (Non-executive Chairman) Ashley Stephenson (CEO) Andrew Miller (CFO and COO) Richard Last (Non-executive Director) Andrew Lloyd (Non-executive Director) Secretary and Registered Ofﬁce Duncan Swallow Regus House Highbridge Oxford Road Uxbridge Middlesex UB8 1HR Nominated Adviser and Broker FinnCap 60 New Broad Street London EC2M 1JJ Auditor BDO LLP 55 Baker Street London W1U 7EU Solicitors Dorsey and Whitney LLP 199 Bishopsgate London EC2M 3UT FIRST LINE OF DEFENSE Corero Network Security plc (‘Corero’, the ‘Group’ or the ‘Company’) SmartWall™ Threat Defense System Corero Network Security, an organisation’s First Line of Defense® against DDoS (Distributed Denial of Service) attacks and cyber threats, is a pioneer in global network security. Corero products and services provide Online Enterprises, Service Providers, Hosting Providers, and Managed Security Service Providers with an additional layer of security capable of inspecting Internet trafﬁc and enforcing real-time access or monitoring policies designed to match the needs of the protected business. Corero technology enhances any defense-in-depth security architecture with a scalable, ﬂexible and responsive defence against DDoS attacks and cyber threats before they reach the targeted IT infrastructure allowing online services to perform as intended. For more information, visit www.corero.com. Contents Overview 01 Highlights 02 Chairman’s Statement Strategic Report 04 Our performance 06 What we do 08 Why we do it 10 How we do it – Our business model 14 Our strategy for sustainable growth Essential Reads 6-7 WHAT WE DO 8-9 WHY WE DO IT 06 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 07 08 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 09 STRATEGIC REPORT What we do The Corero First Line of Defense products and services stop DDoS attacks and cyber threats OUR TECHNOLOGY A high performance network appliance which is deployed on premises (at the customer or managed location) or in service provider networks. The appliance inspects Internet trafﬁc in real time before it is allowed to pass into the customers protected IT environment to ensure unwanted and malicious Internet trafﬁc is removed. • The Corero Patented Dynamic Threat Assessment technology uses several algorithms including advanced challenge-response techniques to categorise all sources as unknown, trusted, suspicious or malicious based upon their real-time behaviours. • The Corero Request/ Response Behaviour Analysis controls access to downstream devices based upon a source’s “behaviours” which enables enforcement of usage standards on every source IP address which provides detection of application-layer denial of service attacks, as well as other unwanted behaviours and blocks them before they reach the victim devices. • The Corero Protocol Validation Engines inspects all packets of a network and/or application transaction and compares the observed content and characteristics to what is allowed, expected, or required, based upon the protocol speciﬁcations and known implementations, and takes the appropriate real time actions (e.g. detection/blocking) of the violations. • Corero has a real-time reputation engine, ReputationWatch, that provides automated real-time defence against previously identiﬁed DDoS attack sources. In addition, IP address geolocation technology enables enforcement of security policies based on national origin of IP addresses. OUR SERVICES Threat Update Reputation Watch An automated protection update service that provides Corero customers with timely, proactive protection from the latest security threats. The subscription service delivers frequent protection updates and security advisories. These updates include updated vulnerability and attack signatures to provide the most current, effective network threat monitoring. Security advisories, an important aspect of the Threat Update Service, inform customers of newly discovered threats, and recommend any actions that might be necessary to obtain protection against the threat. Enables customers to automatically block malicious IP addresses. Corero continuously receives data feeds from global intelligence across the Internet to determine the current threat status of malicious or suspicious IP addresses. Using IP reputation-based information, ReputationWatch automatically identiﬁes and blocks access from suspicious sites including sources that have participated in DDoS attacks, systems delivering specially crafted denial-of-service exploits, anonymized IP addresses behind proxies, phishing sites, and spam sources. ReputationWatch also allows customers to block or alert on access from countries with which they do not transact business for example by choosing to block or set rate limits on all trafﬁc from a nation or geography. SecureWatch A service which ensures that customers’ First Line of Defense solutions are always up to date, running at optimum performance, and continuously protecting customers’ IT infrastructure against the latest threats. SecureWatch Plus A comprehensive suite of DDoS defence conﬁguration, optimization, 24x7 monitoring and attack mitigation services. These services are customised to meet the security requirements and business goals of each customer. SecureWatch PLUS includes access to experts to assist in the realisation of the desired DDoS defence solution starting with the organisation-speciﬁc implementation, commissioning and testing, continuing with round-the-clock monitoring, and immediate response in the event of a DDoS attack. Corero is dedicated to improving the security of the Internet through the deployment of its innovative First Line of Defense solutions which provide customers with protection against a continuously evolving spectrum of DDoS attacks and cyber threats that have the potential to impact any Internet connected business. STRATEGIC REPORT Why we do it The world in which we operate OUR MARKET $17.9b 2013 worldwide IT security spending will be $17.9 billion Source: IDC Number of companies suffering cyber attacks to steal commercial secrets doubled in 2012-13 Source: Kroll 21% of companies report that DDoS is the most costly form of attack Source: Ponemon Institute Firewalls don’t cut it anymore as a ﬁrst line of defence Source: Network World DDoS protection market to double in period to 2017 (approaching $1 billion) Source: IDC The Internet has transformed the way commercial and public sector organisations do business Organisations today are embracing technology to enhance the productivity of their employees, generate new revenue sources and improve their operating efﬁciency. These technologies include cloud services, mobile computing, online services and social networking. This greater reliance on information technology has signiﬁcantly increased the attack surface within organisations that is vulnerable to potential security attacks. As a result organisations are having to make signiﬁcant investments in IT security to help protect against a myriad of potential threats. The threat landscape has evolved “Cyber attacks are one of the top four threats to our national security and cyber-crime is costing our economy billions of pounds a year. And as businesses and government move more of their operations online, the scope of potential targets will continue to grow. It’s a race: to build sufﬁcient cyber defences to match the growing volume and dependence of our online economic, security and social interests.” UK Cabinet Ofﬁce Minister, Francis Maude Cyber-crime continues to be costly • The average annualised cost of cyber-crime for organisations is $11.6 million per year (an increase of 26% over 2012) • Cyber attacks have become common occurrences – two successful attacks per company per week (an increase of 18% over 2012) • The most costly cyber-crimes are those caused by DDoS, malicious insiders and web-based attacks Source: Ponemon Institute 2013 Cost of Cyber Crime Study Existing security solutions do not protect against next-generation threats Though ﬁrewalls are still a critical and necessary component of any IT network, they are no longer the best type of device to deploy as the network’s ﬁrst line of defence. While ﬁrewalls serve many purposes, they do not have complete Layer 3–7 protection. Attackers know these limitations and have devised attacks that can evade or overwhelm a ﬁrewall, as well as the secondary security devices behind the ﬁrewall, such as intrusion prevention systems. The opportunity for Corero Organisations need to respond to the increased risk presented by the growing number of DDoS attacks and cyber threats – a security device speciﬁcally designed to detect and stop unwanted trafﬁc before it can overrun the IT infrastructure causing performance issues, security exposures and even catastrophic outages. This new ﬁrst line of defence must be able to identify malicious attack trafﬁc even if it mimics legitimate trafﬁc and the true customer communications that businesses want and welcome. The Corero First Line of Defense solution applies industry best practices as well as sophisticated analysis techniques to thoroughly inspect trafﬁc in order to stop DDoS attacks and cyber threats. The Corero solution stops unwanted trafﬁc that slows the infrastructure and frustrates users, and in the process protects the existing infrastructure and enables maximum uptime of business applications. THE COMPETITIVE ENVIRONMENT Corero is a leader in protecting enterprises and public sector organisations against DDoS attacks and cyber threats. We have deﬁned the market for on premises First Line of Defense and have developed the following key competitive advantages that we believe will allow us to extend our leadership position: • Always-on protection that blocks both network-layer ﬂooding attacks, as well as the more difﬁcult to detect, low and slow application-layer attacks. • Granular conﬁguration of security policies in order to allow legitimate trafﬁc to pass while blocking unwanted trafﬁc. • Broad security coverage – Inspection of every packet and every ﬂow (using Deep Packet Inspection) rather that a sample-based approach used by most competitors. • Purpose-built security appliance for high speed trafﬁc inspection using a multi-core processor architecture. • Competitive price-performance resulting in the lowest total cost of ownership for the end user. • Expert security knowledge and technical support provided by Corero’s 24x7 Security Operations Centre. Our next generation product, SmartWall TDS, was launched on 3 February 2014 to address the Internet service provider and hosting provider markets. It adds key features like asymmetric inspection, and multi-tenancy to allow our First Line of Defense solutions to be deployed in service provider networks and hosting data centers as a services-oriented platform. Service providers and hosting providers can now deploy this platform in a modular and scalable fashion to not only protect their own infrastructure but more importantly to roll out revenue generating DDoS protection services to multiple customers. SmartWall TDS extends our current competitive advantages with the following key features: OPPORTUNITIES The awareness of cyber-crime and the impact on businesses (small and large) is increasing with Board room accountability and regulatory focus in certain industries, such as ﬁnancial services. We expect this trend to have a positive impact on our market. Ernst & Young’s Global information Security Survey 2013 reported that 50% of respondents indicate that their budgets will increase anywhere from 5% to 25% or more in the next 12 months, and 14% of spend in the coming 12 months will be on security innovation (emerging technology). KEY MARKET CHALLENGES • Robust security coverage – comprehensive network security protection against layer 3 and layer 4 for both IPv4 and IPv6 trafﬁc. • Industry-leading density, scalability and performance – protection is provided through conﬁgurable access policies with scalability from 10Gbps to 1Tbps in a single rack. • Green, energy-efﬁcient platform – energy-efﬁcient design with front-to-back cooling which fully supports economic and environmental initiatives. • Powerful centralised management for conﬁguring, controlling, and monitoring all SmartWall TDS appliances from a central location. • Flexible deployment conﬁgurations – multiple appliances can be distributed to key control points in the provider network or centrally combined in 1 Rack Unit shelves in various conﬁgurations. • Single solution to deliver comprehensive threat protection, always-on connectivity, and complete visibility with the family of SmartWall appliances. The Corero principal competitors are other DDoS defence equipment manufacturers such as Arbor Networks Inc. and Radware Limited. Corero is targeting a high growth security market; the DDoS market is forecast to grow by 18% (CAGR) in the period 2012 to 2017 (Source: IDC) to $870 million. The existing Corero DDS product is targeted at the enterprise on premises DDoS protection market. The new SmartWall™ TDS product is targeted at the service provider and hosting provider market. The market for security products and services is competitive and characterised by rapid changes in technology, the evolving cyber threat landscape, customer requirements, and industry standards and frequent new product introductions and improvements. We need to be focused on our chosen market and deliver continuous innovation to stay ahead of our competition. Corero will address this challenge by working closely with our customers and prospects, to leverage the ﬂexibility of our platform technology to deliver continuously evolving leadership protection against the latest DDoS attacks and cyber threats. Today’s enterprises are increasingly dependent on their online presence for generating revenues, ensuring employee productivity, or providing a superb customer experience. Ubiquitous Internet access makes the enterprise susceptible to cyber threats from around the world. The resulting service outages cause costly downtime, lost productivity, brand damage and impact the enterprise’s legitimate users. Bankers Santander 2 The Forbury Reading RG1 3EU Silicon Valley Bank 3003 Tasman Drive Santa Clara, California 95054 USA Registrars Capita Asset Services Northern House Woodsome Park Fenay Bridge Huddersﬁeld HD8 OLA Website address www.corero.com O v e r v e w i i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c a i l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y Designed and produced by www.accruefulton.com Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 01 OVERVIEW Financial highlights Operating highlights • Revenue from continuing operations $10.3 million (2012: $11.4 million) • Appointment of David Ahee as Senior Vice President Global Sales • EBITDA loss* including discontinued operations $4.5 million (2012: loss $3.1 million) of which the EBITDA loss from continuing operations was $6.2 million (2012: loss $5.8 million) • Earnings per share 11.3 cents (2012: loss 9.7 cents) • Net cash $9.5 million at 31 December 2013 (2012: net debt $1.3 million) • Completed sale of Corero Business Systems Limited on 1 August 2013 • Net consideration** to the Company $16.5 million • Proﬁt on sale $15.2 million * before depreciation, amortisation, ﬁnancing and proﬁt on sale of Corero Business Systems Limited ** net of debt repayment • Progress in next generation product development • SmartWall TDS product launched in February 2014 • Developed a reporting platform utilising operational intelligence tools to enhance Corero’s SecureWatch™ managed security services and reporting • Awarded “Best IT Products & Services for Finance, Banking & Insurance” by Network Product’s Guide • Customer orders of $5.1 million in the six months ended 31 December 2013, an increase of 23% over the comparative period in 2012 • Signiﬁcant wins – second half 2013 order intake included 15 customers with orders exceeding $100,000 (compared to 7 in second half of 2012 and 9 in the ﬁrst half of 2013 $9.5M net cash at 31 December 2013 Network Products Guide award “Best IT Products and Services for Finance, Banking and Insurance” Governance Financial Statements 16 18 21 25 Directors’ Biographies Directors’ Report Corporate Governance Report Statement of Directors’ Responsibilities 26 27 28 29 30 31 32 33 62 65 Independent Auditor’s Report Consolidated Statement of Comprehensive Income Consolidated Statement of Financial Position Company Statement of Financial Position Statements of Cash Flows Consolidated Statement of Changes in Equity Company Statement of Changes in Equity Notes to the Financial Statements Notice of AGM Corporate Directory 10-11 HOW WE DO IT 10 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 11 STRATEGIC REPORT How we do it Our business model The Corero strategy is to be a leading provider of network security solutions focused on the DDoS and cyber threat market Business model The Corero business model comprises the development, marketing and sale of network security products and services to provide customers with protection from cyber threats. The Corero First Line of Defense products and services stop DDoS attacks and cyber threats. Revenue source Contractual arrangement Nature of revenue Description Security appliance sale – hardware and software product Hardware sale and perpetual software license • New customer sale • Existing customer upgrades for increased performance or expansion • Existing customer add on sale of new software modules Hardware and software support, monitoring and update services Single/multi-year contracts for Support and SecureWatch services, Threat Update Service and Reputation Watch® (described in more detail on page 7) • New sale • Existing customer renewal • Add on sale for new services introduced The Corero software comprises ostensibly Corero developed proprietary software complemented by third party licensed and open source software. The hardware solution is assembled by a third party contract manufacturer using industry standard hardware components and a Tilera Corporation multi-core CPU chip to deliver a high performance solution required for an in-line network security solution. Support and monitoring services are delivered by the Corero support team. Updates are delivered to the Corero appliances in customer networks to provide proactive on-going protection from the latest cyber security threats. Corero undertakes its own research into such threats and partners with third party organisations to provide additional security threat intelligence and protection. SecureWatch PLUS DDoS defence services (described in more detail on page 7) Single/multi-year service contracts • New sale • Add on sale to existing customer • Existing customer renewal 24x7x365 monitoring and support services including DDoS attack mitigation services delivered by the Corero support team. The Corero DDoS Defense System (“DDS”) product family is targeted at enterprise and public sector organisations and is an organisation’s First Line of Defense against damaging DDoS attacks, delivering the most comprehensive DDoS protection available in a purpose-built, high performance, on-premises appliance. DDS detects and blocks both familiar network-layer ﬂooding attacks, as well as the more difﬁcult to detect, low and slow application-layer attacks, which have become the stealth attackers’ weapon of choice. The Corero DDS uses an always on, adaptive, patented DDoS defence algorithms to ensure online businesses are always protected keeping services up and available – blocking malicious incoming requests while reliably passing legitimate trafﬁc to the organisations’ online servers. Positioned at the Internet gateway, Corero’s next generation SmartWall TDS, which was launched on 3 February 2014, is targeted at the following additional markets: Internet Service Providers and Multi-Service Operators (MSOs) Hosting companies offering Web, Cloud, Platform and Infrastructure-as-a-Service Companies providing managed security services The ﬁrst customer deployments of SmartWall TDS are expected to be in the second half of 2014. The SmartWall TDS is a ﬂexible and scalable cyber threat defence solution. SmartWall TDS is designed to enable Internet service providers and hosting providers the ability to offer comprehensive DDoS and cyber threat protection to their customers as an extension of their current value added service offerings, improving their overall value proposition and providing an opportunity to differentiate themselves from the competition. The family of SmartWall TDS appliances include: • SmartWall Network Threat Defense Appliance for comprehensive protection against network threats. • SmartWall Application Threat Defense Appliance for comprehensive protection against application threats. • SmartWall Network Bypass Appliance for 100% network connectivity to eliminate network downtime. • SmartWall Network Forensics Appliance for capturing and indexing 100% of the packets at 10Gbps rates for and complete visibility and forensics analysis. The SmartWall TDS product launch follows an 18 month development project with directly attributable costs of $5.1 million (of which $3.8 million has been capitalised, $3.2 million capitalised in the year ended 31 December 2013). The SmartWall TDS development will continue in 2014 and 2015 with further software releases planned to add new software functionality and features. Corero has developed a high performance network appliance, a combination of multicore network processor hardware and Corero developed software, which is deployed on premises (at the customer location or a third party data centre) which inspects all IP network trafﬁc in real time before it is allowed to pass into the customers’ IT environment to remove unwanted and malicious Internet trafﬁc and ensure only good trafﬁc enters. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 02 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 OVERVIEW Chairman’s Statement Initial SmartWall TDS discussions with potential customers have been encouraging and validate the view Corero has of the market opportunity Corero’s 2014 launch of the SmartWall Threat Defence System was an important milestone achievement from a strategic plan established in 2012 to build a market leading network security business focused on delivering scalable network security protection to counter multiple forms of cyber threats such as DDoS attacks at any performance level Jens Montanana Chairman Overview Corero deﬁnes its go-to-market by positioning its products as a First Line of Defense solution to help organisations stop DDoS attacks and cyber threats. This has enabled Corero to target a fast expanding market which a leading analyst IDC has forecast will be one of the highest growth areas in the IT security market. During the last year, we made signiﬁcant progress across many facets of the business including developing the sales organisation and advancing the development of our next generation product, SmartWall TDS. Revenues in 2013 did not grow over the prior year as Corero transitioned its business entirely to its First Line of Defense solution. This repositioning encouragingly did deliver good growth in the second half of 2013 as order intake rose 23% year over year. The focus for 2014 is to continue building on this growth. Revenues from Corero’s existing First Line of Defense products targeting commercial and public sector organisations will be augmented by additional new revenue streams from SmartWall TDS sales targeted at securing Internet cloud environments for: Service Providers, Hosting Providers and Managed Security Service Providers. We expect to generate incremental revenues from sales to this new market opportunity for Corero in the second half of 2014. The SmartWall TDS product has been designed to be a highly scalable threat defence solution to enable Internet service and Cloud providers the ability to offer comprehensive DDoS and cyber attack protection to their customers at industry leading performance levels. Strong interest has been generated from a number of important customers. The sale of Corero Business Systems Limited (“CBS”) on 1 August 2013 enabled us to repay our outstanding debt early, strengthened the Group’s balance sheet, and provided the capital for funding the next generation SmartWall TDS product development and making the appropriate sales and marketing investments. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 03 Strategic focus The Company’s strategy is to remain focused on the network security market and to build a strong market position leveraging our advanced technology to create a sustainable business which offers strong growth prospects. The key strategic focus areas, main drivers for success and risks are summarised on page 15. Our 2014 plans are focused on the launch and customer deployment of the new SmartWall TDS product as well as broadening the customer base for our existing enterprise focused DDoS attack prevention solutions in order to drive revenue growth whilst continuing to invest in our engineering development. As with all new product introductions, successful commercialisation relies on sales, marketing and technical support being directed for maximum effect and achieving reference wins to establish repeatable revenue streams. A solid foundation has been created and we are receiving strong indications of user satisfaction to support our strategy. Market dynamics The network security market continues to show strong growth fundamentals driven by the continued and in some cases exponential increase in cyber threats and the growing importance of the Internet for most commercial and public sector organisations. IDC, one of the leading IT industry analysts, has forecast that the DDoS protection market will be one of the highest growth areas in the IT security market more than doubling in size in the period 2012 to 2017 (to reach $870 million in 2017). In addition, in light of the requirement to protect against the changing threat landscape, IDC has deﬁned a new security segment, Specialized Threat Analysis and Protection, a market which Corero’s First Line of Defense solution addresses. This market is forecast to have a compound annual growth rate of over 40% from 2012 to 2017 with revenues reaching $1.2 billion in 2017. Despite the increase in threats and the number of attacks, research from Corero reveals that many businesses are failing to take adequate measures to protect themselves against the threat of a DDoS attack. A survey of 100 companies revealed that despite media reports of the cost of downtime and the potential for DDoS attacks to mask greater threats, businesses are failing to put in place effective defences or plans to mitigate the impact of a DDoS attack. This is partly a result of a lack of understanding of the threats, and that traditional security solutions do not provide the required protection, and challenges in organisations’ prioritising IT security spend. There are efforts by governments and industry regulators in a number of geographies to increase this awareness. For example in the UK, the Department for Business, Innovation and Skills (BIS) wrote to the chairmen of the top 350 UK listed companies in the summer of 2013 to undertake a cyber health check survey. This type of awareness raising and increasing Corero brand awareness are having a positive impact on Corero’s success. Our view is that it is critical for organisations to understand what cyber threats are traversing their network so they have visibility to their level of exposure and can take appropriate action to stop unwanted and malicious trafﬁc including DDoS attacks. Corero’s First Line of Defense solution provides this visibility and allows organisations to proactively manage cyber threats. We believe that organisations need to transform their information security environment, to ensure they can get ahead of cyber threats or at least try and keep pace. Otherwise, the gap between an organisation's security posture and the cyber threats it faces will continue to grow potentially threatening the organisation’s survival. Shareholders Corero’s shares are listed on AIM in London. The Company's largest external shareholders include Blackrock, Herald and Sabvest. I’d like to thank them and all our shareholders for their continuing support. Outlook The SmartWall Threat Defense System product, the ﬁrst phase of which was launched to the market in February 2014, provides Corero with a strong growth opportunity, opening up additional markets through enabling Internet service and Cloud providers to protect their IT infrastructure and, importantly, providing them with a platform from which they can deliver security services to their customers to protect against DDoS attacks and cyber threats. The positive momentum in the second half of 2013, combined with the strong ﬁnancial position and cash to execute Corero’s growth plans, gives us conﬁdence that we will be able to successfully exploit the considerable opportunities available in this dynamic market. Jens Montanana Chairman 24 March 2014 The positive momentum in the second half of 2013 and our strong ﬁnancial position, with the cash to execute our growth plans, gives us conﬁdence that we will be able to exploit the opportunity for Corero 42% Specialised Threat Analysis and Protection market forecast to grow to $1.2 billion in 2017* DDoS protection market forecast to double in period to 2017 approaching $1 billion* * IDC O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 04 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 STRATEGIC REPORT Our performance Corero’s balance sheet has been strengthened by the sale of Corero Business Systems with net consideration of $16.5 million In 2013 Corero had continued success in retaining and winning new customers Financial performance For the year ended 31 December 2013, the Group reported an EBITDA loss before depreciation, amortisation, ﬁnancing and proﬁt on sale of CBS of $4.5 million (2012: $3.1 million) including an EBITDA proﬁt from discontinued operations of $1.7 million (2012: $2.7 million), comprising CBS which was disposed on 1 August 2013. The proﬁt for the year after taxation amounted to $8.2 million (2012: loss $5.9 million) and comprised the following: • Loss for the year after taxation from continuing operations of $8.5 million (2012: loss $8.2 million); • Proﬁt after taxation from discontinued operations of $1.4 million (2012: $2.3 million); and • Proﬁt from the sale of discontinued operations of $15.2 million. The loss from continuing operations includes: • Unrealised exchange loss of $0.2 million (2012: loss $0.3 million) arising on an intercompany loan; • Central costs of $1.1 million (2012: $1.2 million) which relate to the Company’s ﬁnance function as well as the costs associated with the Company’s listing on AIM; and • Finance costs of $0.4 million (2012: $0.5 million) comprising interest on the loan notes issued by Top Layer Networks, Inc. (“Top Layer” subsequently renamed Corero Network Security, Inc.) as part of the purchase consideration for Top Layer. The sale of CBS provided an attractive opportunity to realise the Company’s investment in the business at a compelling cash valuation: • A multiple in excess of 8.0 times the CBS earnings before development costs capitalised, depreciation, amortisation and ﬁnancing for the year ended 31 December 2012; and • In excess of 2.2 times the CBS revenues for the year ended 31 December 2012. The earnings per share, including the proﬁt from discontinued operations and proﬁt on the sale of discontinued operations, was 11.3 cents (2012: loss 9.7 cents). The Group’s net assets at 31 December 2013 were $34.0 million (2012: $19.3 million). Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 05 Review of performance and performance indicators The Directors monitor a number of metrics, both ﬁnancial and non-ﬁnancial, on a monthly basis. The most important of these, for the continuing business, are as follows: • Order intake: $9.2 million for the year ended 31 December 2013 (2012: $10.4 million); • Gross margin: 65% for the year ended 31 December 2013 (2012: 70%); • Operating expenses: $12.9 million (2012: $13.7 million); and • Net cash: $9.5 million at 31 December 2013 (2012: net debt $1.3 million). Although order intake in 2013 did not grow over the prior year as Corero transitioned its business entirely to its First Line of Defense solutions, the 23% growth in order intake in second half of 2013 was encouraging. The lower order intake resulted in revenue in 2013 being below the prior year. The gross margins in 2013 were impacted by the reduction in revenue given certain ﬁxed costs associated with Corero support and production functions, and increased investment in the services and support delivery capabilities in 2013. The operating expenses, gross of research and development costs capitalised of $3.8 million (2012: $2.4 million), of $16.7 million were in line with the prior year (2012: $16.1 million) and reﬂect the investment in the Company's SmartWall TDS product. The Group had a strong net cash position at 31 December 2013 which was positively impacted by the proceeds on the sale of CBS and the early repayment of the loan notes. Review of the Company’s business Highlights of 2013 include: • Appointment of David Ahee, who has extensive experience in establishing enterprise and channel sales strategies internationally, as Senior Vice President Global Sales • Progress in next generation product development • Launch of the SmartWall TDS product in February 2014 • Developed a reporting platform utilising operational intelligence tools to enhance Corero’s SecureWatch managed security services • Awarded “Best IT Products & Services for Finance, Banking & Insurance” by Network Product’s Guide • Order intake of $5.1 million in the six months ended 31 December 2013 increased 23% over the comparative period in 2012 • Signiﬁcant customer wins: • Second half 2013 order intake included 15 customers with orders exceeding $100,000 (compared to 7 in second half of 2012 and 9 in the ﬁrst half of 2013) New customer wins included signiﬁcant orders from a UK infrastructure provider, two US energy utilities, two South American service providers, two US regional banks, a French insurance group, an Asian provider of on-line games, a web hosting company, a provider of real estate and mortgage portfolio management information services, a large US city corporation, a Brazilian state ministerial department and a government public relations ministry. Material orders (upgrades and support contract renewals) from existing customers included a leading industrial group, a leading price comparison web site, Camelot (the UK Lottery operator), two US university colleges, a Middle East investment services ﬁrm, a global electronics manufacturing services group, two multi-national banking groups, one of the leading on-line gaming companies, a leading medical equipment manufacturer, a leading international energy group, City Index, a European telecommunications service provider, a national air trafﬁc control provider, and one of the largest newspaper publishers in the US. Cash and treasury The closing cash balance was $9.8 million (2012: $4.9 million). The Group had debt at 31 December 2013 of $0.3 million comprising the balance on a receivables- backed working capital facility (2012: $6.2 million which comprised loan notes of $5.8 million and a term loan of $0.6 million which was repaid in 2013). In October 2013, Corero elected to repay its existing loan notes with a face value of $5.0 million in full, together with accrued interest of approximately $1.2 million, and in advance of their maturity date in March 2014. The loan notes were issued in March 2011 as part of the consideration paid for the acquisition of Top Layer. The loan notes accrued interest at a rate of 8% per annum and were secured on the assets of Top Layer. The net reduction in cash from operating activities in the year ended 31 December 2013 was $7.5 million (2012: $5.1 million). In 2013, the Company raised $6.2 million (before expenses) of which the directors contributed $4.2 million. At the end of the year, the Group had a receivables backed ﬁnancing facility of $2.0 million which is committed for a period of one year and is repayable on demand. The Group company has complied with the ﬁnancial covenants relating to this facility. 23% in order intake in H2 2013 200 existing customers upgraded their Corero solutions and or renewed support contracts O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 06 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 STRATEGIC REPORT What we do The Corero First Line of Defense products and services stop DDoS attacks and cyber threats OUR TECHNOLOGY A high performance network appliance which is deployed on premises (at the customer or managed location) or in service provider networks. The appliance inspects Internet trafﬁc in real time before it is allowed to pass into the customers protected IT environment to ensure unwanted and malicious Internet trafﬁc is removed. • The Corero Patented Dynamic Threat Assessment technology uses several algorithms including advanced challenge-response techniques to categorise all sources as unknown, trusted, suspicious or malicious based upon their real-time behaviours. • The Corero Request/ Response Behaviour Analysis controls access to downstream devices based upon a source’s “behaviours” which enables enforcement of usage standards on every source IP address which provides detection of application-layer denial of service attacks, as well as other unwanted behaviours and blocks them before they reach the victim devices. • The Corero Protocol Validation Engines inspects all packets of a network and/or application transaction and compares the observed content and characteristics to what is allowed, expected, or required, based upon the protocol speciﬁcations and known implementations, and takes the appropriate real time actions (e.g. detection/blocking) of the violations. • Corero has a real-time reputation engine, ReputationWatch, that provides automated real-time defence against previously identiﬁed DDoS attack sources. In addition, IP address geolocation technology enables enforcement of security policies based on national origin of IP addresses. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 07 OUR SERVICES Threat Update Reputation Watch An automated protection update service that provides Corero customers with timely, proactive protection from the latest security threats. The subscription service delivers frequent protection updates and security advisories. These updates include updated vulnerability and attack signatures to provide the most current, effective network threat monitoring. Security advisories, an important aspect of the Threat Update Service, inform customers of newly discovered threats, and recommend any actions that might be necessary to obtain protection against the threat. Enables customers to automatically block malicious IP addresses. Corero continuously receives data feeds from global intelligence across the Internet to determine the current threat status of malicious or suspicious IP addresses. Using IP reputation-based information, ReputationWatch automatically identiﬁes and blocks access from suspicious sites including sources that have participated in DDoS attacks, systems delivering specially crafted denial-of-service exploits, anonymised IP addresses behind proxies, phishing sites, and spam sources. ReputationWatch also allows customers to block or alert on access from countries with which they do not transact business for example by choosing to block or set rate limits on all trafﬁc from a nation or geography. SecureWatch A service which ensures that customers’ First Line of Defense solutions are always up to date, running at optimum performance, and continuously protecting customers’ IT infrastructure against the latest threats. SecureWatch Plus A comprehensive suite of DDoS defence conﬁguration, optimization, 24x7 monitoring and attack mitigation services. These services are customised to meet the security requirements and business goals of each customer. SecureWatch PLUS includes access to experts to assist in the realisation of the desired DDoS defence solution starting with the organisation-speciﬁc implementation, commissioning and testing, continuing with round-the-clock monitoring, and immediate response in the event of a DDoS attack. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 08 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 STRATEGIC REPORT Why we do it The world in which we operate OUR MARKET $17.9b 2013 worldwide IT security spending will be $17.9 billion Source: IDC Number of companies suffering cyber attacks to steal commercial secrets doubled in 2012-13 The Internet has transformed the way commercial and public sector organisations do business Organisations today are embracing technology to enhance the productivity of their employees, generate new revenue sources and improve their operating efﬁciency. These technologies include cloud services, mobile computing, online services and social networking. This greater reliance on information technology has signiﬁcantly increased the attack surface within organisations that is vulnerable to potential security attacks. As a result organisations are having to make signiﬁcant investments in IT security to help protect against a myriad of potential threats. The threat landscape has evolved “Cyber attacks are one of the top four threats to our national security and cyber-crime is costing our economy billions of pounds a year. And as businesses and government move more of their operations online, the scope of potential targets will continue to grow. It’s a race: to build sufﬁcient cyber defences to match the growing volume and dependence of our online economic, security and social interests.” Source: Kroll UK Cabinet Ofﬁce Minister, Francis Maude 21% of companies report that DDoS is the most costly form of attack Cyber-crime continues to be costly • The average annualised cost of cyber-crime for organisations is $11.6 million per year (an increase of 26% over 2012) • Cyber attacks have become common occurrences – two successful attacks per company per week (an increase of 18% over 2012) • The most costly cyber-crimes are those caused by DDoS, malicious insiders and web-based attacks Source: Ponemon Institute Source: Ponemon Institute 2013 Cost of Cyber Crime Study Firewalls don’t cut it anymore as a ﬁrst line of defence Source: Network World DDoS protection market to double in period to 2017 (approaching $1 billion) Source: IDC Existing security solutions do not protect against next-generation threats Though ﬁrewalls are still a critical and necessary component of any IT network, they are no longer the best type of device to deploy as the network’s ﬁrst line of defence. Whilst ﬁrewalls serve many purposes, they do not have complete Layer 3–7 protection. Attackers know these limitations and have devised attacks that can evade or overwhelm a ﬁrewall, as well as the secondary security devices behind the ﬁrewall, such as intrusion prevention systems. The opportunity for Corero Organisations need to respond to the increased risk presented by the growing number of DDoS attacks and cyber threats – a security device speciﬁcally designed to detect and stop unwanted trafﬁc before it can overrun the IT infrastructure causing performance issues, security exposures and even catastrophic outages. This new ﬁrst line of defence must be able to identify malicious attack trafﬁc even if it mimics legitimate trafﬁc and the true customer communications that businesses want and welcome. The Corero First Line of Defense solution applies industry best practices as well as sophisticated analysis techniques to thoroughly inspect trafﬁc in order to stop DDoS attacks and cyber threats. The Corero solution stops unwanted trafﬁc that slows the infrastructure and frustrates users, and in the process protects the existing infrastructure and enables maximum uptime of business applications. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 09 THE COMPETITIVE ENVIRONMENT Corero is a leader in protecting enterprises and public sector organisations against DDoS attacks and cyber threats. We have deﬁned the market for on premises First Line of Defense and have developed the following key competitive advantages that we believe will allow us to extend our leadership position: • Always-on protection that blocks both network-layer ﬂooding attacks, as well as the more difﬁcult to detect, low and slow application-layer attacks. • Granular conﬁguration of security policies in order to allow legitimate trafﬁc to pass while blocking unwanted trafﬁc. • Broad security coverage – Inspection of every packet and every ﬂow (using Deep Packet Inspection) rather that a sample-based approach used by most competitors. • Purpose-built security appliance for high speed trafﬁc inspection using a multi-core processor architecture. • Competitive price-performance resulting in the lowest total cost of ownership for the end user. • Expert security knowledge and technical support provided by Corero’s 24x7 Security Operations Centre. Our next generation product, SmartWall TDS, was launched on 3 February 2014 to address the Internet service provider and hosting provider markets. It adds key features like asymmetric inspection, and multi-tenancy to allow our First Line of Defense solutions to be deployed in service provider networks and hosting data centres as a services-oriented platform. Service providers and hosting providers can now deploy this platform in a modular and scalable fashion to not only protect their own infrastructure but more importantly to roll out revenue generating DDoS protection services to multiple customers. SmartWall TDS extends our current competitive advantages with the following key features: OPPORTUNITIES The awareness of cyber-crime and the impact on businesses (small and large) is increasing with Board room accountability and regulatory focus in certain industries, such as ﬁnancial services. We expect this trend to have a positive impact on our market. Ernst & Young’s Global information Security Survey 2013 reported that 50% of respondents indicate that their budgets will increase anywhere from 5% to 25% or more in the next 12 months, and 14% of spend in the coming 12 months will be on security innovation (emerging technology). KEY MARKET CHALLENGES • Robust security coverage – comprehensive network security protection against layer 3 and layer 4 for both IPv4 and IPv6 trafﬁc. • Industry-leading density, scalability and performance – protection is provided through conﬁgurable access policies with scalability from 10Gbps to 1Tbps in a single rack. • Green, energy-efﬁcient platform – energy-efﬁcient design with front-to-back cooling which fully supports economic and environmental initiatives. • Powerful centralised management for conﬁguring, controlling, and monitoring all SmartWall TDS appliances from a central location. • Flexible deployment conﬁgurations – multiple appliances can be distributed to key control points in the provider network or centrally combined in 1 Rack Unit shelves in various conﬁgurations. • Single solution to deliver comprehensive threat protection, always-on connectivity, and complete visibility with the family of SmartWall appliances. The Corero principal competitors are other DDoS defence equipment manufacturers such as Arbor Networks, Inc. and Radware Limited. Corero is targeting a high growth security market; the DDoS market is forecast to double in the period 2012 to 2017 (Source: IDC) to $870 million. The existing Corero DDS product is targeted at the enterprise on premises DDoS protection market. The new SmartWall TDS product is targeted at the service provider and hosting provider market. The market for security products and services is competitive and characterised by rapid changes in technology, the evolving cyber threat landscape, customer requirements, and industry standards and frequent new product introductions and improvements. We need to be focused on our chosen market and deliver continuous innovation to stay ahead of our competition. Corero will address this challenge by working closely with our customers and prospects, to leverage the ﬂexibility of our platform technology to deliver continuously evolving leadership protection against the latest DDoS attacks and cyber threats. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 10 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 STRATEGIC REPORT How we do it Our business model The Corero strategy is to be a leading provider of network security solutions focused on the DDoS and cyber threat market Business model The Corero business model comprises the development, marketing and sale of network security products and services to provide customers with protection from cyber threats. The Corero First Line of Defense products and services stop DDoS attacks and cyber threats. Revenue source Contractual arrangement Nature of revenue Description Security appliance sale – hardware and software product Hardware sale and perpetual software license • New customer sale • Existing customer upgrades for increased performance or expansion • Existing customer add on sale of new software modules Hardware and software support, monitoring and update services Single/multi-year contracts for Support and SecureWatch services, Threat Update Service and Reputation Watch® (described in more detail on page 7) • New sale • Existing customer renewal • Add on sale for new services introduced The Corero software comprises ostensibly Corero developed proprietary software complemented by third party licensed and open source software. The hardware solution is assembled by a third party contract manufacturer using industry standard hardware components and a Tilera Corporation multi-core CPU chip to deliver a high performance solution required for an in-line network security solution. Support and monitoring services are delivered by the Corero support team. Updates are delivered to the Corero appliances in customer networks to provide proactive on-going protection from the latest cyber security threats. Corero undertakes its own research into such threats and partners with third party organisations to provide additional security threat intelligence and protection. SecureWatch PLUS DDoS defence services (described in more detail on page 7) Single/multi-year service contracts • New sale • Add on sale to existing customer • Existing customer renewal 24x7x365 monitoring and support services including DDoS attack mitigation services delivered by the Corero support team. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 11 The Corero DDoS Defense System (“DDS”) product family is targeted at enterprise and public sector organisations and is an organisation’s First Line of Defense against damaging DDoS attacks, delivering the most comprehensive DDoS protection available in a purpose-built, high performance, on-premises appliance. DDS detects and blocks both familiar network-layer ﬂooding attacks, as well as the more difﬁcult to detect, low and slow application-layer attacks, which have become the stealth attackers’ weapon of choice. The Corero DDS uses an always on, adaptive, patented DDoS defence algorithms to ensure online businesses are always protected keeping services up and available – blocking malicious incoming requests while reliably passing legitimate trafﬁc to the organisations’ online servers. Positioned at the Internet gateway, Corero’s next generation SmartWall TDS, which was launched on 3 February 2014, is targeted at the following additional markets: Internet Service Providers and Multi-Service Operators (MSOs) Hosting companies offering Web, Cloud, Platform and Infrastructure-as-a-Service Companies providing managed security services The ﬁrst customer deployments of SmartWall TDS are expected to be in the second half of 2014. The SmartWall TDS is a ﬂexible and scalable cyber threat defence solution. SmartWall TDS is designed to enable Internet service providers and hosting providers the ability to offer comprehensive DDoS and cyber threat protection to their customers as an extension of their current value added service offerings, improving their overall value proposition and providing an opportunity to differentiate themselves from the competition. The family of SmartWall TDS appliances include: • SmartWall Network Threat Defense Appliance for comprehensive protection against network threats. • SmartWall Application Threat Defense Appliance for comprehensive protection against application threats. • SmartWall Network Bypass Appliance for 100% network connectivity to eliminate network downtime. • SmartWall Network Forensics Appliance for capturing and indexing 100% of the packets at 10Gbps rates for and complete visibility and forensics analysis. The SmartWall TDS product launch follows an 18 month development project with directly attributable costs of $5.1 million (of which $3.8 million has been capitalised, $3.2 million capitalised in the year ended 31 December 2013). The SmartWall TDS development will continue in 2014 and 2015 with further software releases planned to add new software functionality and features. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 12 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 STRATEGIC REPORT How we do it Our business model continued OUR DIFFERENCE Corero has a progressive range of threat defences designed to be deployed in Service Provider or Enterprise networks to provide a First Line of Defense against DDoS attacks and cyber threats Corero is dedicated to improving the security of the Internet through the deployment of its innovative First Line of Defense solutions. Corero products and services provide our customers with protection against a continuously evolving spectrum of DDoS attacks and cyber threats that have the potential to impact any Internet connected business. Corero provides the opportunity to enhance defence-in-depth security architectures with an important additional layer of security capable of inspecting trafﬁc arriving from the Internet in real time and applying access policies designed to match the needs of the business. The goal of the Corero First Line of Defense security layer is to protect the customer’s network infrastructure, online services and conﬁdential data from suspicious or malicious Internet trafﬁc. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 13 HOW WE CREATE VALUE Bookings analysis • New Contracts products and services* • Upgrades additional products and services sold to existing customers* • Support and Services renewals of existing support and services contracts* WHERE WE CREATE VALUE Sectors analysis* Geographic analysis* New Contracts (41%) Support and Services (35%) Upgrades (24%) Financial Services (22%) Utilites (12%) ecommerce (11%) Telecom (10%) Public Sector (9%) Other (36%) North America (59%) EMEA (28%) Asia Paciﬁc (8%) ROW (5%) RESOURCES AND RELATIONSHIPS WE RELY ON • Our people • Partners Corero has a talented team of employees who are focused on delivering the Company’s strategy. • • IP Corero’s technology is primarily implemented in software. Corero holds a number of patents. With the ongoing investment in product software enhancements, the Company expects to ﬁle additional patent protections. International reach Corero has operations in Massachusetts, USA with the European headquarters being in the UK. In addition, Corero has sales operations servicing customers across North America, South America, Europe and Asia Paciﬁc. Corero has committed to a channel focused sales model and will continue to invest in the development of channel partner relationships with security resellers and distributors to take its solutions to market internationally. The success of this channel model is crucial to the revenue growth targets that the Company has set. • Finance Corero has a strong funding position at 31 December 2013 with net cash of $9.5 million. This cash has been allocated to fund organic investment in further software releases of Corero’s SmartWall TDS product and investment in sales and marketing. The Company’s cash resources are expected to be sufﬁcient to fund the Company’s requirements with the expectation of being cash ﬂow positive in 2015. * order intake OUR PEOPLE Product engineering & product management (46%) Sales & marketing (31%) Support & services (10%) Management & administration (13%) O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 14 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 STRATEGIC REPORT Our strategy for sustainable growth The Corero strategy is to protect against a continuously evolving spectrum of DDoS attacks and cyber threats that have the potential to impact any Internet connected business The Company is dedicated to improving the security of the Internet through the deployment of its innovative First Line of Defense solutions. Corero products and services provide our customers with protection against a continuously evolving spectrum of DDoS attacks and cyber threats that have the potential to impact any Internet connected business. Corero provides the opportunity to enhance defence-in-depth security architectures with an important additional layer of security capable of inspecting trafﬁc arriving from the Internet in real time and applying access policies designed to match the needs of the business. The goal of the Corero First Line of Defense security layer is to protect the customer’s network infrastructure, online services and conﬁdential data from suspicious or malicious Internet trafﬁc. The Company’s strategic objectives and plans are summarised below: MARKET To gain market endorsement of the value proposition of a new layer of cyber security protection – First Line of Defense – which is designed to be deployed in front of Firewalls, Intrusion Prevention Systems and other IT security infrastructure devices, and to establish Corero as a market leading solution for protection against DDoS and other cyber threats. The Company is planning to raise its proﬁle through a progression of referenceable customer deployments and playing an active role as a thought leader in cyber security protection. Service providers and their customers are both impacted by the challenges of DDoS attacks and cyber threats. These attacks have grown in size, frequency and sophistication in recent years. Enterprises are increasingly calling on their service providers to assist them in the detection, analysis and mitigation of such attacks before they have an impact on their operations, and ultimately their business. The Corero SmartWall TDS, launched on 3 February 2014, has been developed for the service provider market and gives service providers the opportunity to deliver First Line of Defense, always on, threat protection and visibility to their customers as a value added security service. SmartWall TDS provides access to a new market for Corero to complement its current enterprise focused product offering. The SmartWall TDS opportunity: Enterprises are increasingly calling on their service providers to assist them in the detection, analysis and mitigation of DDoS attacks and cyber threats before they have an impact on their operations, and ultimately their business Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 15 Annual Report & Accounts for the year ending 31 December 2013 15 TECHNOLOGY To develop a software-based technology platform leveraging high performance multicore processor hardware as well as virtual machine based software deployments to deliver the Corero industry leading First Line of Defense solutions in a scalable, high performance and “open” manner capable of interfacing with other security hardware and software solutions. SALES To enhance the Corero sales and business development capability to drive organic revenue growth and expand our geographical sales organisation to access new customers in new markets. Corero is committed to a channel sales strategy, focused on selling through partners, both distributors and resellers. The sales objectives will be achieved through a combination of strong sales leadership, sales tools and programs to drive sales growth. The sales effort will continue to be underpinned by strong post sales customer support. MANAGEMENT AND EMPLOYEES To have a management team with the experience and skills to manage new technology investment and product innovation which connects with the market opportunity to deliver strong revenue growth. The Group will align additional investment in headcount with revenue goal achievement. PRINCIPAL RISKS AND UNCERTAINTIES The principal risks and uncertainties for Corero are: • • • • • Market awareness: We need to invest in targeted public relations and marketing to raise market awareness of Corero and our solutions. If we are not successful in connecting with the market it will compromise our growth plans. Technology change and innovation: Our market is competitive and characterised by rapid changes in technology, customer requirements and frequent new product introductions and improvements. To grow, we need to be focused on our chosen market and deliver continuous innovation to stay ahead of our competition. People: Retaining and recruiting people with the necessary skills and characteristics. Revenue growth requires a strong sales and business development capability. We operate in a high growth market with new players emerging. If we are unable to recruit and retain the right skills this will compromise our growth plans. Partner engagement and development: Our partner focused sales model requires us to have strong partner relationships to ensure our mutual business interests are maximised. Failure to successfully execute our channel strategy will compromise our growth plans. Geographic distribution: Finding the right balance for geographic growth to avoid overextending our resources by expanding too fast or spreading ourselves too thin. By order of the Board Duncan Swallow Company Secretary 24 March 2014 Enhance the Corero sales and business development capability to drive organic revenue growth and expand our geographical sales organisation to access new customers in new markets O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 16 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Board of Directors Jens Montanana Non-executive Chairman Age: 53 Appointed: 9 August 2010 Jens is the founder and CEO of Datatec Limited, established in 1986. Between 1989 and 1993 Jens served as managing director and vice-president of US Robotics (UK) Limited, a wholly owned subsidiary of US Robotics Inc., which was acquired by 3Com. In 1993, he co-founded US start-up Xedia Corporation in Boston, an early pioneer of network switching and one of the market leaders in IP bandwidth management, which was subsequently sold to Lucent Corporation in 1999 for $246 million. In 1994, Jens became CEO of Datatec Limited which listed on the Johannesburg Stock Exchange in 1994 and on AIM in 2006. He has previously served on the boards and sub-committees of various public companies. Ashley Stephenson Chief Executive Ofﬁcer Age: 53 Appointed: 6 September 2013 Ashley ﬁrst joined Corero Network Security as Executive Vice President of the Network Security division, with responsibility for product and solution strategy in March 2012, and was appointed chief executive ofﬁcer of the division in January 2013. An IT industry executive and Internet technology entrepreneur, Ashley has operating experience in the United States, Europe and Asia. Previously, he was CEO of Reva Systems, acquired by ODIN, and Xedia Corporation, acquired by Lucent. He has provided strategic advisory services to a number of leading multi-national IT companies including technology vendors, distributors and services companies. Ashley began his career at IBM Research & Development in the UK. He is a graduate of Imperial College, London with a degree in Physics and an Associate of the Royal College of Science. Andrew Miller Chief Financial Ofﬁcer and Chief Operating Ofﬁcer Age: 49 Appointed: 9 August 2010 Prior to joining the Company, Andrew was with the Datatec Limited group in a number of roles between 2000 and 2009 including the Logicalis Group Operations Director and Corporate Finance and Strategy Director. He led the Logicalis acquisition strategy, acquiring and integrating 12 companies in the US, UK, Europe and South America. Prior to this, Andrew gained considerable corporate ﬁnance experience in London with Standard Bank, West Deutsche Landesbank and Coopers & Lybrand. He trained and qualiﬁed as a chartered accountant and has a bachelor’s degree in commerce from the University of Natal, South Africa. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 17 Richard Last Non-executive Director Age: 56 Appointed: 22 May 2008 Richard is Chairman of a number of companies including Servelec Group plc, a UK technology group quoted on the London Stock Exchange; Arcontech Group PLC, a provider of IT solutions for the ﬁnancial services sector which is listed on AIM; Lighthouse Group plc, an AIM listed ﬁnancial services group; and the British Smaller Technology Companies VCT 2 plc, a fully listed Venture Capital Trust. He is also a director of a number of private companies. Richard is a Fellow of the Institute of Chartered Accountants in England and Wales (FCA). Richard is chairman of the Corero Audit Committee. Andrew Lloyd Non-executive Director Age: 48 Appointed: 19 November 2012 Andrew has been involved in the IT software and systems sector for more than 25 years. His career has included roles in early stage companies, high-growth pre-IPO ventures as well as large corporations such as Computer Associates and Oracle. He is currently Chief Customer Ofﬁcer of workforce management software company Workplace Systems Limited and previously was Senior Vice President of PRISMTECH Group’s OpenSplice business. Andrew has a BSc (Hons), Electronic and Electrical Engineering from Heriot-Watt University, Scotland. Andrew is chairman of the Corero Remuneration Committee. Duncan Swallow Company Secretary Age: 49 Appointed: 1 November 2007 Duncan is responsible for the Company secretarial function and is also the Group Financial Controller. Prior to joining the Company, Duncan was Divisional Financial Controller for CCH, a Wolters Kluwer business, specialising in providing books, online information, software, CPD and fee protection to tax and accounting professionals. He is a fellow of the Association of Chartered Certiﬁed Accountants. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 18 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Directors’ Report for the year ended 31 December 2013 Group results The Group’s Statement of Comprehensive Income on page 27 shows a proﬁt for the year of $8.2 million (2012: loss $5.9 million). Going concern The ﬁnancial position, cash ﬂows and borrowing facilities are described in the Strategic Review on pages 4 to 5. Forecasts and projections, taking into account reasonably possible changes in trading performance, show that the Company and Group will be able to operate within the level of current cash balances and facilities. The Directors are satisﬁed, in view of the cash reserves of $9.8 million (2012: $4.9 million) held on the balance sheet at 31 December 2013 and receivables-backed ﬁnancing facility of $2.0 million, that the Company and the Group have adequate resources to continue operating for the foreseeable future. For this reason the going concern basis has been adopted in preparing the accounts. Dividends The Directors have not recommended a dividend (2012: $nil). Share capital The issued share capital of the Company together with details of movements in the Company’s issued share capital during the ﬁnancial period are shown in note 25 to the ﬁnancial statements. As at the date of this report, 85,637,416 ordinary shares of 1p each (‘ordinary shares’) were in issue and fully paid with an aggregate nominal value of $1.3 million. The market price of the ordinary shares at 31 December 2013 was 17.8p and the shares traded in the range 12.8p to 31.0p during the year. Issue of shares At the AGM held on 13 June 2013 shareholders granted authority to the Board under the Articles and section 551 of the Companies Act 2006 (the ‘Act’) to exercise all powers of the Company to allot relevant securities up to an aggregate nominal amount of £285,458. It is proposed at the forthcoming AGM to renew the authority to allot relevant securities up to an aggregate nominal amount of £285,458, being one-third of the nominal value of the current issued share capital. Also at the AGM held on 13 June 2013, shareholders granted authority to the Board under the Articles and section 570(1) of the Act to exercise all powers of the Company to allot equity securities wholly for cash up to an aggregate nominal amount of £85,637 without application of the statutory pre-emption rights contained in section 561 (1) of the Act. It is proposed at the forthcoming AGM to renew the authority to allot relevant securities wholly for cash up to an aggregate nominal amount of £85,637 being 10% of the current nominal value of the issued share capital, without application of the statutory pre-emption rights. Substantial shareholdings The Company has been notiﬁed of the following holdings that are 3% or more of the Group’s ordinary share capital as at 19 March 2014: Ordinary shares of 1 pence each Jens Montanana* Blackrock, Inc. Herald Investment Management Sabvest Capital Holdings Limited BFG Investments Group Limited Number 33,943,687 7,303,735 7,261,723 4,585,000 2,731,023 % 39.6 8.5 8.5 5.4 3.2 * of which 20,936,545 are held in the name of JPM International Limited, which is wholly owned by Jens Montanana, and 9,000,000 are held in the name of The New Millennium Technology Trust of which Jens Montanana is a beneﬁciary. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 19 Directors and directors’ interests The directors who served in ofﬁce during the year and up to the date of this report and their interests in the Company’s shares were as follows: Ordinary shares held Jens Montanana Andrew Miller Richard Last Andrew Lloyd Ashley Stephenson (appointed 6 September 2013) 19 March 2014 31 December 2013 31 December 2012 Number 33,943,687 723,255 1,066,667 – – % Number % Number 39.6 33,943,687 39.6 15,943,687 0.8 1.3 – – 723,255 1,066,667 – – 0.8 1.3 – – 623,255 400,000 – n/a % 27.9 1.3 0.7 – n/a The biographical details of the current Directors of the Company are given on pages 16 to 17. Jens Montanana, Ashley Stephenson, Andrew Miller, Richard Last and Andrew Lloyd hold share options, details of which are shown in note 30 to the Financial Statements. Directors’ indemnities The Company has made qualifying third party indemnity provisions for the beneﬁt of its Directors which for Jens Montanana, Andrew Miller, Richard Last and Andrew Lloyd were made in prior reporting periods, and for Ashley Stephenson in the current reporting period. These remain in force at the date of this report. Financial risk management objectives and policies Capital management The Group monitors its available capital, which it considers to be all components of equity against its expected requirements. The Group’s objectives when maintaining capital are to safeguard the entity’s ability to continue as a going concern, so that it can continue to provide returns for shareholders and beneﬁts for other stakeholders, and to ensure that sufﬁcient funds can be raised for investing activities. In order to maintain or adjust the capital structure, the Company may return capital to shareholders, issue new shares, or sell assets to reduce debt. The Group does not review its capital requirements according to any speciﬁed targets or ratios. Treasury management The objectives of Group treasury policies are to ensure that adequate ﬁnancial resources are available for development of the business while at the same time managing ﬁnancial risks. Financial instruments are used to reduce ﬁnancial risk exposures arising from the Group’s business activities and not for speculative purposes. The Group’s treasury activities are managed by the Group ﬁnance function under the direction of the Group Financial Controller. The Group Financial Controller reports to the Board on the implementation of Group treasury policy. The Group’s business activities expose it to a variety of ﬁnancial risks. The policies for managing these risks are described below: • Liquidity risk – arises from the Group’s management of working capital and ﬁnance charges. It is the risk that the Group will encounter difﬁculty in meetings its ﬁnancial obligations as they fall due. Liquidity risk is managed centrally by the ﬁnance function. Budgets are agreed by the Board annually in advance enabling the Group’s cash ﬂow requirements to be anticipated. • Credit risk – arises from cash and cash equivalents and from credit exposures to the Group’s customers including outstanding receivables and committed transactions. Credit risk is managed with regular reports of exposures reviewed by management. The Group does not set individual credit limits but will seek to ensure that customers enter into legally enforceable contracts that include settlement terms that demonstrate the customers’ commitment to the transaction and minimise this risk exposure. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 20 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Directors’ Report continued for the year ended 31 December 2013 Financial risk management objectives and policies continued Treasury management continued The amounts of trade receivables presented in the Statement of Financial Position are shown net of allowances for doubtful accounts estimated by management based on prior experience and their assessment of the current economic environment (note 18). The credit risk on liquid funds and ﬁnancial instruments is limited because the counterparties are banks with acceptable credit ratings assigned by international credit rating agencies. The Group has no signiﬁcant concentration of credit risk, with exposure spread over a large number of customers. • Cash ﬂow interest rate risk – the Group’s policy is to minimise interest rate cash ﬂow risk exposure on its ﬁnancing. The Group’s policy is to balance the risk in relation to cash balances held by spreading these across a number of ﬁnancial institutions as opposed to maximising interest income. • Currency risk – there is no material impact on the Group’s Statement of Comprehensive Income from exchange rate movements, as foreign currency transactions are entered into by Group companies whose functional currency is aligned with the currencies in which it transacts. Environment The Group’s activities are primarily ofﬁce based and as such the directors believe that there is no signiﬁcant environmental impact arising from the Group’s activities. The Group complies with local WEEE regulations. No environmental performance indicators are therefore included within this report. The Group’s environmental policy states: “We endeavour to recycle appropriate materials where possible and to efﬁciently use natural resources and energy supplies so as to minimise our environmental impact. We will comply with the relevant statutes and legislation. Furthermore employees are encouraged to be environmentally aware. Company cars are not provided.” Research and development The development of computer software is an integral part of the Group’s business and the Group continues to develop its core software in response to user demand, and particularly the changing IT security threat landscape, and changes in software technology. During the year the Group enhanced its existing products and developed new products. A capital investment for continuing operations of $3.8 million (2012: $2.4 million) was made during the year. Amortisation of $0.3 million (2012: $0.7 million) was charged to the Statement of Comprehensive Income during the year. Employees The quality and commitment of the Group’s employees has played a major role in the Group’s business success. This has been demonstrated in many ways, including strong customer satisfaction, the development of new product offerings and the ﬂexibility employees have shown in adapting to changing business requirements. The Group operates sales commission, incentive bonus plans and share option plans to provide incentives for achievements which add value to the business. Annual General Meeting The AGM will be held at the ofﬁces of FinnCap Ltd, 60 New Broad Street, London, EC2M 1JJ, on 18 June 2014 at 9.30 a.m. The notice convening the meeting is on page 62 together with details of the business to be considered. Auditors In so far as each director is aware: • • there is no relevant audit information of which the Company’s auditors are unaware; and the directors have taken all the steps that they ought to have taken to make themselves aware of any relevant audit information and to establish that the Company’s auditors are aware of that information. A resolution to re-appoint BDO LLP for the ensuing year will be proposed at the AGM. By order of the Board Duncan Swallow Company Secretary 24 March 2014 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 21 Corporate Governance Report As an AIM listed company, Corero is not required to comply with the UK Corporate Governance Code however, the Company has regard to the requirements of the Code and its activities in these areas are described below. The Board Corero recognises its responsibility to provide entrepreneurial and responsible leadership to the Group within a framework of prudent and effective controls (described below) allowing assessment and management of the key issues and risks impacting the business. The Board sets Corero’s overall strategic direction, reviews management performance and ensures that the Group has the necessary ﬁnancial and human resources in place to meet its objectives. The Board is satisﬁed that the necessary controls and resources exist within the Group to enable these responsibilities to be met. Operational management of the Group is delegated to the Chief Executive Ofﬁcer. The Board of Directors comprises the non-executive chairman, two executive directors and two non-executive directors whose Board and Committee responsibilities as at 31 December 2013 are set out below: Jens Montanana Ashley Stephenson Andrew Miller Richard Last Andrew Lloyd Board Chairman Member Member Member Member Audit Remuneration Member Member Chairman Member Chairman The composition of the Board of Directors is reviewed regularly. Appropriate training, brieﬁngs, and induction are available to all directors on appointment and subsequently as necessary, taking into account existing qualiﬁcations and experience. Richard Last and Andrew Lloyd are considered to be independent. Executive directors’ normal retirement age is 60 and non-executive directors’ normal retirement age is 65. One third of all directors are subject to annual reappointment by shareholders as well as any director appointed by the Board in the period since the last AGM. Richard Last and Ashley Stephenson (appointed 6 September 2013) will be offering themselves for re-election at the forthcoming AGM. The Board of Directors meets on average once a quarter and additional meetings are held each year to review and approve the Group’s strategy and ﬁnancial plans for the coming year. Each director is provided with sufﬁcient information to enable them to consider matters in good time for meetings and enable them to discharge their duties properly. All directors have access to the advice and services of the Company Secretary. There is also a procedure in place for any director to take independent professional advice if necessary, at the Company’s expense. The Board also ensures that the principal goal of the Company is to create shareholder value, while having regard to other stakeholder interests and takes responsibility for setting the Company’s values and standards. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 22 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Corporate Governance Report continued The Board continued There is a documented schedule of matters reserved for the Board, the most signiﬁcant of which are: • • • • • • • • • • responsibility of the overall strategy and management of the Group; approval of strategic plans and budgets and any material changes to them; approval of the acquisition or disposal of subsidiaries and major investments, projects and contracts; oversight of the Group’s operations ensuring competent and prudent management, sound planning and management of adequate accounting and other records; changes relating to the Group’s capital structure; ﬁnal approval of the annual and interim ﬁnancial statements and accounting policies; approval of the dividend policy; ensuring an appropriate system of internal control and risk management is in place; approval of changes to the structure, size and composition of the Board; review of the management structure and senior management responsibilities; • with the assistance of the Remuneration Committee, approval of remuneration policies across the Group; • delegation of the Board’s powers and authorities; • • consideration of the independence of the non-executive directors; and receiving reports on the views of the Company’s shareholders. In the year ended 31 December 2013 the Board received monthly brieﬁngs on the Group’s performance (including detailed commentary and analysis), key issues and risks affecting the Group’s business. The Company maintains liability insurance for its directors and ofﬁcers. The Company has also entered into indemnity agreements with the Directors, in terms of which the Company has indemniﬁed its directors, subject to the Companies Act limitations, against any liability arising out of the exercise of the directors’ powers, duties and responsibilities as a director or ofﬁcer. In the year ended 31 December 2013 the Board met on four scheduled occasions; further meetings and conference calls are held as and when necessary. Details of Directors’ attendance at scheduled meetings in the year to 31 December 2013 is shown in the table below. Jens Montanana Ashley Stephenson (appointed 6 September 2013) Andrew Miller Richard Last Andrew Lloyd Board Committees Meetings attended 4/4 2/2 4/4 4/4 4/4 The Company has an Audit Committee and Remuneration Committee, details of which are set out below. Audit Committee The Audit Committee members comprise Richard Last, who is the committee chairman, and Jens Montanana, and meets twice a year. The Group Chief Financial Ofﬁcer and Group Financial Controller, and the Company’s external auditors attend the meetings. The Audit Committee considers the adequacy and effectiveness of the risk management and control systems of the Group. It reviews the scope and results of the external audit, its cost effectiveness and the objectivity of the auditors. It also reviews, prior to publication, the interim ﬁnancial statements, preliminary results announcement, the annual ﬁnancial statements and the other information included in the annual report. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 23 The Audit Committee met twice in the year ended 31 December 2013. The attendance of individual Committee members at Audit Committee meetings in the year to 31 December 2013 is shown in the table below: Richard Last Jens Montanana Remuneration Committee Meetings attended 2/2 2/2 The Remuneration Committee comprises Andrew Lloyd, who is the committee chairman, Jens Montanana and Richard Last. It meets at least twice a year and reviews and advises upon the remuneration and beneﬁts packages of the executive directors. The remuneration of the chairman and non-executive directors is decided upon by the Board of Directors. The Remuneration Committee met twice in the year ended 31 December 2013. The attendance of individual Committee members at Remuneration Committee meetings in the year to 31 December 2013 is shown in the table below: Andrew Lloyd Jens Montanana Richard Last Nominations Committee Meetings attended 2/2 2/2 2/2 Due to the size of the Board of Directors, the directors do not consider there to be any need for a nominations committee. Issues that would normally be dealt with by a nominations committee are handled by the Board of Directors. The Board of Directors will review the need for a nominations committee on a regular basis. Internal controls The directors are responsible for the Group’s system of internal control and for reviewing its effectiveness whilst the role of management is to implement policies on risk management and control. The Group’s system of internal control is designed to manage, rather than eliminate, the risk of failure to achieve the Group’s business objectives and can only provide reasonable, and not absolute, assurance against material misstatement or loss. The Board continually reviews the effectiveness of other internal controls, including ﬁnancial, operational, compliance controls and risk management. There were no speciﬁc reports tabled during the year ended 31 December 2013. The Group operates a risk management process, which is embedded in normal management and governance processes. As part of the annual strategic planning and budgeting process, the Group documents the signiﬁcant risks identiﬁed, the probability of those risks occurring, their potential impact and the plans for managing and mitigating each of those risks. The Group operates a series of controls to meet its needs. These controls include, but are not limited to, the annual strategic planning and budgeting process, a clearly deﬁned organisational structure with authorisation limits, reviews by senior management of monthly ﬁnancial and operating information including comparisons with budgets, monthly treasury and cash ﬂow reports and forecasts to the Board. The Audit Committee receives reports from management and observations from the external auditors concerning the system of internal control and any material control weaknesses. Signiﬁcant risk issues, if any, are referred to the Board of Directors for consideration. The Board of Directors makes an annual assessment of the effectiveness of the Group’s internal control system, including ﬁnancial, operational and compliance controls, before making this statement. The Board of Directors also considers issues included in reports received during the year, how the risks have changed during the year and reviews any reports prepared on internal controls by management and any issues identiﬁed by external auditors. The Board of Directors does not believe it is currently appropriate to establish a separate, independent internal audit function given the size of the Group. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 24 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Corporate Governance Report continued Remuneration report The Remuneration Committee’s principal function is to set remuneration of the Group’s executive directors and management to ensure they are fairly compensated. Basic salaries are set to ensure high quality executive directors and management are attracted and retained by the Group. They reﬂect the knowledge, skill and experience of each individual director. Bonuses are non-pensionable and only payable if the Remuneration Committee assesses the director’s achievements as worthy of the award. The Remuneration Committee is also responsible for ensuring the Group’s share option schemes are operated properly. Details of directors’ share options at 31 December 2013 are disclosed in note 30 of the Financial Statements. Details of directors’ remuneration for the year ended 31 December 2013 is set out in note 27 of the Financial Statements. Jens Montanana has elected to waive the fees payable to him for the ﬁnancial year ended 31 December 2013. Ashley Stephenson, executive director, has a service agreement which provides for the payment of six months’ base salary if the agreement is terminated by the Company without cause. Andrew Miller, executive director, has an employment agreement which is terminable by either party on not less than three months’ written notice increasing by one month at the end of each complete 12 month period of continuous employment provided that the notice period shall not exceed six months in total. The agreement contains provisions for early termination in certain circumstances. None of the Non-executive Directors has a service agreement. Letters of appointment for Jens Montanana, Richard Last and Andrew Lloyd are for 12 month terms and provide that the appointment may be terminated by either party giving to the other not less than three months’ notice. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 25 Statement of Directors' Responsibilities The directors are responsible for preparing the Annual Report and Financial Statements in accordance with applicable law and regulations. Company law requires the directors to prepare ﬁnancial statements for each ﬁnancial year. Under that law the directors have elected to prepare the Group and Company ﬁnancial statements in accordance with International Financial Reporting Standards as adopted by the European Union (IFRSs). Under company law the directors must not approve the ﬁnancial statements unless they give a true and fair view of the state of affairs of the Group and parent company and of the proﬁt or loss of the Group for that period. The directors’ are also required to prepare ﬁnancial statements in accordance with the rules of the London Stock Exchange for companies trading securities on the AIM. In preparing these ﬁnancial statements, the directors are required to: • select suitable accounting policies and then apply them consistently; • make judgements and estimates that are reasonable and prudent; • state whether applicable IFRSs have been followed, subject to any material departures disclosed and explained in the ﬁnancial statements; and • prepare the ﬁnancial statements on the going concern basis unless it is inappropriate to presume that the Group will continue in business. The directors are responsible for keeping adequate accounting records that are sufﬁcient to show and explain the Group’s transactions and disclose with reasonable accuracy at any time the ﬁnancial position of the Group and enable them to ensure that the ﬁnancial statements comply with the Companies Act 2006. They are also responsible for safeguarding the assets of the Group and hence for taking reasonable steps for the prevention and detection of fraud and other irregularities. The directors are responsible for ensuring the annual report and the ﬁnancial statements are made available on a website. Financial statements are published on the Company’s website in accordance with legislation in the United Kingdom governing the preparation and dissemination of ﬁnancial statements, which may vary from legislation in other jurisdictions. The maintenance and integrity of the Company’s website is the responsibility of the directors. The directors’ responsibility also extends to the ongoing integrity of the ﬁnancial statements contained therein. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 26 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Independent Auditor’s Report to the members of Corero Network Security plc We have audited the ﬁnancial statements of Corero Network Security plc for the year ended 31 December 2013 which comprise the consolidated statement of comprehensive income, the consolidated and Company statements of ﬁnancial position, the consolidated and Company statements of cash ﬂows, the consolidated and Company statements of changes in equity and the related notes. The ﬁnancial reporting framework that has been applied in their preparation is applicable law and International Financial Reporting Standards (IFRSs) as adopted by the European Union and, as regards the parent Company ﬁnancial statements, as applied in accordance with the provisions of the Companies Act 2006. This report is made solely to the Company’s members, as a body, in accordance with Chapter 3 of Part 16 of the Companies Act 2006. Our audit work has been undertaken so that we might state to the Company’s members those matters we are required to state to them in an auditor’s report and for no other purpose. To the fullest extent permitted by law, we do not accept or assume responsibility to anyone other than the Company and the Company’s members as a body, for our audit work, for this report, or for the opinions we have formed. Respective responsibilities of directors and auditors As explained more fully in the statement of directors’ responsibilities, the directors are responsible for the preparation of the ﬁnancial statements and for being satisﬁed that they give a true and fair view. Our responsibility is to audit and express an opinion on the ﬁnancial statements in accordance with applicable law and International Standards on Auditing (UK and Ireland). Those standards require us to comply with the Financial Reporting Council’s (FRC’s) Ethical Standards for Auditors. Scope of the audit of the ﬁnancial statements A description of the scope of an audit of ﬁnancial statements is provided on the FRC’s website at www.frc.org.uk/auditscopeukprivate. Opinion on ﬁnancial statements In our opinion: • • • • the ﬁnancial statements give a true and fair view of the state of the Group’s and the parent Company’s affairs as at 31 December 2013 and of the Group’s proﬁt for the year then ended; the Group ﬁnancial statements have been properly prepared in accordance with IFRSs as adopted by the European Union; the parent Company ﬁnancial statements have been properly prepared in accordance with IFRSs as adopted by the European Union and as applied in accordance with the provisions of the Companies Act 2006; and the ﬁnancial statements have been prepared in accordance with the requirements of the Companies Act 2006. Opinion on other matters prescribed by the Companies Act 2006 In our opinion the information given in the strategic report and directors’ report for the ﬁnancial year for which the ﬁnancial statements are prepared is consistent with the ﬁnancial statements. Matters on which we are required to report by exception We have nothing to report in respect of the following matters where the Companies Act 2006 requires us to report to you if, in our opinion: • • • adequate accounting records have not been kept by the parent Company, or returns adequate for our audit have not been received from branches not visited by us; or the parent Company ﬁnancial statements are not in agreement with the accounting records and returns; or certain disclosures of directors’ remuneration speciﬁed by law are not made; or • we have not received all the information and explanations we require for our audit. Gary Hanson (senior statutory auditor) For and on behalf of BDO LLP, statutory auditor London United Kingdom 24 March 2014 BDO LLP is a limited liability partnership registered in England and Wales (with registered number OC305127). Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 27 Consolidated Statement of Comprehensive Income for the year ended 31 December 2013 Revenue Cost of sales Gross proﬁt Operating expenses before highlighted items Depreciation and amortisation of intangible assets Operating expenses Operating loss Finance income Finance costs Loss before taxation Taxation Loss for the year from continuing operations Proﬁt from discontinued operations Proﬁt from sale of discontinued operations Proﬁt/(loss) for the year Other comprehensive income Difference on translation of UK functional currency entities Transfer of translation differences on disposal of foreign subsidiary to disposal account Total comprehensive income/(expense) for the year Total proﬁt/(loss) for the year attributable to: Equity holders of the parent Non-controlling interest Total comprehensive income/(expense) for the year attributable to: Equity holders of the parent Non-controlling interest Total Total comprehensive income/(expense) for the year attributable equity holders of the parent arises from: Continuing operations Discontinued operations Total * restated for disposal of Corero Business Systems Limited. See note 9. Basic and diluted earnings/(loss) per share Basic and diluted loss per share from continuing operations Basic and diluted earnings per share from discontinued operations Basic and diluted earnings/(loss) per share The notes on pages 33 to 61 form part of these ﬁnancial statements. Total 2012* Restated $’000 11,378 (3,407) 7,971 (13,743) (2,399) (16,142) (8,171) 116 (507) (8,562) 371 (8,191) 2,302 – (5,889) 537 – (5,352) (6,055) 166 (5,889) (5,495) 143 (5,352) (7,570) 2,075 (5,495) 2012 Cents (13.4) 3.7 (9.7) O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y Total 2013 $’000 10,268 (3,588) 6,680 (12,911) (2,309) (15,220) (8,540) 44 (388) (8,884) 371 (8,513) 1,436 15,244 8,167 1,016 (1) 9,182 8,054 113 8,167 9,036 146 9,182 (7,499) 16,535 9,036 2013 Cents (9.4) 20.7 11.3 Note 13,14,15 5 6 8 9 9 11 28 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Consolidated Statement of Financial Position as at 31 December 2013 Assets Non-current assets Goodwill Acquired intangible assets Capitalised development expenditure Property, plant and equipment Current assets Inventories Trade and other receivables – due in less than one year Trade and other receivables – due in more than one year Cash and cash equivalents Liabilities Current Liabilities Trade and other payables Borrowings Deferred income Net current assets/(liabilities) Non-current liabilities Borrowings Deferred income Deferred taxation Net assets Total equity attributable to owners of the parent Ordinary share capital Deferred share capital Share premium Share options reserve Translation reserve Retained earnings Non-controlling interest Total equity Note 2013 $’000 2012 $’000 12 13 14 15 17 18 18 19 20 22 20 22 23 25 25 26 17,983 2,635 6,121 1,343 28,082 329 3,483 237 9,775 13,824 (2,171) (256) (3,195) (5,622) 8,202 – (1,423) (825) (2,248) 34,036 1,333 7,051 43,507 293 1,193 (19,341) 34,036 – 34,036 18,811 3,739 4,528 1,241 28,319 622 4,442 1,123 4,861 11,048 (3,972) (182) (7,592) (11,746) (698) (5,984) (1,146) (1,196) (8,326) 19,295 925 7,051 38,046 268 211 (27,395) 19,106 189 19,295 These ﬁnancial statements were approved by the Board of Directors on 24 March 2014 and signed on their behalf. Andrew Miller Director The notes on pages 33 to(cid:3)(cid:29)1 form part of these ﬁnancial statements. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 29 Company Statement of Financial Position as at 31 December 2013 Assets Non-current assets Investments in subsidiaries Current assets Trade and other receivables – due in more than one year Cash and cash equivalents Liabilities Current Liabilities Trade and other payables Net current assets Net assets Equity Ordinary share capital Deferred share capital Share premium Share options reserve Translation reserve Retained earnings Total equity Note 2013 $’000 2012 $’000 16 18 19 25 25 26 36,930 36,930 10,201 9,626 19,827 (229) 19,598 56,528 1,333 7,051 43,507 293 3,259 1,085 56,528 26,720 26,720 8,407 2,971 11,378 – 11,378 38,098 925 7,051 38,046 268 1,171 (9,363) 38,098 These ﬁnancial statements were approved by the Board of Directors on 24 March 2014 and signed on their behalf. Andrew Miller Director The notes on pages 33 to(cid:3)(cid:29)1 form part of these ﬁnancial statements. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 30 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Statements of Cash Flows for the year ended 31 December 2013 Group Company Cash ﬂows from operating activities Note 13 14 15 8 30 9 13 14 15 Proﬁt/(loss) for the year Adjustments for: Amortisation of acquired intangible assets Amortisation of capitalised development expenditure Depreciation Finance income Finance expense Taxation Share-based payment charge Proﬁt on disposal of subsidiary Increase in provisions Decrease/(increase) in inventories (Increase)/decrease in trade and other receivables (Decrease)/increase in payables Net cash from operating activities Cash ﬂows from investing activities Acquisition of subsidiaries, net of cash acquired Purchase of intangible assets Capitalised development expenditure Purchase of property, plant and equipment Sale proceeds from disposal of subsidiary less costs Repayments from subsidiaries Payments made to subsidiaries Net cash used in investing activities Cash ﬂows from ﬁnancing activities Net proceeds from issue of ordinary share capital Term loan received Finance income Finance expense Repayment of term loans Capital element of ﬁnance lease repayments Receipt/(repayment) of credit facility Net cash from ﬁnancing activities Effects of exchange rates on cash and cash equivalents Net increase/(decrease) in cash and cash equivalents Cash and cash equivalents at 1 January Cash and cash equivalents at 31 December The notes on pages 33 to 61 form part of these ﬁnancial statements. 2013 $’000 10,448 – – – 2012 $’000 430 – – – (382) (443) 2013 $’000 8,167 1,202 511 822 (48) 408 (371) 25 (15,244) – 293 (2,863) (406) (7,504) – (107) (4,202) (1,148) 17,225 – – 2012 $’000 (5,889) 1,157 1,044 566 (119) 507 (371) 9 – – (233) – (1,802) (5,131) – (237) (3,174) (802) – – – 11,768 (4,213) – – 25 (10,816) 725 – 10 69 79 – – – – 16,328 1,966 (18,558) (264) 5,869 1,897 48 (39) (8,432) (23) 256 (424) 1,074 4,914 4,861 9,775 6,989 5,869 250 119 (64) (121) (27) (189) – 43 – – – – 6,957 5,912 6,984 568 (1,819) 6,680 4,861 928 6,655 2,971 9,626 209 (1,743) 4,714 2,971 - – 9 – – – – 40 36 10 – – – – 792 (9,774) (8,972) 6,868 – 116 – – – – Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 31 Consolidated Statement of Changes in Equity for the year ended 31 December 2013 1 January 2012 Loss for the year Other comprehensive income Total comprehensive expense for the year Contributions by and distributions to owners Share-based payments Issue of share capital Shares to be issued Dilution of ownership of subsidiary Total contributions by and distributions to owners 31 December 2012 Proﬁt for the year Other comprehensive income Disposal of non-controlling interest share of translation reserve Total comprehensive income for the year Contributions by and distributions to owners Share-based payments Issue of share capital Disposal of non-controlling interest in non-wholly owned subsidiary Total contributions by and distributions to owners 31 December 2013 Share capital $’000 7,803 – – – – 173 – – 173 7,976 – – – – – 408 – 408 8,384 Shares to be issued $’000 Share premium account $’000 Share options reserve $’000 Translation reserve $’000 Retained earnings $’000 Total attributable to equity holders of the parent $’000 Non- controlling interest $’000 Total equity $’000 124 – – – – – (124) – (124) – – – – – – – – – – 31,228 – – – – 6,818 – – 6,818 38,046 – – – – – 5,461 – 5,461 43,507 259 – – – 9 – – – 9 268 – – – – 25 – – 25 293 (349) – 560 (21,340) (6,055) – 17,725 (6,055) 560 36 17,761 166 (5,889) 537 (23) 560 (6,055) (5,495) 143 (5,352) – – – – – – – – 9 6,991 (124) – – – 9 6,991 (124) – 10 10 – 211 – 1,015 – (27,395) 8,054 – 6,876 19,106 8,054 1,015 10 6,886 189 19,295 8,167 113 1,015 – (33) – (33) 33 – 982 8,054 9,036 146 9,182 – – – – – – 25 5,869 – – 25 5,869 – (335) (335) – 1,193 – (19,341) 5,894 34,036 (335) 5,559 – 34,036 The share capital comprises the nominal values of all shares issued. The share premium account comprises the amounts subscribed for share capital in excess of the nominal value. The share options reserve represents the cost to the Group of share options. The translation reserve arises on retranslating the net assets of UK operations into US dollars. The retained earnings are all other net gains and losses and transactions with owners not recognised elsewhere. The notes on pages 33 to 61 form part of these ﬁnancial statements. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 32 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Company Statement of Changes in Equity for the year ended 31 December 2013 1 January 2012 Proﬁt for the year Other comprehensive income Total comprehensive income for the year Contributions by and distributions to owners Share-based payments Issue of share capital Shares to be issued Total contributions by and distributions to owners 31 December 2012 Proﬁt for the year Other comprehensive income Total comprehensive income for the year Contributions by and distributions to owners Share-based payments Issue of share capital Total contributions by and distributions to owners 31 December 2013 Share capital $’000 Shares to be issued $’000 Share premium account $’000 Share options reserve $’000 Translation reserve $’000 Retained earnings $’000 Total equity $’000 7,803 124 31,228 259 (525) (9,793) 29,096 – – – – 173 – 173 7,976 – – – – 408 408 8,384 – – – – – (124) (124) – – – – – – – – – – – – 6,818 – 6,818 38,046 – – – – 5,461 5,461 – – – 9 – – 9 – 1,696 1,696 – – – – 430 – 430 – – – – 430 1,696 2,126 9 6,991 (124) 6,876 268 1,171 (9,363) 38,098 – – – 25 – 25 – 10,448 10,448 2,088 2,088 – 2,088 10,448 12,536 – – – – – – 25 5,869 5,894 43,507 293 3,259 1,085 56,528 The notes on pages 33 to 61 form part of these ﬁnancial statements. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 33 Notes to the Financial Statements 1. General information Presentation currency These consolidated ﬁnancial statements are presented in US Dollars (“$”) which represents the presentation currency of the Group. The average $-GBP sterling (“GBP”) exchange rate, used for the conversion of the statement of comprehensive income, for the 12 months ended 31 December 2013 was 1.57 (2012: 1.59). The closing $-GBP exchange rate, used for the conversion of the Group’s assets and liabilities, at 31 December 2013 was 1.66 (2012: 1.63). Corero Network Security plc is a public limited company incorporated in the United Kingdom under the Companies Act 2006. 2. Signiﬁcant accounting policies 2.1 Basis of preparation The Group and parent Company ﬁnancial statements have been prepared in accordance with EU endorsed International Financial Reporting Standards (IFRS), International Financial Reporting Interpretations Committee (IFRIC) interpretations and those parts of the Companies Act 2006 applicable to companies reporting under IFRS. 2.2 Going Concern The ﬁnancial statements have been prepared on a going concern basis. The directors have prepared detailed income statement, balance sheet and cash ﬂow projections for the period to 31 December 2015. The cash ﬂow projections have been subjected to sensitivity analysis at the revenue, cost and combined revenue and cost levels. The cash ﬂow projections show that the Group will maintain a positive cash balance until at least 31 December 2015. As a result, the directors are of the opinion that the Group has adequate working capital to continue as a going concern for the foreseeable future and, in particular, for a period of at least 12 months from the date of approval of these ﬁnancial statements. 2.3 Basis of consolidation The consolidated ﬁnancial statements incorporate the results, assets, liabilities and cash ﬂows of the Company and each of its subsidiaries for the ﬁnancial year ended 31 December 2013. Subsidiaries are entities controlled by the Group. Control is deemed to exist when the Group has the power, directly or indirectly, to govern the ﬁnancial and operating policies of an entity so as to obtain beneﬁts from its activities. The results, assets, liabilities and cash ﬂows of subsidiaries are included in the consolidated ﬁnancial statements from the date control commences until the date that control ceases. The results of operations disposed during the year are included in the consolidated statement of comprehensive income up to the date of disposal. A discontinued operation is a component of the Group’s business that represents a separate major line of business that has been disposed of. Discontinued operations are presented in the consolidated statement of comprehensive income as single lines which comprise the post-tax proﬁt or loss of the discontinued operation up to the date of sale along with the post-tax gain or loss on the disposal of the assets less costs to sell of discontinued operations. Where necessary, adjustments are made to the ﬁnancial statements of subsidiaries to bring the accounting policies used into line with those used by the Group. Intra-group balances and transactions are eliminated on consolidation. 2.4 Business combinations The acquisition method is used to account for all acquisitions. The cost of an acquisition is measured at the fair values, on the date of exchange, of assets given, liabilities incurred or assumed, and equity instruments issued. At the date of acquisition, the identiﬁable assets and liabilities and contingent liabilities of a subsidiary are measured at their fair values. Any excess of the cost of acquisition over the fair values of the identiﬁable net assets acquired is recognised as goodwill. Non-controlling interests are initially recognized at their fair value. The total comprehensive income of non-wholly owned subsidiaries is attributed to owners of the parent and to the non-controlling interests in proportion to their relative ownership interests. 2.5 Revenue Revenue is measured at the fair value of the consideration received or receivable and represents the amounts receivable for services provided in the normal course of business, net of all related discounts and sales tax. The Group has adopted the following policy in respect of revenue recognition: 1. Hardware and Software Products When a sales arrangement contains multiple elements, such as hardware and software products, licenses and/or services, the Group allocates revenue to each element based on a selling price hierarchy, having evaluated each deliverable in an arrangement to determine whether they represent separate units of accounting. A deliverable constitutes a separate unit of accounting when it has standalone value. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 34 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Notes to the Financial Statements continued The selling price for a deliverable is based on its vendor speciﬁc objective evidence (“VSOE”) if available, third party evidence (“TPE”) if VSOE is not available, or best estimated selling price (“BESP”) if neither VSOE nor TPE is available. In multiple element arrangements where more-than- incidental software deliverables are included, revenue is allocated to each separate unit, accounting for each of the non-software deliverables and to the software deliverables as a group using the relative selling prices of each of the deliverables in the arrangement based on the aforementioned selling price hierarchy. The Group establishes the VSOE of selling price using the price charged for a deliverable when sold separately. The TPE of selling price is established by evaluating similar and interchangeable competitor products or services in standalone sales to similarly situated customers. The best estimate of selling price is established considering both internal and external factors such as pricing practices, customer pricing strategies, margin objectives, market conditions, competitor pricing strategies, and industry technology lifecycles. 2. Consulting and Professional Services Revenue from the provision of consultancy and professional services is recognised as the work is performed. 3. Maintenance and Support Services Revenue is recognised on a straight line basis over the life of the agreement. 2.6 Cost of sales Cost of sales includes all direct costs associated with revenue generation, including services delivery, support costs and amounts charged by external third parties for services and goods directly related to revenue. Examples of such costs would include, but not be limited to, external consultants and third party hardware and software costs. 2.7 Foreign currencies Transactions in foreign currencies are translated at the exchange rate ruling at the date of each transaction. Foreign currency monetary assets and liabilities are retranslated using the exchange rates at the reporting date. Gains and losses arising from changes in exchange rates after the date of the transaction are recognised in proﬁt or loss in the Statement of Comprehensive Income. Non-monetary assets and liabilities that are measured in terms of historical cost in a foreign currency are translated at the exchange rate at the date of the original transaction. In the consolidated ﬁnancial statements, the net assets of the Group’s UK operations are translated into US dollars at the exchange rate at the reporting date. Income and expense items are translated into US dollars at the average exchange rates for the period. The resulting exchange differences are recognised in the translation reserve. Such translation differences are recognised in proﬁt or loss on the disposal of the UK operation. 2.8 Intangible assets Internally generated intangible assets The Group’s internally generated intangible asset relates to its development expenditure. Development expenditure is capitalised only when it is probable that future economic beneﬁt will result from the project and the following criteria are met: • The technical feasibility of the product has been ascertained; • Adequate, technical, ﬁnancial • and other resources are available to complete and sell or use the intangible asset; The Group can demonstrate how the intangible asset will generate future economic beneﬁts and the ability to use or sell the intangible asset can be demonstrated; • • It is the intention of management to complete the intangible asset and use it or sell it; and The development costs can be measured reliably. Expenditure not meeting these criteria is expensed in the Statement of Comprehensive Income. After initial recognition, internally generated intangible assets are carried at cost less accumulated amortisation and any impairment losses. Acquired intangible assets Purchased computer software is carried at cost less accumulated amortisation and any impairment losses. Customer contracts and the related customer relationships are carried at cost less accumulated amortisation and any impairment losses. Identiﬁable intangible assets acquired as part of a business combination are initially recognised separately from goodwill, irrespective of whether the assets have been recognised by the acquiree before the business combination. An intangible asset is considered identiﬁable only if it is separable or if it arises from contractual or other legal rights, regardless of whether those rights are transferable or separable from the entity or from other rights and obligations. Intangible assets acquired as part of a business combination and recognised by the Group are computer software, customer contracts and the related customer relationships. After initial recognition, assets acquired as part of a business combination are carried at cost less accumulated amortisation and any impairment losses. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 35 Amortisation Intangible assets are amortised on a straight line basis, to reduce their carrying value to zero over their estimated useful lives. The following useful lives were applied during the year: • Computer software acquired – 3 or 5 years straight line • Customer contracts and the related customer relationships – 7 years straight line • Capitalised development expenditure – 5 years straight line Amortisation costs are included within operating expenses in the Statement of Comprehensive Income. Methods of amortisation and useful lives are reviewed, and if necessary adjusted, at each reporting date. 2.9 Property, plant and equipment Property, plant and equipment is stated at cost less accumulated depreciation and any impairment losses. Cost comprises the purchase cost of property, plant and equipment together with any directly attributable costs. Subsequent costs are included in an asset’s carrying value or are recognised as a separate asset when it is probable that future economic beneﬁts associated with the additional expenditure will ﬂow to the Group and the cost of the item can be measured reliably. All other costs are charged to the Statement of Comprehensive Income as incurred. Depreciation commences when an asset is available for use. Depreciation is calculated so as to write off the cost or value of an asset, net of anticipated disposal proceeds, over the useful life of that asset as follows: • Leasehold improvements – Period of the lease straight line • Computer equipment – 2 to 4 years straight line • Fixtures and ﬁttings – 2 to 5 years straight line • Ofﬁce equipment – 3 to 5 years straight line Methods of depreciation, residual values and useful lives are reviewed, and if necessary adjusted, at each balance sheet date. The gain or loss arising from the disposal or retirement of an item of property, plant and equipment is determined as the difference between the net disposal proceeds and the carrying amount of the item, and is included in the Statement of Comprehensive Income. 2.10 Inventory Inventory is stated at the lower of cost or net realisable value. Cost is computed using standard cost, which approximates actual cost, on a ﬁrst-in, ﬁrst-out basis. Rapid technological change and new product introductions and enhancements could result in excess or obsolete inventory. To minimise this risk, the Group evaluates inventory levels and expected usage on a periodic basis and records valuation allowances as required. 2.11 Impairment At each reporting date, the Group assesses whether there is any indication that its assets have been impaired. If any such indication exists, the recoverable amount of the asset is estimated in order to determine the extent of any impairment. If it is not possible to estimate the recoverable amount of the individual asset, the recoverable amount of the cash-generating unit to which the asset belongs is determined. The recoverable amount of an asset or a cash-generating unit is the higher of its fair value less costs to sell and its value in use. The value in use is the present value of the future cash ﬂows expected to be derived from an asset or cash-generating unit. This present value is discounted using a pre-tax rate that reﬂects current market assessments of the time value of money and of the risks speciﬁc to the asset for which future cash ﬂow estimates have not been adjusted. If the recoverable amount of an asset is less than its carrying amount, the carrying amount of the asset is reduced to its recoverable amount. That reduction is recognised as an impairment loss. An impairment loss relating to assets carried at cost less any accumulated depreciation or amortisation is recognised immediately in the Statement of Comprehensive Income. Goodwill acquired in a business combination is, from the acquisition date, allocated to each of the cash-generating units or groups of cash-generating units that are expected to beneﬁt from the synergies of the combination. Goodwill is tested for impairment at least annually, and whenever there is an indication that the asset may be impaired. An impairment loss is recognised for cash-generating units if the recoverable amount of the unit is less than the carrying amount of the unit. The impairment loss is allocated to reduce the carrying amount of the assets of the unit by ﬁrst reducing the carrying amount of any goodwill allocated to the cash-generating unit, and then reducing the carrying amounts of the other assets of the unit pro rata. If an impairment loss subsequently reverses, the carrying amount of the asset is increased to the revised estimate of its recoverable amount but limited to the carrying amount that would have been determined had no impairment loss been recognised in prior years. A reversal of an impairment loss is recognised in the Statement of Comprehensive Income. Impairment losses on goodwill are not subsequently reversed. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 36 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Notes to the Financial Statements continued 2.12 Leases Where substantially all of the risks and rewards incidental to ownership of a leased asset are transferred to the Company (a “ﬁnance lease”), the asset is treated as if it had been purchased outright. The amount initially recognised as an asset is the lower of the fair value of the leased property and the present value of the minimum lease payments payable over the term of the lease. The corresponding lease commitment is shown as a liability. Lease payments are analysed between capital and interest. The interest element is charged to the Statement of Comprehensive Income over the period of the lease and is calculated so that it represents a constant proportion of the lease liability. The capital element reduces the balance owed to the lessor. Where substantially all of the risks and rewards incidental to ownership are not transferred to the Company (an “operating lease”), the total rentals payable under the lease are charged to the Statement of Comprehensive Income on a straight-line basis over the lease term. The aggregate beneﬁt of lease incentives is recognised as a reduction of the rental expense over the lease term on a straight-line basis. 2.13 Investments in subsidiaries In the Company’s separate financial statements, investments in subsidiaries are carried at cost less any impairment provisions. 2.14 Taxation The tax expense represents the sum of current tax and deferred tax. Current tax Current tax is based on taxable proﬁt for the year and is calculated using tax rates enacted or substantively enacted at the reporting date. Taxable proﬁt differs from accounting proﬁt either because items are taxable or deductible in periods different to those in which they are recognised in the ﬁnancial statements, or because they are never taxable or deductible. Deferred tax Deferred tax on temporary differences at the reporting date between the tax bases of assets and liabilities and their carrying amounts for ﬁnancial reporting purposes is accounted for using the balance sheet liability method. Using the balance sheet liability method, deferred tax liabilities are recognised in full for all taxable temporary differences and deferred tax assets are recognised to the extent that it is probable that taxable proﬁts will be available against which deductible temporary differences can be utilised. However, if the temporary difference arises from the initial recognition of goodwill or the initial recognition of an asset or liability in a transaction other than a business combination, that at the time of the transaction affects neither accounting nor taxable proﬁt, it is not recognised as deferred tax asset or liability. Deferred taxation is measured at the tax rates that are expected to apply when the asset is realised, or the liability settled, based on tax rates and laws enacted or substantively enacted at the reporting date. 2.15 Provisions A provision is recognised when, as a result of a past event, the Group has a legal or constructive obligation, it is probable that an outﬂow of resources embodying economic beneﬁts will be required to settle the obligation and a reliable estimate of the amount of such an obligation can be made. Provisions are measured at the best estimate of the expenditure required to settle the obligation at the reporting date. When the effect is material, the expected future cash ﬂows required to settle the obligation are discounted at the pre-tax rate that reﬂects the current market assessments of the time value of money and the risks speciﬁc to the obligation. 2.16 Post-retirement beneﬁts The Group makes contributions in respect of certain employees to deﬁned contribution pension plans under which it is required to pay ﬁxed contributions to group and personal pension funds. Contributions to the schemes are based on a proportion of the employees’ earnings and are charged to the Statement of Comprehensive Income when incurred. The Group has no obligation beyond these contributions. 2.17 Financial instruments The Group classiﬁes ﬁnancial instruments, or their component parts, on initial recognition as a ﬁnancial asset, a ﬁnancial liability or an equity instrument in accordance with the substance of the contractual arrangement. Financial assets and ﬁnancial liabilities are recognised in the Group’s statement of ﬁnancial position when the Group becomes party to the contractual provisions of the instrument. The particular recognition and measurement methods adopted for the Group’s ﬁnancial instruments are disclosed below: Trade and other receivables Trade and other receivables are stated at their fair value at time of initial recognition, reﬂecting where material the time value of money. A provision for impairment of trade receivables is established when there is evidence that the Group will not be able to collect all amounts due according to the original terms of these receivables. The amount of the provision is the difference between the carrying value and the present value of estimated future cash ﬂows, discounted at the original effective interest rate. Cash and cash equivalents Cash and cash equivalents include cash in hand, deposits on call with banks. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 37 Trade and other payables Trade and other payables are not interest bearing and are stated at their fair value at time of initial recognition. Thereafter they are accounted for at amortised cost. 2.18 Equity instruments An equity instrument is any contract that evidences a residual interest in the assets of the Company after deducting all its liabilities. Equity instruments issued by the Company are recorded at the proceeds received, net of directly attributable issue costs. 2.19 Employee share option schemes The Group operates an equity-settled share-based compensation plan. The fair value of the employees’ services received in exchange for the grant of share options is measured at grant date and recognised as an expense on a straight line basis over the vesting period, based on the Group’s estimate of shares that will eventually vest. Fair value is determined by reference to the Black-Scholes option pricing model. At each reporting date, the Group revises its estimate of the number of options that are expected to become exercisable. When share options are exercised, the proceeds received, net of any transaction costs, are credited to share capital (nominal value) and share premium. 2.20 Receivables-backed working capital facility The Group makes use of a receivables- backed working capital facility. Trade receivables are recognised as the Group retains the signiﬁcant risks and beneﬁts. The related funding is shown as a ﬁnancial liability and accounted for on an amortised cost basis. 2.21 Standards and Interpretations not yet effective There are no standards and interpretations that are issued but not yet effective at the date of authorisation of these ﬁnancial statements that the Group reasonably expects will have an impact on disclosures, ﬁnancial position or performance when applied at a future date. 3. Critical accounting judgements and key sources of estimation uncertainty 3.1 Critical judgements in applying the Group’s accounting policies In the process of applying the Group accounting policies, the following judgements have had a signiﬁcant effect on the amounts recognised in the ﬁnancial statements: Internally generated research and development costs Management monitors progress of internal research and development projects. Judgement is required in distinguishing the research phase from the development phase. Development costs are recognised as an asset when all criteria are met, whereas research costs are expensed as incurred. Management monitors whether the recognition requirements for development costs continue to be met. This is necessary as the economic success of any product development is uncertain. 3.2 Key accounting estimates and assumptions Key assumptions concerning the future and other key sources of estimation uncertainty that have a signiﬁcant risk of causing a material adjustment to the carrying amounts of assets and liabilities within the next ﬁnancial year are as follows: Impairment of intangible assets and property, plant and equipment The Group tests goodwill at least annually for impairment, and whenever there is an indication that the asset may be impaired. All other intangible assets and property, plant and equipment are tested for impairment when indicators of impairment exist. Impairment is determined with reference to the higher of fair value less costs to sell and value in use. Value in use is estimated using discounted future cash ﬂows. Signiﬁcant assumptions are made in estimating future cash ﬂows about future events including future market conditions, future growth rates and appropriate discount rates. Changes in these assumptions could affect the outcome of impairment reviews. Details of the main assumptions used in the assessment of the carrying value of the Group’s cash generating unit is set out in note 12. Impairment of investments and intercompany balances (applies to the Company Financial Statements only) The directors have reviewed the carrying value of the intercompany balances and cost of investments in subsidiaries of the Company with reference to current and future trading conditions. The investment and intercompany balances between the Company and Corero Network Security, Inc. and Corero Network Security (UK) Limited have been reviewed with reference to a valuation based on a discounted free cash ﬂow which the directors consider to be an appropriate valuation methodology, in conjunction with the goodwill impairment review. Going Concern The directors have reviewed the future proﬁt and cash ﬂow projections in conjunction with the current economic climate in order to express an opinion on the adequacy of working capital and the ability to continue as a going concern for the foreseeable future. The methodology and uncertainties contained in the projections are detailed in the note 2.2. 4. Segment reporting Business segments Subsequent to the sale of the Corero Business Systems division the Group is managed according to one business unit; Corero Network Security which makes up the Group’s reportable operating segment. This business unit forms the basis on which the Group reports its primary segment information to the Board, which management consider to be the Chief Operating Decision maker for the purposes of IFRS 8 Operating Segments. The loss before taxation for the year was $8.9 million (2012: $8.6 million). Included in the loss were the central costs of $1.1 million (2012: $1.2 million) which comprise mainly central and parent Company overheads relating to the Group management, the ﬁnance function and regulatory requirements. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 38 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Notes to the Financial Statements continued Reportable Operating Segments Continuing operations Discontinued operations Total 2013 $’000 17,983 2,635 6,121 1,343 28,082 329 3,720 9,775 13,824 (2,171) (256) (3,195) (5,622) 8,202 – (1,423) (825) (2,248) 34,036 2012 $’000 17,983 3,734 2,662 1,095 25,474 622 2,482 3,754 6,858 (2,185) (182) (4,057) (6,424) 434 (5,984) (1,146) (1,196) (8,326) 17,582 2013 $’000 – – – – – – – – – – – – – – – – – – – 2012 $’000 828 5 1,866 146 2,845 – 3,083 1,107 4,190 (1,787) – (3,535) (5,322) (1,132) – – – – 1,713 2013 $’000 17,983 2,635 6,121 1,343 28,082 329 3,720 9,775 13,824 (2,171) (256) (3,195) (5,622) 8,202 – (1,423) (825) (2,248) 34,036 2012 $’000 18,811 3,739 4,528 1,241 28,319 622 5,565 4,861 11,048 (3,972) (182) (7,592) (11,746) (698) (5,984) (1,146) (1,196) (8,326) 19,295 Non-current assets Goodwill Acquired intangible assets Capitalised development expenditure Property, plant & equipment Current assets Inventories Trade and other receivables Cash and cash equivalents Current liabilities Trade and other payables Borrowings Deferred income Net current assets/(liabilities) Non-current liabilities Borrowings Deferred income Deferred taxation Net assets The Group’s revenues from external customers and its non-current assets are divided into the following geographical areas: Continuing operations Geographical area North America EMEA APAC Other countries Total 2013 $’000 Revenue 5,998 2,972 802 496 2013 $’000 Non-current assets 28,082 – – – 10,268 28,082 2012 $’000 Revenue 5,736 4,100 1,389 153 11,378 2012 $’000 Non-current assets 25,474 – – – 25,474 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 39 EMEA revenue analysis UK Europe Other Total 2013 $’000 1,882 656 434 2,972 2012 $’000 2,152 1,739 209 4,100 Revenues for external customers are identiﬁed on the basis of invoicing systems and adjusted to take into account the difference between invoiced amounts and deferred revenue adjustments required by IAS. The revenue is analysed as follows for each revenue category: Hardware and licence revenue Maintenance and support services revenue Total Discontinued operations Geographical area EMEA – UK Total 2013 $’000 4,409 5,859 10,268 2012 $’000 4,429 6,949 11,378 2013 $’000 Revenue 5,630 5,630 2013 $’000 Non-current assets – – 2012 $’000 Revenue 9,187 9,187 2012 $’000 Non-current assets 2,845 2,845 Revenues from external customers have been identiﬁed on the basis of invoicing systems. The revenue is analysed as follows for each revenue category: Licence revenue Professional services and support revenue Total 5. Finance income Interest on bank deposits 2013 $’000 2,154 3,476 5,630 2013 $’000 44 2012 $’000 3,207 5,980 9,187 2012 $’000 116 O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 40 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Notes to the Financial Statements continued 6. Finance costs 8% Loan note interest payable Bank interest payable (accounts receivable ﬁnancing facility and term loan) Finance interest Other 7. Loss for the year The following items have been included in arriving at the loss for the year before taxation Amortisation of acquired intangible assets (note 13) Amortisation of capitalised development (note 14) Depreciation of property, plant and equipment (note 15) Research and development cost Operating lease rentals payable Amortisation of acquired intangible assets (note 13) Amortisation of capitalised development (note 14) Impairment of capitalised development (note 14) Depreciation of property, plant and equipment (note 15) Research and development cost Operating lease rentals payable Auditor’s remuneration Remuneration received by the Company’s auditor or an associate of the Company’s auditor for the audit of these Financial Statements The audit of the accounts of other group companies Fees payable to the Company’s auditor for corporate ﬁnance services Fees payable to the Company’s auditor for taxation compliance services Fees payable to the Company’s auditor for taxation advisory services 2013 $’000 370 15 3 – 388 Continuing 2013 $’000 Discontinued 2013 $’000 1,200 337 772 3,795 343 2 174 50 407 71 Continuing 2012 $’000 Discontinued 2012 $’000 1,154 366 382 497 2,413 321 3 296 – 69 562 120 2013 $’000 25 75 10 39 9 158 2012 $’000 443 51 6 7 507 Total 2013 $’000 1,202 511 822 4,202 414 Total 2012 $’000 1,157 662 382 566 2,975 441 2012 $’000 33 73 5 24 25 160 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 41 8. Tax on loss on ordinary activities Deferred tax credit for the year The tax assessed on the loss on ordinary activities for the year differs from the weighted average UK corporate rate of tax of 23.25% (2012: 24.5%). The differences are reconciled below: Total tax reconciliation Proﬁt/(loss) before taxation Theoretical tax charge/(credit) at UK Corporation tax rate 23.25% (2012: 24.5%) Effect of: – expenditure that is not tax deductible – R&D tax credits – accelerated capital allowances – other timing differences – relief for losses brought forward – losses not utilised – income not taxable – deferred tax credit Actual taxation credit Factors Affecting Future Tax Charges 2013 $’000 371 2012 $’000 371 7,795 1,812 (6,260) (1,534) 220 (594) (21) 2 (149) 2,274 (3,544) 371 371 198 (934) (10) 1 (268) 2,547 – 371 371 As at 31 December 2013, the Group’s cumulative ﬁxed asset timing differences were $17,000 (2012: $24,000) and no deferred tax asset has been recognised in respect of these items. In addition, the tax losses at that date amounted to $41.8 million (2012: $37.7 million). This comprised UK tax losses of $6.8 million and US tax losses of $35.0 million. $2.1 million of the tax losses relates to US capitalised R&D deductions which will be available at an accelerated level for 3 years. $9.0 million of the tax losses relate to pre-acquisition US tax losses which can be offset against taxable proﬁts over 18 years (there is a limit on the utilisation of pre-acquisition tax losses of $0.7 million per annum and any unused loss may be carried forward to subsequent periods). All other US tax losses will expire in 20 years from the end of the accounting period in which the loss arose. The deferred tax asset of $1.4 million (2012: $1.9 million) at a rate 20% relating to the UK tax losses (after offsetting the deferred tax liability of $nil (2012: $0.4 million) relating to capitalised research and development expenditure) and the deferred tax asset of $12.3 million (2012: $9.7 million) at a rate of 35% relating to the US tax losses have not been recognised due to uncertainties as to the extent and timing of their future recovery. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 42 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Notes to the Financial Statements continued 9. Discontinued operations The Company’s interest in CBS was sold on 1 August 2013. The net cash consideration was $16.5 million, after the repayment of the CBS debt of $1.8 million. The Company had a legal and beneﬁcial holding of 92% of the issued share capital of CBS, with the remainder held by management employees of CBS. Results from discontinued operations up to the date of disposal: Revenue Cost of sales Gross proﬁt Operating expenses before highlighted items Depreciation and amortisation of intangible assets Operating expenses Operating proﬁt Finance income Finance interest Proﬁt before taxation Taxation Proﬁt for the year The proﬁt on the disposal of discontinued operations was determined as follows: Disposal proceeds Redemption of term loan Net assets disposed of Goodwill Capitalised development expenditure Property, plant and equipment Trade and other receivables Cash and cash equivalents Trade and other payables Deferred income Cumulative translation reserve Non-controlling interest Legal and professional fees Bonuses and beneﬁts Indemnity provision Proﬁt on sale Total 2013 $’000 5,630 (1,060) 4,570 (2,891) (227) (3,118) 1,452 4 (20) 1,436 – 1,436 $’000 (771) (1,980) (217) (4,342) (860) 1,817 3,592 (1) 335 (184) (186) (209) Total 2012 $’000 9,187 (1,945) 7,242 (4,575) (368) (4,943) 2,299 3 – 2,302 – 2,302 $’000 16,471 1,779 (2,427) (579) 15,244 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 43 The statement of cash ﬂows includes the following amounts relating to discontinued operations: Operating activities Investing activities Financing activities Net cash from discontinued operations 2013 $’000 (1,420) (538) 1,762 (196) 2012 $’000 1,135 (883) 3 255 10. Proﬁt of the parent Company for the ﬁnancial year The Company has taken advantage of section 408 of the Companies Act 2006 and has not included an income statement in these ﬁnancial statements. The parent Company’s proﬁt for the year was $10,448,000 (2012: $430,000). 11. Earnings per share Earnings/(loss) per share is calculated by dividing the earnings attributable to ordinary shareholders of the Company by the weighted average number of ordinary shares in issue during the year. At the reporting dates there were no potentially dilutive ordinary shares. Therefore the diluted earnings/(loss) per share is equal to the earnings/(loss) per share. Loss per share from continuing operations Earnings per share from discontinued operations Basic and diluted earnings/(loss) per share 2013 weighted average number of 1p shares Thousand 79,794 79,794 79,794 2013 (loss)/ earnings per share Cents (9.40) 20.72 11.32 2013 proﬁt $’000 (7,499) 16,535 9,036 2012 weighted average number of 1p shares Thousand 56,426 56,426 56,426 2012 (loss)/ earnings per share Cents (13.42) 3.68 (9.74) 2012 loss $’000 (7,570) 2,075 (5,495) O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 44 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Notes to the Financial Statements continued 12. Goodwill Group Cost At 1 January 2012 Foreign currency translation At 31 December 2012 Foreign currency translation Disposal on sale of CBS At 31 December 2013 Impairment At 1 January 2012 At 31 December 2012 At 31 December 2013 Carrying amount At 31 December 2013 At 31 December 2012 At 1 January 2012 $’000 18,772 39 18,811 (57) (771) 17,983 – – – 17,983 18,811 18,772 Goodwill is tested at least annually for impairment and whenever there are indications that goodwill might be impaired. Goodwill is allocated to the Group’s cash-generating unit (CGU) which at 31 December 2013 comprised Corero Network Security (“CNS”). As at 31 December the carrying amount of goodwill allocated to this CGU is: CNS Discontinued operations Total 2013 $’000 17,983 – 17,983 Total 2012 $’000 17,983 828 18,811 The recoverable amount for the CNS CGU was determined based on a discounted cash ﬂow calculation using cash ﬂow projections over a 10 year period (2012: 10 year period). The key assumptions for the discounted cash ﬂow calculation are those regarding revenue growth and discount rates as summarised in the table below and commented on below: Forecast cash ﬂow period Extrapolated cash ﬂow period Cumulative annual growth rate (CAGR) for revenue used for the forecast/extrapolated period Revenue growth rates used beyond the extrapolated period Discount rate Discount rate required for recoverable amount to equal carrying amount Percentage reduction in forecast revenue for recoverable amount to equal carrying amount 2013 2012 Years 1–2 Years 1–2 Years 3–10 Years 3–10 14.1% 1.5% 15.5% 19.4% 9.5% 12.4% 1.5% 11.2% 13.0%* 4.8%* Amount by which the CGU’s recoverable amount exceeds its carrying amount $13.1 million $8.6 million* * the 2012 valuation model has been reﬁned to be on a consistent basis with the 2013 model. The changes to the 2012 model reﬂect the assumption that cash ﬂows occur on average halfway through each year and discounting after tax cash ﬂows (at the point tax losses are fully utilised) with an after tax weighted average cost of capital (“WACC”) assuming a blended tax rate of 30.6% for the forecast and extrapolated period cash ﬂows. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 45 • • • The pre-tax cash ﬂows for the forecast period are derived from the most recent ﬁnancial budget for the year ending 31 December 2014 and the plan for the year ending 31 December 2015 approved by the Board. The extrapolation for the period 2016 to 2023 is based on management estimates (with the key assumptions set out below). The future pre-tax cash ﬂows are discounted by a weighted average cost of capital (“WACC”) of 15.5%. The key assumptions underlying the cash ﬂow projections and which the recoverable amount is most sensitive to are (i) the revenue growth rates forecast and extrapolated for the period 2014 to 2018 (ii) and the discount rate. i. The cash ﬂow forecasts assume a CAGR revenue growth of 28.2% in the period 2014 to 2018 (63.8% for the period 2014 to 2015) and 3.7% for the period 2019 to 2023 (a CAGR of 14.1% for 10 year forecast period). The management of the Group believe these growth rates are appropriate for the forecasts given the expected impact from the new product, SmartWall TDS, which was launched in February 2014 and which is expected to start generating revenue from new customer sales targeted at the service provider and cloud computing markets in 2014 and deliver a step change in revenue in the forecast period. These growth rates are supported by the fact that the IT security market is forecast to grow strongly for the foreseeable future. Gartner for instance forecast that the IT security market will grow by a CAGR of 8.5% in the period 2012 to 2017 and IDC forecast that the DDoS protection market will grow from $270 million in 2012 to $870 million in 2017 (CAGR 18.2%). The above market growth rates used in the future cash ﬂow assumptions reﬂect that CNS is in the early stages of the commercial exploitation of its intellectual property. In addition, the business’ strategy is to continue to develop its product and solution offerings to remain a market leader in its chosen market thereby providing the opportunity to generate above market average growth rates. The growth rate assumed in the period beyond the 10 year extrapolation period of 1.5% is considered reasonable as historically IT spend has exceeded GDP growth. ii. The discount rate is based on a cost of equity using the Capital Asset Pricing Model with the key inputs being a risk-free interest rate estimate of 3.75% (based on 30 year US government bonds), comparable company betas, an equity risk premium of 5.5%, and small company risk premium of 4.5%. The WACC has been assessed based on that fact that the Company had no gearing at 31 December 2013. The WACC used in the valuation reﬂects current market assessments of the time value of money and the risks speciﬁc to CNS. As stated above, the valuation to support the recoverable amount of the CNS CGU is highly sensitive to small changes in cash ﬂow forecasts and discount rate assumptions, and there is no guarantee that the expected growth will be achieved. If the expected growth is not achieved, this could result in a requirement to impair the goodwill associated with the CNS CGU in the future. If the revenue growth in 2014 and 2015 is reduced by 20% (which in the assessment of management is reasonably possible), and a 10% reduction is made to overheads, this would result in an impairment of goodwill of $3.7 million. If the discount rate is increased by 20% (which in the assessment of management is reasonably possible), this would reduce the amount by which the CGU’s recoverable amount exceeds its carrying amount to $2.3 million. Apart from the considerations in determining the recoverable amount of the CNS CGU described above, the management of the Group is not currently aware of any other reasonably possible changes that would necessitate changes in its key estimates. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 46 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Notes to the Financial Statements continued 13. Acquired intangible assets Group Cost At 1 January 2012 Additions Foreign currency translation Disposals At 31 December 2012 Additions Foreign currency translation Disposals (including sale of CBS) At 31 December 2013 Amortisation At 1 January 2012 Charge for year Foreign currency translation Disposals At 31 December 2012 Charge for year Foreign currency translation Disposals (including sale of CBS) At 31 December 2013 Net book value At 31 December 2013 At 31 December 2012 At 1 January 2012 Company The Company has no intangible ﬁxed assets (2012: $nil). Computer software $’000 Customer relationships $’000 6,148 237 8 (425) 5,968 107 (13) (280) 5,782 (1,663) (1,129) (8) 425 (2,375) (1,174) 13 271 197 – – – 197 – – – 197 (23) (28) – – (51) (28) – – Total $’000 6,345 237 8 (425) 6,165 107 (13) (280) 5,979 (1,686) (1,157) (8) 425 (2,426) (1,202) 13 271 (3,265) (79) (3,344) 2,517 3,593 4,485 118 146 174 2,635 3,739 4,659 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 47 14. Capitalised development expenditure Group Cost At 1 January 2012 Additions Foreign currency translation At 31 December 2012 Additions Foreign currency translation Disposal on sale of CBS At 31 December 2013 Amortisation At 1 January 2012 Charge for year Impairment Foreign currency translation At 31 December 2012 Charge for year Foreign currency translation Disposal on sale of CBS At 31 December 2013 Net book value At 31 December 2013 At 31 December 2012 At 1 January 2012 $’000 3,377 3,174 132 6,683 4,202 (218) (3,438) 7,229 (1,052) (662) (382) (59) (2,155) (511) 100 1,458 (1,108) 6,121 4,528 2,325 The impairment recorded during 2012 of $382,000 related to expenditure on certain CNS products. Having identiﬁed that these products would not generate cash inﬂows in the future sufﬁcient to support their full carrying value, management determined that an impairment should be recorded. Company The Company has no capitalised development expenditure (2012: $nil). O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 48 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Notes to the Financial Statements continued 15. Property, plant and equipment Group Computer Equipment $’000 Fixtures and Fittings $’000 Ofﬁce Equipment $’000 Leasehold Improvements $’000 Cost At 1 January 2012 Additions Disposals Reclassiﬁcation Foreign currency translation At 31 December 2012 Additions Disposals Foreign currency translation At 31 December 2013 Depreciation At 1 January 2012 Charge for year Disposals Reclassiﬁcation Foreign currency translation At 31 December 2012 Charge for the year Disposals Foreign currency translation At 31 December 2013 Net book value At 31 December 2013 At 31 December 2012 At 1 January 2012 Company 2,557 706 (924) – 19 2,358 1,110 (498) (28) 2,942 (1,656) (505) 908 2 (15) (1,266) (763) 343 22 (1,664) 1,278 1,092 901 532 22 – (2) 3 555 5 (463) (3) 94 (481) (17) – (4) (2) (504) (18) 456 1 (65) 29 51 51 246 – (8) – 3 241 28 (138) (5) 126 (222) (12) 8 4 (3) (225) (14) 115 4 (120) 6 16 24 310 74 – 2 6 392 5 (309) (11) 77 (271) (32) – (2) (5) (310) (27) 284 6 (47) 30 82 39 The Company has no property, plant and equipment (2012: $nil). Total $’000 3,645 802 (932) – 31 3,546 1,148 (1,408) (47) 3,239 (2,630) (566) 916 – (25) (2,305) (822) 1,198 33 (1,896) 1,343 1,241 1,015 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 49 16. Investments in subsidiaries Net book value At 1 January Divestment of investment in Corero Business Systems Limited Investment in Corero Network Security, Inc. Provision against investment in Corero Network Security, Inc. Foreign currency translation At 31 December Company 2013 $’000 Company 2012 $’000 26,720 (5,302) 16,188 (725) 49 18,220 (10) 7,558 – 952 36,930 26,720 Included in the Company's investment in Corero Network Security, Inc. is a loan note instrument. These loan notes bear interest at 5% per annum that at the election of Corero Network Security, Inc. is payable quarterly or added to the principal amount. The loan notes are repayable on 31 October 2016. Loan note instrument The Company owns: 2013 $’000 7,384 2012 $’000 6,893 100% of the issued share capital of Corero Network Security, Inc., a company incorporated in Delaware, USA. The principal business of the company consists of the development and sale of hardware and software security products. 100% of the issued share capital of Corero Group Services Limited, a company incorporated and registered in England and Wales. The principal business of the company consists of providing administration services to the Group. 100% of the issued share capital of Corero Network Security (UK) Limited, a company incorporated and registered in England and Wales. The principal business of the company consists of providing sales and marketing services on behalf of Corero Network Security, Inc. On 1 August 2013 the Company sold its 92% interest in Corero Business Systems Limited. 17. Inventories Gross inventory Less: provision for impairment Net inventory Net inventory comprises only ﬁnished goods. The Company holds no inventory (2012: $nil). Group 2013 $’000 709 (380) 329 Group 2012 $’000 1,340 (718) 622 O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 50 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Notes to the Financial Statements continued 18. Trade and other receivables Trade receivables Less: provision for impairment Net trade receivables Amounts owed by subsidiaries Other debtors Prepayments and accrued income Group 2013 $’000 3,035 – 3,035 – 277 408 3,720 Group 2012 $’000 3,303 (16) 3,287 – 1,592 686 5,565 Company 2013 $’000 Company 2012 $’000 – – – 10,108 93 – 10,201 – – – 8,304 103 – 8,407 The banking facility of the Group, summarised in note 20, is secured by assets of Corero Network Security, Inc. Up to 80% of the trade receivables of Corero Network Security, Inc., included under ‘Group’, can be ﬁnanced and are therefore secured for credit enhancements. None of the Company’s trade and other receivables are secured by collateral or credit enhancements. Amounts due from Group undertakings are recoverable after more than one year from the reporting date. The age of trade receivables not impaired but past due are as follows: Not more than 3 months More than 3 months but not more than 6 months More than 6 months but not more than 1 year More than one year Group 2013 $’000 1,184 13 – – 1,197 Group 2012 $’000 1,285 272 134 128 1,819 The directors consider that the carrying amount of trade and other receivables approximates their fair value. The maturity proﬁle of trade and other receivables is set out in the table below: In one year or less, or on demand In more than one year, but not more than ﬁve years Group 2013 $’000 3,483 237 3,720 Group 2012 $’000 4,442 1,123 5,565 Company 2013 $’000 – 10,201 10,201 Company 2012 $’000 – 8,407 8,407 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 51 The analysis of trade and other receivables by foreign currency is set out in the table below: US dollars UK pound Group 2013 $’000 3,523 197 3,720 Group 2012 $’000 2,322 3,243 5,565 Company 2013 $’000 – 10,201 10,201 Company 2012 $’000 – 8,407 8,407 The Group’s foreign currency receivables are denominated in the reporting currency of the subsidiaries in which they arise. There is no impact on the proﬁt/(loss) for the year from exchange rate movements on such ﬁnancial instruments. 19. Trade and other payables Trade payables Other taxation and social security Other payables Accruals Group 2013 $’000 710 70 133 1,258 2,171 Group 2012 $’000 1,018 533 290 2,131 3,972 Company 2013 $’000 Company 2012 $’000 – – – 229 229 – – – – – None of the Group or Company’s trade and other payables are secured by collateral or credit enhancements. The directors consider that the carrying amount of trade and other payables approximates its fair value. 77% (2012: 90%) of the trade and other payables are due in less than 3 months. The analysis of trade and other payables by foreign currency is set out in the table below: US dollars UK pound Group 2013 $’000 1,494 677 2,171 Group 2012 $’000 1,443 2,529 3,972 The Group’s foreign currency payables are denominated in the reporting currency of the subsidiaries in which they arise. There is no impact on the proﬁt/(loss) for the year from exchange rate movements on such ﬁnancial instruments. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 52 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Notes to the Financial Statements continued 20. Borrowings Group Current Accounts receivable ﬁnancing facility Fixed term loan Non-current Fixed term loan 8% Loan notes Company The Company has no borrowings (2012: $nil). 2013 $’000 2012 $’000 256 – 256 – – – – 182 182 197 5,787 5,984 The accounts receivable ﬁnancing facility bears interest at c.8.5% of the ﬁnanced value. The CNS facility limit is US$2.0 million. 80% of the eligible accounts receivable balance can be ﬁnanced. The facility requires a minimum quick asset ratio covenant of 1.15:1 and a consolidated quick asset ratio covenant of 2.0:1. The funding is secured by a ﬁrst lien on the corporate assets of Corero Network Security, Inc. and is guaranteed by Corero Network Security plc. The carrying value of the ﬁnanced accounts receivable assets is $0.3 million. All receipts for ﬁnanced assets are payable to a lockbox account held with the provider of the ﬁnancing facility. The accounts receivable assets are exposed to the risk of non or late payment by customers. There are no restrictions on the use of the ﬁnanced accounts receivable assets. The ﬁxed term loans were repaid in February 2013 and the 8% loan notes were repaid in October 2013. At 31 December 2013, the Group’s liabilities have contractual maturities which are summarised below. These contractual maturities reﬂect the payment obligations which may differ from the carrying values of the liabilities at the balance sheet date. Group Trade and other payables Borrowings Total Company Trade and other payables Total In one year or less, or on demand More than one but less than ﬁve years 2013 $’000 1,896 256 2,152 2012 $’000 3,868 182 4,050 2013 $’000 275 – 275 2012 $’000 104 5,984 6,088 More than one but less than ﬁve years 2013 $’000 229 229 2012 $’000 – – Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 53 21. Financial instruments The Group’s ﬁnancial instruments are categorised as shown below: Group Financial assets Trade and other receivables Cash Group Financial liabilities Financial liabilities at amortised cost: Trade and other payables Accounts receivable ﬁnancing Fixed term loan 8% Loan notes Book Value 2013 $’000 Book Value 2012 $’000 3,312 9,775 13,087 4,879 4,861 9,740 Book Value 2013 $’000 Book Value 2012 $’000 2,171 256 – – 2,427 3,972 – 379 5,787 10,138 There are no differences between the fair values and book values held by the Group and Company. The Company has a loan note instrument with CNS, Inc. at 31 December 2013 of $7.4 million (note 16) (2012: $6.9 million). The instrument is denominated and repayable in GBP which is the functional currency of the Company and therefore the Company does not bear any foreign exchange risk. As the Group’s reporting currency is dollars unrealised gains/losses on translation of the GBP balance are included within the Consolidated Statement of Comprehensive Income. A 5% weakening/strengthening of the GBP against the dollar would have the effect of increasing/decreasing the Company’s comprehensive income for the year and decreasing/increasing the Company’s net assets by $0.4 million. The repayment of amounts receivable from subsidiaries, including the loan note from CNS, Inc. (note 16) is dependent on CNS CGU generating future revenue growth and cash ﬂows. Note 12 sets out management’s assumptions in assessing whether there is any impairment of the CNS CGU goodwill at 31 December 2013. The valuation model concluded that the CGU’s recoverable amount exceeded its carrying amount. This assessment supports the carrying value of the amounts receivable from subsidiaries. Amounts owed by subsidiaries are similarly subject to exchange rate movements. These totalled $10.1 million at 31 December 2013 and are included in note 18. 22. Deferred income Group Current More than one year but less than ﬁve years 2013 $’000 3,195 1,423 4,618 2012 $’000 7,592 1,146 8,738 The Group’s deferred income balance will be recognised as revenue evenly over the remaining term of the support agreements in place. Support agreements expire at various times throughout the year with no particular seasonality. Company The Company has no deferred income (2012: $nil). O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 54 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Notes to the Financial Statements continued 23. Deferred tax liability Group 1 January 2012 Credit to income statement 31 December 2012 Credit to income statement 31 December 2013 $’000 1,567 (371) 1,196 (371) 825 The deferred tax liability relates to the software and customer relationships acquired as part of the Top Layer Networks, Inc. acquisition in March 2011. The deferred tax liability has been calculated using a US Federal tax rate of 34%. The liability is released to the Statement of Comprehensive Income as the intangible software and customer relationship assets are amortised. 24. Pensions The Group’s pension arrangements are operated through deﬁned contribution schemes. Deﬁned contribution schemes Deﬁned contribution pension costs Deﬁned contribution pension costs 25. Share capital Authorised share capital Continuing 2013 $’000 Discontinued 2013 $’000 43 73 Continuing 2012 $’000 Discontinued 2012 $’000 43 108 The authorised share capital comprises 745,821,970 (2012: 745,821,970) ordinary shares of 1p (1.66c) each and 1,518,990 (2012: 1,518,990) deferred shares of £2.99 ($4.96) each. Issued ordinary share capital 1 January 2012 47,713,718 ordinary shares of 1p each Issued 10,615,694 ordinary shares of 1p each (1.58c) 308,000 ordinary shares of 1p each (1.60c) 31 December 2012 58,637,412 ordinary shares of 1p each Issued 27,000,004 ordinary shares of 1p each (1.51c) 31 December 2013 85,637,416 ordinary shares of 1p each Total 2013 $’000 116 Total 2012 $’000 151 $’000 752 168 5 925 408 1,333 On 20 March 2013, 27,000,004 ordinary shares with a nominal value of 1p were issued at 15p (23c) per share by way of a placing. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 55 Deferred share capital The deferred share capital consists of 1,518,990 deferred shares of £2.99 ($4.96) each. 31 December 2013 31 December 2012 $’000 7,051 7,051 The deferred shares have no voting or dividend rights and, on a return of capital, will have the right to receive the amount paid up thereon after the holders of the ordinary shares have received, in aggregate, the amount paid up thereon plus £10,000,000 ($16,574,000) per ordinary share. The deferred shares are not transferable (save with the consent of the Directors). The Company may, at any time, transfer the deferred shares to any other person or buy back the deferred shares, for an aggregate payment of 1p (1.66c). 26. Share premium 1 January 2012 10,615,694 ordinary shares at 42p (66c) less issue costs 308,000 ordinary shares at 24p (38c) 31 December 2012 27,000,004 ordinary shares of 14p each (21c) less issue costs 31 December 2013 $’000 31,228 6,700 118 38,046 5,461 43,507 Consideration received in excess of the nominal value of the 27,000,004 shares issued on 20 March 2013 as a result of the placing has been included in share premium, less registration, placing commission and professional fees of $261,000. The amount of such directly attributable costs deducted from share premium in 2012 was $340,000. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 56 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Notes to the Financial Statements continued 27. Employees and directors Employee expenses during the period Group Wages and salaries Social security costs Other pension costs (note 24) Cost of employee share scheme (note 30) Group Wages and salaries Social security costs Other pension costs (note 24) Cost of employee share scheme (note 30) Average monthly numbers of employees (including directors) employed Continuing Sales and marketing Technical, support and services Management, operations and administration Discontinued Sales and marketing Consulting and professional services Technical and support Management, operations and administration Company The Company has no employees (2012: nil). Continuing 2013 $’000 Discontinued 2013 $’000 11,003 1,010 43 25 2,626 318 73 – Total 2013 $’000 13,629 1,328 116 25 12,081 3,017 15,098 Continuing 2012 $’000 Discontinued 2012 $’000 11,319 1,185 43 9 4,235 519 108 – Total 2012 $’000 15,554 1,704 151 9 12,556 4,862 17,418 2013 Number 2012 Number 23 43 14 80 32 42 14 88 2013 Number 2012 Number 12 18 23 5 58 15 18 18 5 56 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 57 Directors Executive directors Andrew Miller Ashley Stephenson (appointed 6 September 2013) Non-executive directors Richard Last Jens Montanana Andrew Lloyd Salary & fees $’000 231 77 25 41 31 405 Bonus $’000 Beneﬁts $’000 Pension $’000 Total 2013 $’000 Total 2012 $’000 174 85 – – – 8 3 – – – 259 11 22 – – – – 22 435 165 25 41 31 697 350 – 30 41 4 425 Bonus payments of $259,000 were awarded during the period to 31 December 2013 (2012: $95,000). The bonus payable to Andrew Miller includes a special bonus, approved by the Remuneration Committee of $125,000, relating to the successful disposal of CBS in 2013. Andrew Miller has a service contract with a 6 month notice period. A subsidiary company provides for pension contributions of 10% of basic salary payable to a personal pension plan. No directors were accruing beneﬁts from the Group’s deﬁned contribution pension arrangements (2012: nil). Post the year end, Jens Montanana notiﬁed the Company that he wished to waive his non-executive director fees for the year ended 31 December 2013 of $41,000. Jens Montanana waived his non-executive director fees for the year ended 31 December 2012 of $41,000. 28. Operating lease commitments The Group has total future minimum lease payments under non-cancellable operating leases totalling $553,000 (2012: $1,083,000) analysed by year of expiry as follows: Land and building agreements expiring: Within one year Within two to ﬁve years The Company has no operating lease commitments (2012: $nil). 2013 $’000 5 548 553 2012 $’000 26 1,057 1,083 O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 58 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Notes to the Financial Statements continued 29. Contingent liabilities The Group and Company do not have any contingent liabilities (2012: $nil). On 17 March 2011, the Corero Remuneration Committee approved the establishment of the Corero Early Exit Incentive Plan (“EEIP”). The EEIP is a cash settled change of control incentive plan for the senior executives of the Group that provides for a cash payment in the event of (i) a sale of substantially all of the assets of the Corero Network Security business, or (ii) an offer for all of the shares of Corero Network Security plc, in the period up to 30 April 2014 (thereafter it will lapse). The cash incentive payment is determined based on the difference between (i) the value of the transaction (consideration for the sale of all or substantially all of the assets of Corero Network Security, Inc. or offer for all of Corero Network Security plc’s shares) and (ii) Corero Network Security plc’s accumulated cost of capital comprising the cash investment by Corero Network Security plc shareholders and shares issued for acquisitions or other purposes, deﬁned as the “Total Gain”. The EEIP will pay those executives granted the incentive a percentage of the Total Gain. Under the terms of the EEIP, awards up to a maximum of 3.0% of the Total Gain can be issued with a maximum of 0.5% per individual. On 13 September 2013, the Corero Remuneration Committee approved the extension of the EEIP to 30 April 2016 with the awards capped at a maximum of 2.5% of the Total Gain with a maximum of 0.65% per individual. At 31 December 2013, EEIP awards comprising 2.1% (2012: 1.7%) of the Total Gain had been awarded (including an award of 0.65% to Ashley Stephenson and an award of 0.65% to Andrew Miller, both Company directors). As at the date of this report no discussions are in progress or contemplated which would result in the incentive payment being payable. As a result no provision has been recorded in the ﬁnancial statements relating to the EEIP. 30. Share options The Company has the following share option schemes: • Enterprise Management Incentive Scheme for its employees, which has been approved by HMR&C, • 2010 Executive Enterprise Management Incentive Scheme, which has been approved by HMR&C, • 2010 Unapproved Share Option Scheme, and • Deferred Payment Share Plan. In August 2010, 1,257,000 options were granted to certain directors and employees under the 2010 Executive Enterprise Management Incentive scheme and 2010 Unapproved Share Option Scheme. The options granted vested immediately upon grant. All other options granted in 2010–2013 have a three year vesting period, vesting one third on the ﬁrst anniversary of grant, one third on the second anniversary of grant and one third on the third anniversary of grant. There are no vesting conditions. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 59 Share options granted at 31 December 2013 were as follows: Option Holders Date granted Expiry date Exercise price At 1 January 2013 Granted Exercised Lapsed/ cancelled At 31 December 2013 Enterprise Management Incentive Scheme Other Holders January 2003 January 2013 735p (1,195c) October 2003 October 2013 1,095p (1,780c) February 2005 February 2015 495p (805c) April 2006 April 2016 555p (902c) 633 333 2,200 5,361 September 2008 September 2018 300p (488c) 25,334 March 2011 March 2021 36p (59c) 7,000 March 2011 March 2021 40p (65c) 165,000 March 2012 March 2022 54.5p (89c) 30,000 September 2012 September 2022 43p (70c) 110,000 – – – – – – – – – April 2013 April 2023 25p (38c) – 120,000 2010 Executive Enterprise Management Incentive Scheme Andrew Miller August 2010 August 2020 25p (41c) 476,000 September 2012 March 2022 54.5p (89c) 80,000 – – April 2013 April 2023 25p (38c) – 250,000 2010 Unapproved Share Option Scheme Jens Montanana August 2010 August 2020 25p (41c) 165,000 March 2012 March 2022 54.5p (89c) 30,000 – – April 2013 April 2023 25p (38c) – 80,000 Richard Last March 2012 March 2022 54.5p (89c) 20,000 – Andrew Lloyd April 2013 April 2023 25p (38c) April 2013 April 2023 25p (38c) – – 60,000 60,000 Ashley Stephenson* March 2012 March 2022 54.5p (89c) 180,000 – April 2013 April 2023 25p (38c) – 400,000 Other holders August 2010 August 2020 31p (50c) 308,000 March 2011 March 2021 36p (59c) 246,583 March 2011 March 2021 40p (65c) 305,000 May 2011 May 2021 35p (57c) 110,000 September 2011 September 2021 37.5p (61c) 439,000 March 2012 March 2022 54.5p (89c) 854,250 September 2012 September 2022 43p (70c) 146,000 – – – – – – – April 2013 April 2023 25p (38c) September 2013 September 2023 25p (40c) – – 1,068,375 145,000 Unapproved Share Option Scheme Other holders April 2008 April 2017 555p (902c) 8,772 – 3,714,466 2,183,375 (633) (333) (2,200) (5,361) (25,334) – (125,000) – – (25,000) – – – – – – – – – – – – (107,333) – (110,000) (118,500) (347,500) (102,500) – – – – – 7,000 40,000 30,000 110,000 95,000 476,000 80,000 250,000 165,000 30,000 80,000 20,000 60,000 60,000 180,000 400,000 308,000 139,250 305,000 – 320,500 506,750 43,500 – – 1,068,375 145,000 (8,772) – (978,466) 4,919,375 – – – – – – – – – – – – – – – – – – – – – – – – – – – The closing mid market price for the Company’s shares at 31 December 2013 was 17.8p (29.5c) and the high and low for the year was 31.0p (50c) and 12.8p (20c). There are no performance conditions to be met before share options are exercisable. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 60 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Notes to the Financial Statements continued Changes in directors options held between 1 January 2013 and the 31 December 2013 are detailed in the following table: Granted during year Cancelled during year At 31 December 2013 Exercise price Date from which partially exercisable Expiry date Andrew Miller Richard Last Jens Montanana Andrew Lloyd Ashley Stephenson* * appointed 6 September 2013 At 1 January 2013 476,000 80,000 – – – 250,000 20,000 – – 60,000 165,000 30,000 – – 180,000 – – 80,000 60,000 – – 400,000 – – – – – – – – – – – 476,000 80,000 250,000 20,000 60,000 25p (41c) August 2010 August 2020 54.5p (89c) March 2013 March 2022 25p (38c) April 2014 April 2023 54.5p (89c) March 2013 March 2022 25p (38c) April 2014 April 2023 165,000 25p (41c) August 2010 August 2020 30,000 80,000 60,000 54.5p (89c) March 2013 March 2022 25p (38c) 25p (38c) April 2014 April 2023 April 2014 April 2023 180,000 54.5p (89c) March 2013 March 2022 400,000 25p (38c) April 2014 April 2023 In addition, Andrew Miller has a contractual right (granted in March 2011) to purchase 140,000 ordinary shares in the Company from the Employee Share Ownership Trust at 40p per share pursuant to a grant made to him under the Deferred Payment Share Plan. None of the directors holding ofﬁce at the balance sheet date exercised options during the year. Share based payments The Remuneration Committee can grant options to employees of the Group under the Group’s share option schemes. Options are granted with a ﬁxed exercise price which is equal to the market price at the date of the grant or higher price determined by the Remuneration Committee. The contracted life is ten years from the date of grant. Options are valued using the Black-Scholes option-pricing model. Options granted during 2013 The value of options granted during the year was calculated using the Black-Scholes option pricing model. The following variables and ranges were used: Share price at date of grants Exercise price Expected volatility Years to maturity Risk free interest rate The following table provides information on all options outstanding at the end of the year: Weighted average remaining contractual life Exercise price range Weighted average share price Weighted average exercise price Expected volatility Risk free rate – 5 year gilt rate Expected dividend yield The total charge in the year relating to employee share based payments was $25,000 (2012: $9,000). 25p (38c–40c) 25p (38c–40c) 0.2% 9.26–9.72 0.74–1.8% 8.3 years 25p–55p (41c–91c) 34p (56c) 33p (55c) 0.2%–6.4% 0.63%–2.6% Nil Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 61 31. Related parties and transactions Related party transactions subsist between Group companies and relate to costs paid on behalf of the parent Company. The 2013 costs paid by other Group companies on behalf of the parent Company were $317,000 (2012: $342,000). The parent Company received $339,000 intercompany interest from Corero Network Security, Inc. during the year (2012: $327,000). As part of the placing on 20 March 2013 directors contributed $4.2 million (note 25). The directors consider the Group’s key management personnel to be the Board of directors of the Company and the Chief Executive Ofﬁcers of Corero Network Security, Inc. and Corero Business Systems Limited up to the date of disposal whose compensation is detailed below: Key management personnel 692 Salary & fees $’000 Bonus $’000 406 Beneﬁts $’000 18 Pension $’000 22 2013 $’000 1,138 2012 $’000 1,025 Company key management compensation was $nil (2012: $nil) as the key management are employed by subsidiaries. O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 62 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Notice of AGM Notice is hereby given that the annual general meeting (the “AGM”) of Corero Network Security plc (the “Company”) will be held at the ofﬁces of ﬁnnCap Ltd, 60 New Broad Street, London, EC2M 1JJ, on 18 June 2014 at 9.30 a.m. for the following purposes: Ordinary Business To consider and, if thought ﬁt, pass the following resolutions which will be proposed as ordinary resolutions: 1. Report and accounts To receive the audited annual accounts of the Company for the year ended 31 December 2013, together with the directors’ report and the auditor’s report on those annual accounts. 2. Re-election of director To re-elect Mr Richard Last, who retires by rotation in accordance with the Company’s articles of association, as a director of the Company. 3. Re-election of director To re-elect Mr Ashley Stephenson, who retires in accordance with the Company’s articles of association, as a director of the Company. 4. Re-appointment of auditors To re-appoint BDO LLP as auditors of the Company to hold ofﬁce from the conclusion of this AGM until the conclusion of the next annual general meeting at which accounts are laid before the Company. 5. Auditors’ remuneration To authorise the directors to determine the remuneration of the auditors. Special Business To consider and, if thought ﬁt, pass the following resolutions of which resolutions 6 and 9 will be proposed as ordinary resolutions and resolutions 7 and 8 will be proposed as special resolutions: 6. Directors’ authority to allot shares THAT, in substitution for all existing and unexercised authorities and powers granted to the Directors prior to the date of this resolution in accordance with section 551 of the Companies Act 2006 (“Act”), the Directors be generally and unconditionally authorised for the purposes of section 551 of the Act to exercise all the powers of the Company to allot shares in the Company and grant rights to subscribe for or to convert any security into shares of the Company (such shares and rights to subscribe for or to convert any security into shares of the Company being “relevant securities”) up to a maximum nominal amount of £285,458.05 on such terms and conditions as the Directors may determine provided that, unless previously revoked, varied or extended, this authority shall expire on the earlier of the date falling 15 months after the date of the passing of this resolution and the conclusion of the next annual general meeting of the Company except that the Company may at any time before such expiry make an offer or agreement which would or might require relevant securities to be allotted after such expiry and the Directors may allot relevant securities in pursuance of such an offer or agreement as if this authority had not expired. 7. Disapplication of pre-emption rights THAT, in substitution for all existing and unexercised authorities and powers granted to the Directors prior to the date of this resolution in accordance with section 570(1) of the Act and subject to and conditional on the passing of resolution 6, the Directors be and are hereby empowered to allot equity securities (as deﬁned in section 560(1) of the Act) of the Company for cash, pursuant to the authority of the Directors under section 551 of the Act conferred by resolution 6 above, and/or by way of a sale of treasury shares for cash (by virtue of section 573 of the Act), in each case as if section 561(1) of the Act did not apply to such allotment, provided that this power shall be limited to: (a) the allotment of equity securities in connection with an offer by way of a rights issue or an offer of equity securities open for acceptance for a period ﬁxed by the Directors (i) to the holders of ordinary shares in proportion (as nearly as may be practicable) to their respective holdings and (ii) to holders of other equity securities as required by the rights of those securities or as the Directors otherwise consider necessary, but subject to such exclusions or other arrangements as the Directors may deem necessary or expedient in relation to treasury shares, fractional entitlements, record dates, legal or practical problems in or under the laws of any territory or the requirements of any regulatory body or stock exchange; and Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 63 (b) the allotment and/or sale of treasury shares for cash (otherwise than pursuant to resolution 7(a) above) of equity securities up to a maximum nominal amount of £85,637.42, and that, unless previously revoked, varied or extended, this power shall expire on the earlier of the date falling 15 months after the date of the passing of this resolution and the conclusion of the next annual general meeting of the Company except that the Company may before the expiry of this power make an offer or agreement which would or might require equity securities to be allotted (and treasury shares to be sold) after such expiry and the Directors may allot equity securities (and sell treasury shares) in pursuance of such an offer or agreement as if this power had not expired. 8. Authority to purchase Company’s own shares THAT the Company be generally and unconditionally authorised for the purposes of section 701 of the Act to make market purchases (as deﬁned in section 693(4) of the Act) on a recognised investment exchange (as deﬁned in section 693(5) of the Act) of ordinary shares of £0.01 each in the capital of the Company (“Ordinary Shares”) and to hold such shares as treasury shares (as deﬁned in section 724(3) of the Act) and/or on such terms and in such manner as the Directors may from time to time determine provided that: (a) this authority shall be limited to the purchase of Ordinary Shares up to a maximum aggregate nominal value equal to £85,637.42 representing approximately 10 per cent. of the nominal value of the current issued ordinary share capital of the Company; (b) the minimum price which may be paid for such Ordinary Shares is £0.01 (exclusive of expenses); (c) the maximum price (exclusive of expenses) which may be paid for an Ordinary Share shall not be more than 5 per cent. above the average middle market quotations for an Ordinary Share on the relevant recognised investment exchange on which Ordinary Shares are traded for the ﬁve business days immediately preceding the date on which the Ordinary Share is purchased; (d) unless previously revoked, varied or extended, the authority hereby conferred shall expire at the earlier of the date which is 15 months from the date of the passing of this resolution and the conclusion of the next annual general meeting of the Company; and (e) the Company may make a contract or contracts to purchase Ordinary Shares under the authority hereby conferred prior to the expiry of such authority which will or may be executed wholly or partly after the expiry of such authority and may make a purchase of Ordinary Shares in pursuance of any such contract or contracts. 9. Electronic communication To approve that the Company may be authorised, subject to and in accordance with the provisions of the Act, to send, convey or supply all types of notices, documents or information to its shareholders by means of electronic equipment for the processing (including digital compression), storage and transmission of data, employing wires, radio optical technologies or any other electromagnetic means, including by making such notices, documents or information available on a website. 24 March 2014 Registered Ofﬁce: Regus House Highbridge Oxford Road Uxbridge Middlesex UB8 1HR By order of the Board Duncan Swallow Company Secretary O v e r v i e w i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c i a l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y 64 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Notice of AGM continued The following notes explain your general rights as a shareholder and your rights to attend and vote at the AGM or to appoint someone else to vote on your behalf: Notes: 1. Resolution 9 is to allow the Company to take advantage of the provisions of the Companies Act 2006 (the “2006 Act”) which enable companies to communicate electronically or via a website with all shareholders (including, for example, providing the annual report and accounts by such means) unless the shareholder asks in writing that he or she should continue to receive paper documents. Increased use of electronic communications will deliver savings to the Company in terms of administration, printing and postage costs as well as speeding up the provision of information to shareholders. The reduced use of paper will also have environmental beneﬁts. If this resolution is passed, we will write to shareholders in accordance with the 2006 Act, inviting those shareholders who wish to continue to receive hard copy documents to contact the Company. As this will only take place after the AGM, shareholders do not need to take any action at present. 2. Pursuant to Regulation 41 of the Uncertiﬁcated Securities Regulations 2001 (as amended), only those members registered in the register of members of the Company at 6.00 p.m. on 16 June 2014 (or if the AGM is adjourned, on the day which is two business days before the time ﬁxed for the adjourned AGM) shall be entitled to attend and vote at the AGM in respect of the number of shares registered in their name at that time. Any changes to the register of members after such time shall be disregarded in determining the rights of any person to attend or vote at the AGM. 3. Information regarding the general meeting, including information required by section 311A of the Act, is available from www.corero.com. 4. CREST members who wish to appoint a proxy or proxies through the CREST electronic proxy appointment service may do so for the AGM to be held at 9.30 a.m. on 18 June 2014 and any adjournment(s) thereof by using the procedures described in the CREST Manual (available from www.euroclear.com). CREST personal members or other CREST sponsored members, and those CREST members who have appointed a voting service provider should refer to their CREST sponsors or voting service provider(s), who will be able to take the appropriate action on their behalf. In order for a proxy appointment or instruction made by means of CREST to be valid, the appropriate CREST message (a “CREST Proxy Instruction”) must be properly authenticated in accordance with Euroclear UK & Ireland Limited’s speciﬁcations and must contain the information required for such instructions, as described in the CREST Manual. The message must be transmitted so as to be received by the Company’s agent, Capita Asset Services (CREST Participant ID: RA10), no later than 9.30 a.m. on 16 June 2014. For this purpose, the time of receipt will be taken to be the time (as determined by the time stamp applied to the message by the CREST Application Host) from which the Company’s agent is able to retrieve the message by enquiry to CREST in the manner prescribed by CREST. CREST members and, where applicable, their CREST sponsor or voting service provider should note that Euroclear UK & Ireland Limited does not make available special procedures in CREST for any particular messages. Normal system timings and limitations will therefore apply in relation to the input of CREST Proxy Instructions. It is the responsibility of the CREST member concerned to take (or, if the CREST member is a CREST personal member or sponsored member or has appointed a voting service provider, to procure that his CREST sponsor or voting service provider takes) such action as shall be necessary to ensure that a message is transmitted by means of the CREST system by any particular time. In this connection, CREST members and, where applicable, their CREST sponsor or voting service provider are referred in particular to those sections of the CREST Manual concerning practical limitations of the CREST system and timings. The Company may treat as invalid a CREST Proxy Instruction in the circumstances set out in Regulation 35(5)(a) of the Uncertiﬁcated Securities Regulations 2001. 5. If you wish to attend the AGM in person, you should make sure that you arrive at the venue for the AGM in good time before the commencement of the meeting. You may be asked to prove your identity in order to gain admission. 6. A member who is entitled to attend, speak and vote at the AGM may appoint a proxy to attend, speak and vote instead of him. A member may appoint more than one proxy provided each proxy is appointed to exercise rights attached to different shares (so a member must have more than one share to be able to appoint more than one proxy). A proxy need not be a member of the Company but must attend the AGM in order to represent you. A proxy must vote in accordance with any instructions given by the member by whom the proxy is appointed. Appointing a proxy will not prevent a member from attending in person and voting at the AGM (although voting in person at the AGM will terminate the proxy appointment). A proxy form is enclosed. The notes to the proxy form include instructions on how to appoint the Chairman of the AGM or another person as a proxy. You can only appoint a proxy using the procedures set out in these Notes and in the notes to the proxy form. 7. To be valid, a proxy form, and the original or duly certiﬁed copy of the power of attorney or other authority (if any) under which it is signed or authenticated, should reach the Company’s registrar, Capita Asset Services, PXS, 34 Beckenham Road, Beckenham BR3 4TU, by no later than 9.30 a.m. on 16 June 2014. 8. In the case of joint holders of shares, the vote of the ﬁrst named in the register of members who tenders a vote, whether in person or by proxy, shall be accepted to the exclusion of the votes of other joint holders. 9. A member that is a company or other organisation not having a physical presence cannot attend in person but can appoint someone to represent it. This can be done in one of two ways: either by the appointment of a proxy (described in Notes 2 and 4 to 6 above) or of a corporate representative. Members considering the appointment of a corporate representative should check their own legal position, the Company’s articles of association and the relevant provision of the Companies Act 2006. In the case of a corporation, the form of proxy must be executed under its common seal or signed on its behalf by a duly authorised attorney or duly authorised representative of the corporation. 10. The following documents are available for inspection at the registered ofﬁce of the Company during usual business hours on any weekday (Saturday, Sunday or public holidays excluded) from the date of this notice until the conclusion of the AGM and will also be available for inspection at the place of the AGM from 9.00 am on the day of the AGM until its conclusion: (a) copies of the executive directors’ service contracts with the Company and any of its subsidiary undertakings; and (b) letters of appointment of the non-executive directors. Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 65 Advisors Directors Jens Montanana (Non-executive Chairman) Ashley Stephenson (CEO) Andrew Miller (CFO and COO) Richard Last (Non-executive Director) Andrew Lloyd (Non-executive Director) Secretary and Registered Ofﬁce Duncan Swallow Regus House Highbridge Oxford Road Uxbridge Middlesex UB8 1HR Nominated Adviser and Broker FinnCap 60 New Broad Street London EC2M 1JJ Auditor BDO LLP 55 Baker Street London W1U 7EU Solicitors Dorsey and Whitney LLP 199 Bishopsgate London EC2M 3UT FIRST LINE OF DEFENSE Corero Network Security plc (‘Corero’, the ‘Group’ or the ‘Company’) SmartWall™ Threat Defense System Corero Network Security, an organisation’s First Line of Defense® against DDoS (Distributed Denial of Service) attacks and cyber threats, is a pioneer in global network security. Corero products and services provide Online Enterprises, Service Providers, Hosting Providers, and Managed Security Service Providers with an additional layer of security capable of inspecting Internet trafﬁc and enforcing real-time access or monitoring policies designed to match the needs of the protected business. Corero technology enhances any defense-in-depth security architecture with a scalable, ﬂexible and responsive defence against DDoS attacks and cyber threats before they reach the targeted IT infrastructure allowing online services to perform as intended. For more information, visit www.corero.com. Contents Overview 01 Highlights 02 Chairman’s Statement Strategic Report 04 Our performance 06 What we do 08 Why we do it 10 How we do it – Our business model 14 Our strategy for sustainable growth Essential Reads 6-7 WHAT WE DO 8-9 WHY WE DO IT 06 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 07 08 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 Corero Network Security plc Annual Report & Accounts for the year ending 31 December 2013 09 STRATEGIC REPORT What we do The Corero First Line of Defense products and services stop DDoS attacks and cyber threats OUR TECHNOLOGY A high performance network appliance which is deployed on premises (at the customer or managed location) or in service provider networks. The appliance inspects Internet trafﬁc in real time before it is allowed to pass into the customers protected IT environment to ensure unwanted and malicious Internet trafﬁc is removed. • The Corero Patented Dynamic Threat Assessment technology uses several algorithms including advanced challenge-response techniques to categorise all sources as unknown, trusted, suspicious or malicious based upon their real-time behaviours. • The Corero Request/ Response Behaviour Analysis controls access to downstream devices based upon a source’s “behaviours” which enables enforcement of usage standards on every source IP address which provides detection of application-layer denial of service attacks, as well as other unwanted behaviours and blocks them before they reach the victim devices. • The Corero Protocol Validation Engines inspects all packets of a network and/or application transaction and compares the observed content and characteristics to what is allowed, expected, or required, based upon the protocol speciﬁcations and known implementations, and takes the appropriate real time actions (e.g. detection/blocking) of the violations. • Corero has a real-time reputation engine, ReputationWatch, that provides automated real-time defence against previously identiﬁed DDoS attack sources. In addition, IP address geolocation technology enables enforcement of security policies based on national origin of IP addresses. OUR SERVICES Threat Update Reputation Watch An automated protection update service that provides Corero customers with timely, proactive protection from the latest security threats. The subscription service delivers frequent protection updates and security advisories. These updates include updated vulnerability and attack signatures to provide the most current, effective network threat monitoring. Security advisories, an important aspect of the Threat Update Service, inform customers of newly discovered threats, and recommend any actions that might be necessary to obtain protection against the threat. Enables customers to automatically block malicious IP addresses. Corero continuously receives data feeds from global intelligence across the Internet to determine the current threat status of malicious or suspicious IP addresses. Using IP reputation-based information, ReputationWatch automatically identiﬁes and blocks access from suspicious sites including sources that have participated in DDoS attacks, systems delivering specially crafted denial-of-service exploits, anonymized IP addresses behind proxies, phishing sites, and spam sources. ReputationWatch also allows customers to block or alert on access from countries with which they do not transact business for example by choosing to block or set rate limits on all trafﬁc from a nation or geography. SecureWatch A service which ensures that customers’ First Line of Defense solutions are always up to date, running at optimum performance, and continuously protecting customers’ IT infrastructure against the latest threats. SecureWatch Plus A comprehensive suite of DDoS defence conﬁguration, optimization, 24x7 monitoring and attack mitigation services. These services are customised to meet the security requirements and business goals of each customer. SecureWatch PLUS includes access to experts to assist in the realisation of the desired DDoS defence solution starting with the organisation-speciﬁc implementation, commissioning and testing, continuing with round-the-clock monitoring, and immediate response in the event of a DDoS attack. Corero is dedicated to improving the security of the Internet through the deployment of its innovative First Line of Defense solutions which provide customers with protection against a continuously evolving spectrum of DDoS attacks and cyber threats that have the potential to impact any Internet connected business. STRATEGIC REPORT Why we do it The world in which we operate OUR MARKET $17.9b 2013 worldwide IT security spending will be $17.9 billion Source: IDC Number of companies suffering cyber attacks to steal commercial secrets doubled in 2012-13 Source: Kroll 21% of companies report that DDoS is the most costly form of attack Source: Ponemon Institute Firewalls don’t cut it anymore as a ﬁrst line of defence Source: Network World DDoS protection market to double in period to 2017 (approaching $1 billion) Source: IDC The Internet has transformed the way commercial and public sector organisations do business Organisations today are embracing technology to enhance the productivity of their employees, generate new revenue sources and improve their operating efﬁciency. These technologies include cloud services, mobile computing, online services and social networking. This greater reliance on information technology has signiﬁcantly increased the attack surface within organisations that is vulnerable to potential security attacks. As a result organisations are having to make signiﬁcant investments in IT security to help protect against a myriad of potential threats. The threat landscape has evolved “Cyber attacks are one of the top four threats to our national security and cyber-crime is costing our economy billions of pounds a year. And as businesses and government move more of their operations online, the scope of potential targets will continue to grow. It’s a race: to build sufﬁcient cyber defences to match the growing volume and dependence of our online economic, security and social interests.” UK Cabinet Ofﬁce Minister, Francis Maude Cyber-crime continues to be costly • The average annualised cost of cyber-crime for organisations is $11.6 million per year (an increase of 26% over 2012) • Cyber attacks have become common occurrences – two successful attacks per company per week (an increase of 18% over 2012) • The most costly cyber-crimes are those caused by DDoS, malicious insiders and web-based attacks Source: Ponemon Institute 2013 Cost of Cyber Crime Study Existing security solutions do not protect against next-generation threats Though ﬁrewalls are still a critical and necessary component of any IT network, they are no longer the best type of device to deploy as the network’s ﬁrst line of defence. While ﬁrewalls serve many purposes, they do not have complete Layer 3–7 protection. Attackers know these limitations and have devised attacks that can evade or overwhelm a ﬁrewall, as well as the secondary security devices behind the ﬁrewall, such as intrusion prevention systems. The opportunity for Corero Organisations need to respond to the increased risk presented by the growing number of DDoS attacks and cyber threats – a security device speciﬁcally designed to detect and stop unwanted trafﬁc before it can overrun the IT infrastructure causing performance issues, security exposures and even catastrophic outages. This new ﬁrst line of defence must be able to identify malicious attack trafﬁc even if it mimics legitimate trafﬁc and the true customer communications that businesses want and welcome. The Corero First Line of Defense solution applies industry best practices as well as sophisticated analysis techniques to thoroughly inspect trafﬁc in order to stop DDoS attacks and cyber threats. The Corero solution stops unwanted trafﬁc that slows the infrastructure and frustrates users, and in the process protects the existing infrastructure and enables maximum uptime of business applications. THE COMPETITIVE ENVIRONMENT Corero is a leader in protecting enterprises and public sector organisations against DDoS attacks and cyber threats. We have deﬁned the market for on premises First Line of Defense and have developed the following key competitive advantages that we believe will allow us to extend our leadership position: • Always-on protection that blocks both network-layer ﬂooding attacks, as well as the more difﬁcult to detect, low and slow application-layer attacks. • Granular conﬁguration of security policies in order to allow legitimate trafﬁc to pass while blocking unwanted trafﬁc. • Broad security coverage – Inspection of every packet and every ﬂow (using Deep Packet Inspection) rather that a sample-based approach used by most competitors. • Purpose-built security appliance for high speed trafﬁc inspection using a multi-core processor architecture. • Competitive price-performance resulting in the lowest total cost of ownership for the end user. • Expert security knowledge and technical support provided by Corero’s 24x7 Security Operations Centre. Our next generation product, SmartWall TDS, was launched on 3 February 2014 to address the Internet service provider and hosting provider markets. It adds key features like asymmetric inspection, and multi-tenancy to allow our First Line of Defense solutions to be deployed in service provider networks and hosting data centers as a services-oriented platform. Service providers and hosting providers can now deploy this platform in a modular and scalable fashion to not only protect their own infrastructure but more importantly to roll out revenue generating DDoS protection services to multiple customers. SmartWall TDS extends our current competitive advantages with the following key features: OPPORTUNITIES The awareness of cyber-crime and the impact on businesses (small and large) is increasing with Board room accountability and regulatory focus in certain industries, such as ﬁnancial services. We expect this trend to have a positive impact on our market. Ernst & Young’s Global information Security Survey 2013 reported that 50% of respondents indicate that their budgets will increase anywhere from 5% to 25% or more in the next 12 months, and 14% of spend in the coming 12 months will be on security innovation (emerging technology). KEY MARKET CHALLENGES • Robust security coverage – comprehensive network security protection against layer 3 and layer 4 for both IPv4 and IPv6 trafﬁc. • Industry-leading density, scalability and performance – protection is provided through conﬁgurable access policies with scalability from 10Gbps to 1Tbps in a single rack. • Green, energy-efﬁcient platform – energy-efﬁcient design with front-to-back cooling which fully supports economic and environmental initiatives. • Powerful centralised management for conﬁguring, controlling, and monitoring all SmartWall TDS appliances from a central location. • Flexible deployment conﬁgurations – multiple appliances can be distributed to key control points in the provider network or centrally combined in 1 Rack Unit shelves in various conﬁgurations. • Single solution to deliver comprehensive threat protection, always-on connectivity, and complete visibility with the family of SmartWall appliances. The Corero principal competitors are other DDoS defence equipment manufacturers such as Arbor Networks Inc. and Radware Limited. Corero is targeting a high growth security market; the DDoS market is forecast to grow by 18% (CAGR) in the period 2012 to 2017 (Source: IDC) to $870 million. The existing Corero DDS product is targeted at the enterprise on premises DDoS protection market. The new SmartWall™ TDS product is targeted at the service provider and hosting provider market. The market for security products and services is competitive and characterised by rapid changes in technology, the evolving cyber threat landscape, customer requirements, and industry standards and frequent new product introductions and improvements. We need to be focused on our chosen market and deliver continuous innovation to stay ahead of our competition. Corero will address this challenge by working closely with our customers and prospects, to leverage the ﬂexibility of our platform technology to deliver continuously evolving leadership protection against the latest DDoS attacks and cyber threats. Today’s enterprises are increasingly dependent on their online presence for generating revenues, ensuring employee productivity, or providing a superb customer experience. Ubiquitous Internet access makes the enterprise susceptible to cyber threats from around the world. The resulting service outages cause costly downtime, lost productivity, brand damage and impact the enterprise’s legitimate users. Bankers Santander 2 The Forbury Reading RG1 3EU Silicon Valley Bank 3003 Tasman Drive Santa Clara, California 95054 USA Registrars Capita Asset Services Northern House Woodsome Park Fenay Bridge Huddersﬁeld HD8 OLA Website address www.corero.com O v e r v e w i i S t r a t e g c R e p o r t G o v e r n a n c e i F n a n c a i l S t a t e m e n t s N o t i c e o f A G M C o r p o r a t e D i r e c t o r y Designed and produced by www.accruefulton.com FIRST LINE OF DEFENSE Corero Network Security plc Annual Report & Accounts 2013 C o r e r o N e t w o r k S e c u t i r y p c l A n n u a l R e p o r t & A c c o u n t s 2 0 1 3 FIRST LINE OF DEFENSE Registered Ofﬁce Regus House Highbridge Oxford Road Uxbridge Middlesex UB8 1HR

Continue reading text version or see original annual report in PDF format above