FIRST LINE OF DEFENSE
Corero Network Security plc
Annual Report & Accounts 2013
C
o
r
e
r
o
N
e
t
w
o
r
k
S
e
c
u
t
i
r
y
p
c
l
A
n
n
u
a
l
R
e
p
o
r
t
&
A
c
c
o
u
n
t
s
2
0
1
3
FIRST LINE OF DEFENSE
Registered Office
Regus House
Highbridge
Oxford Road
Uxbridge
Middlesex
UB8 1HR
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 65
Advisors
Directors
Jens Montanana (Non-executive Chairman)
Ashley Stephenson (CEO)
Andrew Miller (CFO and COO)
Richard Last (Non-executive Director)
Andrew Lloyd (Non-executive Director)
Secretary and Registered Office
Duncan Swallow
Regus House
Highbridge
Oxford Road
Uxbridge
Middlesex
UB8 1HR
Nominated Adviser and Broker
FinnCap
60 New Broad Street
London
EC2M 1JJ
Auditor
BDO LLP
55 Baker Street
London
W1U 7EU
Solicitors
Dorsey and Whitney LLP
199 Bishopsgate
London
EC2M 3UT
FIRST LINE OF DEFENSE
Corero Network Security plc (‘Corero’, the ‘Group’ or the ‘Company’)
SmartWall™ Threat Defense System
Corero Network Security, an organisation’s First
Line of Defense® against DDoS (Distributed Denial
of Service) attacks and cyber threats, is a pioneer
in global network security. Corero products and
services provide Online Enterprises, Service
Providers, Hosting Providers, and Managed
Security Service Providers with an additional layer
of security capable of inspecting Internet traffic
and enforcing real-time access or monitoring
policies designed to match the needs of the
protected business. Corero technology enhances
any defense-in-depth security architecture with a
scalable, flexible and responsive defence against
DDoS attacks and cyber threats before they reach
the targeted IT infrastructure allowing online
services to perform as intended. For more
information, visit www.corero.com.
Contents
Overview
01 Highlights
02 Chairman’s Statement
Strategic Report
04 Our performance
06 What we do
08 Why we do it
10 How we do it –
Our business model
14 Our strategy for
sustainable growth
Essential Reads
6-7
WHAT WE DO
8-9
WHY WE DO IT
06 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 07
08 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 09
STRATEGIC REPORT
What
we do
The Corero First Line of Defense
products and services stop DDoS
attacks and cyber threats
OUR TECHNOLOGY
A high performance network appliance which is deployed on premises (at the customer or managed location) or in service provider
networks. The appliance inspects Internet traffic in real time before it is allowed to pass into the customers protected IT environment
to ensure unwanted and malicious Internet traffic is removed.
• The Corero Patented
Dynamic Threat
Assessment technology
uses several algorithms
including advanced
challenge-response
techniques to categorise
all sources as unknown,
trusted, suspicious or
malicious based upon
their real-time behaviours.
• The Corero Request/
Response Behaviour
Analysis controls access
to downstream devices
based upon a source’s
“behaviours” which
enables enforcement of
usage standards on every
source IP address which
provides detection of
application-layer denial
of service attacks, as
well as other unwanted
behaviours and blocks
them before they reach
the victim devices.
• The Corero Protocol
Validation Engines inspects
all packets of a network
and/or application
transaction and compares
the observed content and
characteristics to what is
allowed, expected, or
required, based upon the
protocol specifications and
known implementations,
and takes the appropriate
real time actions (e.g.
detection/blocking) of
the violations.
• Corero has a real-time
reputation engine,
ReputationWatch, that
provides automated
real-time defence against
previously identified DDoS
attack sources. In addition,
IP address geolocation
technology enables
enforcement of security
policies based on national
origin of IP addresses.
OUR SERVICES
Threat
Update
Reputation
Watch
An automated protection update service that provides Corero customers with timely,
proactive protection from the latest security threats. The subscription service delivers
frequent protection updates and security advisories. These updates include updated
vulnerability and attack signatures to provide the most current, effective network threat
monitoring. Security advisories, an important aspect of the Threat Update Service,
inform customers of newly discovered threats, and recommend any actions that might
be necessary to obtain protection against the threat.
Enables customers to automatically block malicious IP addresses. Corero continuously
receives data feeds from global intelligence across the Internet to determine the current
threat status of malicious or suspicious IP addresses. Using IP reputation-based
information, ReputationWatch automatically identifies and blocks access from suspicious
sites including sources that have participated in DDoS attacks, systems delivering
specially crafted denial-of-service exploits, anonymized IP addresses behind proxies,
phishing sites, and spam sources. ReputationWatch also allows customers to block or
alert on access from countries with which they do not transact business for example by
choosing to block or set rate limits on all traffic from a nation or geography.
SecureWatch
A service which ensures that customers’ First Line of Defense solutions are always
up to date, running at optimum performance, and continuously protecting customers’
IT infrastructure against the latest threats.
SecureWatch
Plus
A comprehensive suite of DDoS defence configuration, optimization, 24x7 monitoring
and attack mitigation services. These services are customised to meet the security
requirements and business goals of each customer. SecureWatch PLUS includes access
to experts to assist in the realisation of the desired DDoS defence solution starting with
the organisation-specific implementation, commissioning and testing, continuing with
round-the-clock monitoring, and immediate response in the event of a DDoS attack.
Corero is dedicated to improving the
security of the Internet through the
deployment of its innovative First Line
of Defense solutions which provide
customers with protection against a
continuously evolving spectrum of
DDoS attacks and cyber threats that
have the potential to impact any Internet
connected business.
STRATEGIC REPORT
Why we
do it
The world in
which we operate
OUR MARKET
$17.9b
2013 worldwide IT security
spending will be $17.9 billion
Source: IDC
Number of companies
suffering cyber attacks to
steal commercial secrets
doubled in 2012-13
Source: Kroll
21%
of companies report that
DDoS is the most costly
form of attack
Source: Ponemon Institute
Firewalls don’t cut it anymore
as a first line of defence
Source: Network World
DDoS protection market to
double in period to 2017
(approaching $1 billion)
Source: IDC
The Internet has transformed the way commercial and public sector
organisations do business
Organisations today are embracing technology to enhance the productivity of their
employees, generate new revenue sources and improve their operating efficiency.
These technologies include cloud services, mobile computing, online services and
social networking. This greater reliance on information technology has significantly
increased the attack surface within organisations that is vulnerable to potential security
attacks. As a result organisations are having to make significant investments in IT
security to help protect against a myriad of potential threats.
The threat landscape has evolved
“Cyber attacks are one of the top four threats to our national security and cyber-crime
is costing our economy billions of pounds a year. And as businesses and government
move more of their operations online, the scope of potential targets will continue to
grow. It’s a race: to build sufficient cyber defences to match the growing volume and
dependence of our online economic, security and social interests.”
UK Cabinet Office Minister, Francis Maude
Cyber-crime continues to be costly
• The average annualised cost of cyber-crime for organisations is $11.6 million
per year (an increase of 26% over 2012)
• Cyber attacks have become common occurrences – two successful attacks
per company per week (an increase of 18% over 2012)
• The most costly cyber-crimes are those caused by DDoS, malicious insiders
and web-based attacks
Source: Ponemon Institute 2013 Cost of Cyber Crime Study
Existing security solutions do not protect against next-generation threats
Though firewalls are still a critical and necessary component of any IT network, they
are no longer the best type of device to deploy as the network’s first line of defence.
While firewalls serve many purposes, they do not have complete Layer 3–7 protection.
Attackers know these limitations and have devised attacks that can evade or overwhelm
a firewall, as well as the secondary security devices behind the firewall, such as intrusion
prevention systems.
The opportunity for Corero
Organisations need to respond to the increased risk presented by the growing number
of DDoS attacks and cyber threats – a security device specifically designed to detect
and stop unwanted traffic before it can overrun the IT infrastructure causing performance
issues, security exposures and even catastrophic outages.
This new first line of defence must be able to identify malicious attack traffic even if it
mimics legitimate traffic and the true customer communications that businesses want
and welcome.
The Corero First Line of Defense solution applies industry best practices as well as
sophisticated analysis techniques to thoroughly inspect traffic in order to stop DDoS
attacks and cyber threats. The Corero solution stops unwanted traffic that slows the
infrastructure and frustrates users, and in the process protects the existing infrastructure
and enables maximum uptime of business applications.
THE COMPETITIVE ENVIRONMENT
Corero is a leader in protecting enterprises and public sector
organisations against DDoS attacks and cyber threats. We have
defined the market for on premises First Line of Defense and
have developed the following key competitive advantages that
we believe will allow us to extend our leadership position:
• Always-on protection that blocks both network-layer flooding
attacks, as well as the more difficult to detect, low and slow
application-layer attacks.
• Granular configuration of security policies in order to allow
legitimate traffic to pass while blocking unwanted traffic.
• Broad security coverage – Inspection of every packet and
every flow (using Deep Packet Inspection) rather that a
sample-based approach used by most competitors.
• Purpose-built security appliance for high speed traffic
inspection using a multi-core processor architecture.
• Competitive price-performance resulting in the lowest total
cost of ownership for the end user.
• Expert security knowledge and technical support provided
by Corero’s 24x7 Security Operations Centre.
Our next generation product, SmartWall TDS, was launched
on 3 February 2014 to address the Internet service provider and
hosting provider markets. It adds key features like asymmetric
inspection, and multi-tenancy to allow our First Line of Defense
solutions to be deployed in service provider networks and hosting
data centers as a services-oriented platform. Service providers
and hosting providers can now deploy this platform in a modular
and scalable fashion to not only protect their own infrastructure but
more importantly to roll out revenue generating DDoS protection
services to multiple customers. SmartWall TDS extends our current
competitive advantages with the following key features:
OPPORTUNITIES
The awareness of cyber-crime and the impact on businesses
(small and large) is increasing with Board room accountability and
regulatory focus in certain industries, such as financial services.
We expect this trend to have a positive impact on our market.
Ernst & Young’s Global information Security Survey 2013 reported
that 50% of respondents indicate that their budgets will increase
anywhere from 5% to 25% or more in the next 12 months, and
14% of spend in the coming 12 months will be on security
innovation (emerging technology).
KEY MARKET CHALLENGES
• Robust security coverage – comprehensive network
security protection against layer 3 and layer 4 for both
IPv4 and IPv6 traffic.
• Industry-leading density, scalability and performance
– protection is provided through configurable access policies
with scalability from 10Gbps to 1Tbps in a single rack.
• Green, energy-efficient platform – energy-efficient design
with front-to-back cooling which fully supports economic
and environmental initiatives.
• Powerful centralised management for configuring,
controlling, and monitoring all SmartWall TDS appliances
from a central location.
• Flexible deployment configurations – multiple appliances
can be distributed to key control points in the provider
network or centrally combined in 1 Rack Unit shelves in
various configurations.
• Single solution to deliver comprehensive threat protection,
always-on connectivity, and complete visibility with the
family of SmartWall appliances.
The Corero principal competitors are other DDoS defence
equipment manufacturers such as Arbor Networks Inc.
and Radware Limited.
Corero is targeting a high growth security market; the DDoS
market is forecast to grow by 18% (CAGR) in the period 2012
to 2017 (Source: IDC) to $870 million. The existing Corero
DDS product is targeted at the enterprise on premises DDoS
protection market. The new SmartWall™ TDS product is
targeted at the service provider and hosting provider market.
The market for security products and services is competitive and
characterised by rapid changes in technology, the evolving cyber
threat landscape, customer requirements, and industry standards
and frequent new product introductions and improvements. We
need to be focused on our chosen market and deliver continuous
innovation to stay ahead of our competition. Corero will
address this challenge by working closely with our customers
and prospects, to leverage the flexibility of our platform
technology to deliver continuously evolving leadership
protection against the latest DDoS attacks and cyber threats.
Today’s enterprises are increasingly
dependent on their online presence for
generating revenues, ensuring employee
productivity, or providing a superb
customer experience. Ubiquitous Internet
access makes the enterprise susceptible
to cyber threats from around the world.
The resulting service outages cause
costly downtime, lost productivity, brand
damage and impact the enterprise’s
legitimate users.
Bankers
Santander
2 The Forbury
Reading
RG1 3EU
Silicon Valley Bank
3003 Tasman Drive
Santa Clara, California
95054
USA
Registrars
Capita Asset Services
Northern House
Woodsome Park
Fenay Bridge
Huddersfield
HD8 OLA
Website address
www.corero.com
O
v
e
r
v
e
w
i
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
a
i
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
Designed and produced by
www.accruefulton.com
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 01
OVERVIEW
Financial highlights
Operating highlights
• Revenue from continuing operations
$10.3 million (2012: $11.4 million)
• Appointment of David Ahee as Senior
Vice President Global Sales
• EBITDA loss* including discontinued
operations $4.5 million (2012: loss
$3.1 million) of which the EBITDA loss
from continuing operations was
$6.2 million (2012: loss $5.8 million)
• Earnings per share 11.3 cents
(2012: loss 9.7 cents)
• Net cash $9.5 million at 31 December
2013 (2012: net debt $1.3 million)
• Completed sale of Corero Business
Systems Limited on 1 August 2013
• Net consideration** to the
Company $16.5 million
• Profit on sale $15.2 million
* before depreciation, amortisation, financing and
profit on sale of Corero Business Systems Limited
** net of debt repayment
• Progress in next generation product
development
• SmartWall TDS product launched
in February 2014
• Developed a reporting platform
utilising operational intelligence
tools to enhance Corero’s
SecureWatch™ managed security
services and reporting
• Awarded “Best IT Products & Services
for Finance, Banking & Insurance”
by Network Product’s Guide
• Customer orders of $5.1 million in the
six months ended 31 December 2013,
an increase of 23% over the
comparative period in 2012
• Significant wins – second half 2013
order intake included 15 customers
with orders exceeding $100,000
(compared to 7 in second half of
2012 and 9 in the first half of 2013
$9.5M
net cash at 31 December 2013
Network Products
Guide award “Best IT
Products and Services
for Finance, Banking
and Insurance”
Governance
Financial Statements
16
18
21
25
Directors’ Biographies
Directors’ Report
Corporate Governance
Report
Statement of Directors’
Responsibilities
26
27
28
29
30
31
32
33
62
65
Independent Auditor’s
Report
Consolidated Statement
of Comprehensive Income
Consolidated Statement
of Financial Position
Company Statement of
Financial Position
Statements of Cash Flows
Consolidated Statement
of Changes in Equity
Company Statement of
Changes in Equity
Notes to the Financial
Statements
Notice of AGM
Corporate Directory
10-11
HOW WE DO IT
10 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
11
STRATEGIC REPORT
How we
do it
Our business model
The Corero strategy is to be a leading
provider of network security solutions
focused on the DDoS and cyber
threat market
Business model
The Corero business model comprises the development, marketing and sale of network security products and services to provide
customers with protection from cyber threats. The Corero First Line of Defense products and services stop DDoS attacks and cyber
threats.
Revenue
source
Contractual
arrangement
Nature of
revenue
Description
Security appliance sale –
hardware and software product
Hardware sale and perpetual
software license
• New customer sale
• Existing customer
upgrades for increased
performance or expansion
• Existing customer add
on sale of new software
modules
Hardware and software
support, monitoring and
update services
Single/multi-year contracts
for Support and SecureWatch
services, Threat Update
Service and Reputation
Watch® (described in more
detail on page 7)
• New sale
• Existing customer renewal
• Add on sale for new
services introduced
The Corero software
comprises ostensibly Corero
developed proprietary software
complemented by third party
licensed and open source
software. The hardware solution
is assembled by a third party
contract manufacturer using
industry standard hardware
components and a Tilera
Corporation multi-core CPU chip
to deliver a high performance
solution required for an in-line
network security solution.
Support and monitoring
services are delivered by the
Corero support team.
Updates are delivered to the
Corero appliances in customer
networks to provide proactive
on-going protection from the
latest cyber security threats.
Corero undertakes its own
research into such threats
and partners with third party
organisations to provide
additional security threat
intelligence and protection.
SecureWatch PLUS DDoS
defence services (described in
more detail on page 7)
Single/multi-year
service contracts
• New sale
• Add on sale to existing
customer
• Existing customer renewal
24x7x365 monitoring and
support services including
DDoS attack mitigation
services delivered by the
Corero support team.
The Corero DDoS Defense System
(“DDS”) product family is targeted at
enterprise and public sector organisations
and is an organisation’s First Line of
Defense against damaging DDoS attacks,
delivering the most comprehensive DDoS
protection available in a purpose-built,
high performance, on-premises appliance.
DDS detects and blocks both familiar
network-layer flooding attacks, as well as
the more difficult to detect, low and slow
application-layer attacks, which have
become the stealth attackers’ weapon
of choice.
The Corero DDS uses an always on,
adaptive, patented DDoS defence
algorithms to ensure online businesses
are always protected keeping services up
and available – blocking malicious
incoming requests while reliably passing
legitimate traffic to the organisations’
online servers. Positioned at the Internet
gateway, Corero’s next generation
SmartWall TDS, which was launched on 3
February 2014, is targeted at the following
additional markets:
Internet Service Providers and
Multi-Service Operators (MSOs)
Hosting companies offering
Web, Cloud, Platform and
Infrastructure-as-a-Service
Companies providing managed
security services
The first customer deployments of SmartWall TDS are expected to be in the second half of 2014.
The SmartWall TDS is a flexible and
scalable cyber threat defence solution.
SmartWall TDS is designed to enable
Internet service providers and hosting
providers the ability to offer comprehensive
DDoS and cyber threat protection to their
customers as an extension of their current
value added service offerings, improving
their overall value proposition and providing
an opportunity to differentiate themselves
from the competition.
The family of SmartWall TDS appliances
include:
• SmartWall Network Threat Defense
Appliance for comprehensive
protection against network threats.
• SmartWall Application Threat Defense
Appliance for comprehensive
protection against application threats.
• SmartWall Network Bypass Appliance
for 100% network connectivity to
eliminate network downtime.
• SmartWall Network Forensics
Appliance for capturing and indexing
100% of the packets at 10Gbps rates
for and complete visibility and
forensics analysis.
The SmartWall TDS product launch follows
an 18 month development project with
directly attributable costs of $5.1 million (of
which $3.8 million has been capitalised,
$3.2 million capitalised in the year ended
31 December 2013).
The SmartWall TDS development will
continue in 2014 and 2015 with further
software releases planned to add new
software functionality and features.
Corero has developed a high performance
network appliance, a combination of
multicore network processor hardware
and Corero developed software, which is
deployed on premises (at the customer
location or a third party data centre)
which inspects all IP network traffic in
real time before it is allowed to pass into
the customers’ IT environment to remove
unwanted and malicious Internet traffic
and ensure only good traffic enters.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�02 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
OVERVIEW
Chairman’s
Statement
Initial SmartWall TDS
discussions with
potential customers
have been
encouraging and
validate the view
Corero has of the
market opportunity
Corero’s 2014 launch
of the SmartWall
Threat Defence System
was an important
milestone achievement
from a strategic plan
established in 2012 to
build a market leading
network security
business focused on
delivering scalable
network security
protection to counter
multiple forms of
cyber threats such as
DDoS attacks at any
performance level
Jens Montanana
Chairman
Overview
Corero defines its go-to-market by
positioning its products as a First Line of
Defense solution to help organisations
stop DDoS attacks and cyber threats. This
has enabled Corero to target a fast
expanding market which a leading analyst
IDC has forecast will be one of the highest
growth areas in the IT security market.
During the last year, we made significant
progress across many facets of the
business including developing the
sales organisation and advancing the
development of our next generation
product, SmartWall TDS. Revenues in
2013 did not grow over the prior year as
Corero transitioned its business entirely
to its First Line of Defense solution. This
repositioning encouragingly did deliver
good growth in the second half of 2013
as order intake rose 23% year over year.
The focus for 2014 is to continue building
on this growth. Revenues from Corero’s
existing First Line of Defense products
targeting commercial and public sector
organisations will be augmented by
additional new revenue streams from
SmartWall TDS sales targeted at securing
Internet cloud environments for: Service
Providers, Hosting Providers and
Managed Security Service Providers.
We expect to generate incremental
revenues from sales to this new market
opportunity for Corero in the second
half of 2014.
The SmartWall TDS product has been
designed to be a highly scalable threat
defence solution to enable Internet service
and Cloud providers the ability to offer
comprehensive DDoS and cyber attack
protection to their customers at industry
leading performance levels. Strong
interest has been generated from a
number of important customers.
The sale of Corero Business Systems
Limited (“CBS”) on 1 August 2013 enabled
us to repay our outstanding debt early,
strengthened the Group’s balance sheet,
and provided the capital for funding the
next generation SmartWall TDS product
development and making the appropriate
sales and marketing investments.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 03
Strategic focus
The Company’s strategy is to remain
focused on the network security market
and to build a strong market position
leveraging our advanced technology to
create a sustainable business which offers
strong growth prospects. The key strategic
focus areas, main drivers for success and
risks are summarised on page 15.
Our 2014 plans are focused on the launch
and customer deployment of the new
SmartWall TDS product as well as
broadening the customer base for our
existing enterprise focused DDoS attack
prevention solutions in order to drive
revenue growth whilst continuing to invest
in our engineering development. As with
all new product introductions, successful
commercialisation relies on sales,
marketing and technical support being
directed for maximum effect and achieving
reference wins to establish repeatable
revenue streams. A solid foundation has
been created and we are receiving strong
indications of user satisfaction to support
our strategy.
Market dynamics
The network security market continues to
show strong growth fundamentals driven
by the continued and in some cases
exponential increase in cyber threats and
the growing importance of the Internet for
most commercial and public sector
organisations.
IDC, one of the leading IT industry
analysts, has forecast that the DDoS
protection market will be one of the
highest growth areas in the IT security
market more than doubling in size in the
period 2012 to 2017 (to reach $870 million
in 2017). In addition, in light of the
requirement to protect against the
changing threat landscape, IDC has
defined a new security segment,
Specialized Threat Analysis and
Protection, a market which Corero’s First
Line of Defense solution addresses. This
market is forecast to have a compound
annual growth rate of over 40% from
2012 to 2017 with revenues reaching
$1.2 billion in 2017.
Despite the increase in threats and the
number of attacks, research from Corero
reveals that many businesses are failing to
take adequate measures to protect
themselves against the threat of a DDoS
attack. A survey of 100 companies
revealed that despite media reports of the
cost of downtime and the potential for
DDoS attacks to mask greater threats,
businesses are failing to put in place
effective defences or plans to mitigate the
impact of a DDoS attack. This is partly a
result of a lack of understanding of the
threats, and that traditional security
solutions do not provide the required
protection, and challenges in
organisations’ prioritising IT security
spend. There are efforts by governments
and industry regulators in a number of
geographies to increase this awareness.
For example in the UK, the Department for
Business, Innovation and Skills (BIS) wrote
to the chairmen of the top 350 UK listed
companies in the summer of 2013 to
undertake a cyber health check survey.
This type of awareness raising and
increasing Corero brand awareness
are having a positive impact on
Corero’s success.
Our view is that it is critical for
organisations to understand what cyber
threats are traversing their network so they
have visibility to their level of exposure and
can take appropriate action to stop
unwanted and malicious traffic including
DDoS attacks. Corero’s First Line of
Defense solution provides this visibility
and allows organisations to proactively
manage cyber threats.
We believe that organisations need to
transform their information security
environment, to ensure they can get ahead
of cyber threats or at least try and keep
pace. Otherwise, the gap between an
organisation's security posture and the
cyber threats it faces will continue to
grow potentially threatening the
organisation’s survival.
Shareholders
Corero’s shares are listed on AIM in
London. The Company's largest external
shareholders include Blackrock, Herald and
Sabvest. I’d like to thank them and all our
shareholders for their continuing support.
Outlook
The SmartWall Threat Defense System
product, the first phase of which was
launched to the market in February 2014,
provides Corero with a strong growth
opportunity, opening up additional
markets through enabling Internet service
and Cloud providers to protect their IT
infrastructure and, importantly, providing
them with a platform from which they
can deliver security services to their
customers to protect against DDoS
attacks and cyber threats.
The positive momentum in the second half
of 2013, combined with the strong financial
position and cash to execute Corero’s
growth plans, gives us confidence that we
will be able to successfully exploit the
considerable opportunities available in this
dynamic market.
Jens Montanana
Chairman
24 March 2014
The positive
momentum in the
second half of 2013
and our strong
financial position, with
the cash to execute
our growth plans,
gives us confidence
that we will be able to
exploit the opportunity
for Corero
42%
Specialised Threat Analysis and
Protection market forecast to
grow to $1.2 billion in 2017*
DDoS protection
market forecast to
double in period to
2017 approaching
$1 billion*
* IDC
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�04 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
STRATEGIC REPORT
Our
performance
Corero’s balance
sheet has been
strengthened
by the sale of
Corero Business
Systems with net
consideration of
$16.5 million
In 2013 Corero had
continued success
in retaining and
winning new
customers
Financial performance
For the year ended 31 December 2013,
the Group reported an EBITDA loss
before depreciation, amortisation,
financing and profit on sale of CBS of
$4.5 million (2012: $3.1 million) including
an EBITDA profit from discontinued
operations of $1.7 million (2012:
$2.7 million), comprising CBS which
was disposed on 1 August 2013.
The profit for the year after taxation
amounted to $8.2 million (2012: loss
$5.9 million) and comprised the following:
•
Loss for the year after taxation from
continuing operations of $8.5 million
(2012: loss $8.2 million);
• Profit after taxation from discontinued
operations of $1.4 million (2012:
$2.3 million); and
• Profit from the sale of discontinued
operations of $15.2 million.
The loss from continuing operations includes:
• Unrealised exchange loss of $0.2
million (2012: loss $0.3 million) arising
on an intercompany loan;
• Central costs of $1.1 million (2012:
$1.2 million) which relate to the
Company’s finance function as well
as the costs associated with the
Company’s listing on AIM; and
•
Finance costs of $0.4 million (2012:
$0.5 million) comprising interest
on the loan notes issued by Top
Layer Networks, Inc. (“Top Layer”
subsequently renamed Corero
Network Security, Inc.) as part of the
purchase consideration for Top Layer.
The sale of CBS provided an attractive
opportunity to realise the Company’s
investment in the business at a compelling
cash valuation:
• A multiple in excess of 8.0 times the
CBS earnings before development
costs capitalised, depreciation,
amortisation and financing for the
year ended 31 December 2012; and
•
In excess of 2.2 times the CBS
revenues for the year ended 31
December 2012.
The earnings per share, including the profit
from discontinued operations and profit on
the sale of discontinued operations, was
11.3 cents (2012: loss 9.7 cents).
The Group’s net assets at 31 December
2013 were $34.0 million (2012: $19.3 million).
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 05
Review of performance and
performance indicators
The Directors monitor a number of
metrics, both financial and non-financial,
on a monthly basis. The most important
of these, for the continuing business,
are as follows:
• Order intake: $9.2 million for the year
ended 31 December 2013 (2012:
$10.4 million);
• Gross margin: 65% for the year ended
31 December 2013 (2012: 70%);
• Operating expenses: $12.9 million
(2012: $13.7 million); and
• Net cash: $9.5 million at 31 December
2013 (2012: net debt $1.3 million).
Although order intake in 2013 did not grow
over the prior year as Corero transitioned
its business entirely to its First Line of
Defense solutions, the 23% growth in
order intake in second half of 2013 was
encouraging. The lower order intake
resulted in revenue in 2013 being below
the prior year. The gross margins in 2013
were impacted by the reduction in revenue
given certain fixed costs associated with
Corero support and production functions,
and increased investment in the services
and support delivery capabilities in 2013.
The operating expenses, gross of research
and development costs capitalised of
$3.8 million (2012: $2.4 million), of
$16.7 million were in line with the prior
year (2012: $16.1 million) and reflect the
investment in the Company's SmartWall
TDS product.
The Group had a strong net cash
position at 31 December 2013 which
was positively impacted by the
proceeds on the sale of CBS and
the early repayment of the loan notes.
Review of the Company’s business
Highlights of 2013 include:
• Appointment of David Ahee, who has
extensive experience in establishing
enterprise and channel sales strategies
internationally, as Senior Vice
President Global Sales
• Progress in next generation
product development
• Launch of the SmartWall TDS
product in February 2014
• Developed a reporting platform
utilising operational intelligence tools
to enhance Corero’s SecureWatch
managed security services
• Awarded “Best IT Products & Services
for Finance, Banking & Insurance” by
Network Product’s Guide
• Order intake of $5.1 million in the six
months ended 31 December 2013
increased 23% over the comparative
period in 2012
• Significant customer wins:
• Second half 2013 order intake
included 15 customers with orders
exceeding $100,000 (compared to 7
in second half of 2012 and 9 in the
first half of 2013)
New customer wins included significant
orders from a UK infrastructure provider,
two US energy utilities, two South
American service providers, two US
regional banks, a French insurance group,
an Asian provider of on-line games, a web
hosting company, a provider of real estate
and mortgage portfolio management
information services, a large US city
corporation, a Brazilian state ministerial
department and a government public
relations ministry.
Material orders (upgrades and support
contract renewals) from existing
customers included a leading industrial
group, a leading price comparison web
site, Camelot (the UK Lottery operator),
two US university colleges, a Middle East
investment services firm, a global
electronics manufacturing services group,
two multi-national banking groups, one of
the leading on-line gaming companies, a
leading medical equipment manufacturer,
a leading international energy group, City
Index, a European telecommunications
service provider, a national air traffic
control provider, and one of the largest
newspaper publishers in the US.
Cash and treasury
The closing cash balance was $9.8 million
(2012: $4.9 million). The Group had debt
at 31 December 2013 of $0.3 million
comprising the balance on a receivables-
backed working capital facility (2012:
$6.2 million which comprised loan notes
of $5.8 million and a term loan of
$0.6 million which was repaid in 2013). In
October 2013, Corero elected to repay its
existing loan notes with a face value of
$5.0 million in full, together with accrued
interest of approximately $1.2 million, and
in advance of their maturity date in March
2014. The loan notes were issued in
March 2011 as part of the consideration
paid for the acquisition of Top Layer. The
loan notes accrued interest at a rate of
8% per annum and were secured on the
assets of Top Layer.
The net reduction in cash from operating
activities in the year ended 31 December
2013 was $7.5 million (2012: $5.1 million).
In 2013, the Company raised $6.2 million
(before expenses) of which the directors
contributed $4.2 million.
At the end of the year, the Group had a
receivables backed financing facility of
$2.0 million which is committed for a
period of one year and is repayable on
demand. The Group company has
complied with the financial covenants
relating to this facility.
23%
in order intake in H2 2013
200
existing customers upgraded
their Corero solutions and or
renewed support contracts
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�06 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
STRATEGIC REPORT
What
we do
The Corero First Line of Defense
products and services stop DDoS
attacks and cyber threats
OUR TECHNOLOGY
A high performance network appliance which is deployed on premises (at the customer or managed location) or in service provider
networks. The appliance inspects Internet traffic in real time before it is allowed to pass into the customers protected IT environment
to ensure unwanted and malicious Internet traffic is removed.
•
The Corero Patented
Dynamic Threat
Assessment technology
uses several algorithms
including advanced
challenge-response
techniques to categorise
all sources as unknown,
trusted, suspicious or
malicious based upon
their real-time behaviours.
•
The Corero Request/
Response Behaviour
Analysis controls access
to downstream devices
based upon a source’s
“behaviours” which
enables enforcement of
usage standards on every
source IP address which
provides detection of
application-layer denial
of service attacks, as
well as other unwanted
behaviours and blocks
them before they reach
the victim devices.
•
The Corero Protocol
Validation Engines inspects
all packets of a network
and/or application
transaction and compares
the observed content and
characteristics to what is
allowed, expected, or
required, based upon the
protocol specifications and
known implementations,
and takes the appropriate
real time actions (e.g.
detection/blocking) of
the violations.
• Corero has a real-time
reputation engine,
ReputationWatch, that
provides automated
real-time defence against
previously identified DDoS
attack sources. In addition,
IP address geolocation
technology enables
enforcement of security
policies based on national
origin of IP addresses.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 07
OUR SERVICES
Threat
Update
Reputation
Watch
An automated protection update service that provides Corero customers with timely,
proactive protection from the latest security threats. The subscription service delivers
frequent protection updates and security advisories. These updates include updated
vulnerability and attack signatures to provide the most current, effective network threat
monitoring. Security advisories, an important aspect of the Threat Update Service,
inform customers of newly discovered threats, and recommend any actions that might
be necessary to obtain protection against the threat.
Enables customers to automatically block malicious IP addresses. Corero continuously
receives data feeds from global intelligence across the Internet to determine the current
threat status of malicious or suspicious IP addresses. Using IP reputation-based
information, ReputationWatch automatically identifies and blocks access from suspicious
sites including sources that have participated in DDoS attacks, systems delivering
specially crafted denial-of-service exploits, anonymised IP addresses behind proxies,
phishing sites, and spam sources. ReputationWatch also allows customers to block or
alert on access from countries with which they do not transact business for example by
choosing to block or set rate limits on all traffic from a nation or geography.
SecureWatch
A service which ensures that customers’ First Line of Defense solutions are always
up to date, running at optimum performance, and continuously protecting customers’
IT infrastructure against the latest threats.
SecureWatch
Plus
A comprehensive suite of DDoS defence configuration, optimization, 24x7 monitoring
and attack mitigation services. These services are customised to meet the security
requirements and business goals of each customer. SecureWatch PLUS includes access
to experts to assist in the realisation of the desired DDoS defence solution starting with
the organisation-specific implementation, commissioning and testing, continuing with
round-the-clock monitoring, and immediate response in the event of a DDoS attack.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�08 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
STRATEGIC REPORT
Why we
do it
The world in
which we operate
OUR MARKET
$17.9b
2013 worldwide IT security
spending will be $17.9 billion
Source: IDC
Number of companies
suffering cyber attacks to
steal commercial secrets
doubled in 2012-13
The Internet has transformed the way commercial and public sector
organisations do business
Organisations today are embracing technology to enhance the productivity of their
employees, generate new revenue sources and improve their operating efficiency.
These technologies include cloud services, mobile computing, online services and
social networking. This greater reliance on information technology has significantly
increased the attack surface within organisations that is vulnerable to potential security
attacks. As a result organisations are having to make significant investments in IT
security to help protect against a myriad of potential threats.
The threat landscape has evolved
“Cyber attacks are one of the top four threats to our national security and cyber-crime
is costing our economy billions of pounds a year. And as businesses and government
move more of their operations online, the scope of potential targets will continue to
grow. It’s a race: to build sufficient cyber defences to match the growing volume and
dependence of our online economic, security and social interests.”
Source: Kroll
UK Cabinet Office Minister, Francis Maude
21%
of companies report that
DDoS is the most costly
form of attack
Cyber-crime continues to be costly
•
The average annualised cost of cyber-crime for organisations is $11.6 million
per year (an increase of 26% over 2012)
• Cyber attacks have become common occurrences – two successful attacks
per company per week (an increase of 18% over 2012)
•
The most costly cyber-crimes are those caused by DDoS, malicious insiders
and web-based attacks
Source: Ponemon Institute
Source: Ponemon Institute 2013 Cost of Cyber Crime Study
Firewalls don’t cut it anymore
as a first line of defence
Source: Network World
DDoS protection market to
double in period to 2017
(approaching $1 billion)
Source: IDC
Existing security solutions do not protect against next-generation threats
Though firewalls are still a critical and necessary component of any IT network, they
are no longer the best type of device to deploy as the network’s first line of defence.
Whilst firewalls serve many purposes, they do not have complete Layer 3–7 protection.
Attackers know these limitations and have devised attacks that can evade or overwhelm
a firewall, as well as the secondary security devices behind the firewall, such as intrusion
prevention systems.
The opportunity for Corero
Organisations need to respond to the increased risk presented by the growing number
of DDoS attacks and cyber threats – a security device specifically designed to detect
and stop unwanted traffic before it can overrun the IT infrastructure causing performance
issues, security exposures and even catastrophic outages.
This new first line of defence must be able to identify malicious attack traffic even if it
mimics legitimate traffic and the true customer communications that businesses want
and welcome.
The Corero First Line of Defense solution applies industry best practices as well as
sophisticated analysis techniques to thoroughly inspect traffic in order to stop DDoS
attacks and cyber threats. The Corero solution stops unwanted traffic that slows the
infrastructure and frustrates users, and in the process protects the existing infrastructure
and enables maximum uptime of business applications.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 09
THE COMPETITIVE ENVIRONMENT
Corero is a leader in protecting enterprises and public sector
organisations against DDoS attacks and cyber threats. We have
defined the market for on premises First Line of Defense and
have developed the following key competitive advantages that
we believe will allow us to extend our leadership position:
• Always-on protection that blocks both network-layer flooding
attacks, as well as the more difficult to detect, low and slow
application-layer attacks.
• Granular configuration of security policies in order to allow
legitimate traffic to pass while blocking unwanted traffic.
• Broad security coverage – Inspection of every packet and
every flow (using Deep Packet Inspection) rather that a
sample-based approach used by most competitors.
• Purpose-built security appliance for high speed traffic
inspection using a multi-core processor architecture.
• Competitive price-performance resulting in the lowest
total cost of ownership for the end user.
• Expert security knowledge and technical support provided
by Corero’s 24x7 Security Operations Centre.
Our next generation product, SmartWall TDS, was launched
on 3 February 2014 to address the Internet service provider and
hosting provider markets. It adds key features like asymmetric
inspection, and multi-tenancy to allow our First Line of Defense
solutions to be deployed in service provider networks and hosting
data centres as a services-oriented platform. Service providers
and hosting providers can now deploy this platform in a modular
and scalable fashion to not only protect their own infrastructure
but more importantly to roll out revenue generating DDoS
protection services to multiple customers. SmartWall TDS extends
our current competitive advantages with the following key features:
OPPORTUNITIES
The awareness of cyber-crime and the impact on businesses
(small and large) is increasing with Board room accountability and
regulatory focus in certain industries, such as financial services.
We expect this trend to have a positive impact on our market.
Ernst & Young’s Global information Security Survey 2013 reported
that 50% of respondents indicate that their budgets will increase
anywhere from 5% to 25% or more in the next 12 months, and
14% of spend in the coming 12 months will be on security
innovation (emerging technology).
KEY MARKET CHALLENGES
• Robust security coverage – comprehensive network
security protection against layer 3 and layer 4 for both
IPv4 and IPv6 traffic.
•
Industry-leading density, scalability and performance
– protection is provided through configurable access policies
with scalability from 10Gbps to 1Tbps in a single rack.
• Green, energy-efficient platform – energy-efficient design
with front-to-back cooling which fully supports economic
and environmental initiatives.
• Powerful centralised management for configuring,
controlling, and monitoring all SmartWall TDS appliances
from a central location.
•
Flexible deployment configurations – multiple appliances
can be distributed to key control points in the provider
network or centrally combined in 1 Rack Unit shelves in
various configurations.
• Single solution to deliver comprehensive threat protection,
always-on connectivity, and complete visibility with the
family of SmartWall appliances.
The Corero principal competitors are other DDoS defence
equipment manufacturers such as Arbor Networks, Inc.
and Radware Limited.
Corero is targeting a high growth security market; the DDoS
market is forecast to double in the period 2012 to 2017 (Source:
IDC) to $870 million. The existing Corero DDS product is targeted
at the enterprise on premises DDoS protection market. The new
SmartWall TDS product is targeted at the service provider and
hosting provider market.
The market for security products and services is competitive and
characterised by rapid changes in technology, the evolving cyber
threat landscape, customer requirements, and industry standards
and frequent new product introductions and improvements. We
need to be focused on our chosen market and deliver continuous
innovation to stay ahead of our competition. Corero will
address this challenge by working closely with our customers
and prospects, to leverage the flexibility of our platform
technology to deliver continuously evolving leadership
protection against the latest DDoS attacks and cyber threats.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�10 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
STRATEGIC REPORT
How we
do it
Our business model
The Corero strategy is to be a leading
provider of network security solutions
focused on the DDoS and cyber
threat market
Business model
The Corero business model comprises the development, marketing and sale of network security products and services to
provide customers with protection from cyber threats. The Corero First Line of Defense products and services stop DDoS
attacks and cyber threats.
Revenue
source
Contractual
arrangement
Nature of
revenue
Description
Security appliance sale –
hardware and software product
Hardware sale and perpetual
software license
• New customer sale
• Existing customer
upgrades for increased
performance or expansion
• Existing customer add
on sale of new software
modules
Hardware and software
support, monitoring and
update services
Single/multi-year contracts
for Support and SecureWatch
services, Threat Update
Service and Reputation
Watch® (described in more
detail on page 7)
• New sale
• Existing customer renewal
• Add on sale for new
services introduced
The Corero software
comprises ostensibly Corero
developed proprietary software
complemented by third party
licensed and open source
software. The hardware solution
is assembled by a third party
contract manufacturer using
industry standard hardware
components and a Tilera
Corporation multi-core CPU chip
to deliver a high performance
solution required for an in-line
network security solution.
Support and monitoring
services are delivered by
the Corero support team.
Updates are delivered to the
Corero appliances in customer
networks to provide proactive
on-going protection from the
latest cyber security threats.
Corero undertakes its own
research into such threats
and partners with third party
organisations to provide
additional security threat
intelligence and protection.
SecureWatch PLUS DDoS
defence services (described in
more detail on page 7)
Single/multi-year
service contracts
• New sale
• Add on sale to existing
customer
• Existing customer renewal
24x7x365 monitoring and
support services including
DDoS attack mitigation
services delivered by the
Corero support team.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
11
The Corero DDoS Defense System
(“DDS”) product family is targeted at
enterprise and public sector organisations
and is an organisation’s First Line of
Defense against damaging DDoS attacks,
delivering the most comprehensive DDoS
protection available in a purpose-built,
high performance, on-premises appliance.
DDS detects and blocks both familiar
network-layer flooding attacks, as well as
the more difficult to detect, low and slow
application-layer attacks, which have
become the stealth attackers’ weapon
of choice.
The Corero DDS uses an always on,
adaptive, patented DDoS defence
algorithms to ensure online businesses
are always protected keeping services
up and available – blocking malicious
incoming requests while reliably passing
legitimate traffic to the organisations’
online servers. Positioned at the Internet
gateway, Corero’s next generation
SmartWall TDS, which was launched
on 3 February 2014, is targeted at the
following additional markets:
Internet Service Providers and
Multi-Service Operators (MSOs)
Hosting companies offering
Web, Cloud, Platform and
Infrastructure-as-a-Service
Companies providing managed
security services
The first customer deployments of SmartWall TDS are expected to be in the second half of 2014.
The SmartWall TDS is a flexible and
scalable cyber threat defence solution.
SmartWall TDS is designed to enable
Internet service providers and hosting
providers the ability to offer comprehensive
DDoS and cyber threat protection to their
customers as an extension of their current
value added service offerings, improving
their overall value proposition and providing
an opportunity to differentiate themselves
from the competition.
The family of SmartWall TDS
appliances include:
• SmartWall Network Threat Defense
Appliance for comprehensive
protection against network threats.
• SmartWall Application Threat Defense
Appliance for comprehensive
protection against application threats.
• SmartWall Network Bypass Appliance
for 100% network connectivity to
eliminate network downtime.
• SmartWall Network Forensics
Appliance for capturing and indexing
100% of the packets at 10Gbps rates
for and complete visibility and
forensics analysis.
The SmartWall TDS product launch follows
an 18 month development project with
directly attributable costs of $5.1 million (of
which $3.8 million has been capitalised,
$3.2 million capitalised in the year ended
31 December 2013).
The SmartWall TDS development will
continue in 2014 and 2015 with further
software releases planned to add new
software functionality and features.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�12 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
STRATEGIC REPORT
How we
do it
Our business model continued
OUR DIFFERENCE
Corero has a progressive range of threat defences designed to be
deployed in Service Provider or Enterprise networks to provide a
First Line of Defense against DDoS attacks and cyber threats
Corero is dedicated to improving the
security of the Internet through the
deployment of its innovative First Line
of Defense solutions. Corero products
and services provide our customers
with protection against a continuously
evolving spectrum of DDoS attacks and
cyber threats that have the potential to
impact any Internet connected business.
Corero provides the opportunity to
enhance defence-in-depth security
architectures with an important
additional layer of security capable
of inspecting traffic arriving from the
Internet in real time and applying access
policies designed to match the needs
of the business. The goal of the Corero
First Line of Defense security layer
is to protect the customer’s network
infrastructure, online services and
confidential data from suspicious or
malicious Internet traffic.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 13
HOW WE CREATE VALUE
Bookings analysis
• New Contracts
products and services*
• Upgrades
additional products and services
sold to existing customers*
• Support and Services
renewals of existing support and
services contracts*
WHERE WE CREATE VALUE
Sectors analysis*
Geographic analysis*
New Contracts (41%)
Support and Services (35%)
Upgrades (24%)
Financial Services (22%)
Utilites (12%)
ecommerce (11%)
Telecom (10%)
Public Sector (9%)
Other (36%)
North America (59%)
EMEA (28%)
Asia Pacific (8%)
ROW (5%)
RESOURCES AND RELATIONSHIPS WE RELY ON
• Our people
• Partners
Corero has a talented team of employees
who are focused on delivering the
Company’s strategy.
•
•
IP
Corero’s technology is primarily implemented
in software. Corero holds a number of patents.
With the ongoing investment in product
software enhancements, the Company
expects to file additional patent protections.
International reach
Corero has operations in Massachusetts, USA
with the European headquarters being in the
UK. In addition, Corero has sales operations
servicing customers across North America,
South America, Europe and Asia Pacific.
Corero has committed to a channel focused
sales model and will continue to invest in the
development of channel partner relationships
with security resellers and distributors to take its
solutions to market internationally. The success
of this channel model is crucial to the revenue
growth targets that the Company has set.
• Finance
Corero has a strong funding position
at 31 December 2013 with net cash of
$9.5 million. This cash has been allocated
to fund organic investment in further software
releases of Corero’s SmartWall TDS product
and investment in sales and marketing.
The Company’s cash resources are expected
to be sufficient to fund the Company’s
requirements with the expectation of being
cash flow positive in 2015.
* order intake
OUR PEOPLE
Product engineering &
product management (46%)
Sales & marketing (31%)
Support & services (10%)
Management & administration (13%)
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�14 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
STRATEGIC REPORT
Our strategy
for sustainable
growth
The Corero strategy is to protect against a
continuously evolving spectrum of DDoS attacks
and cyber threats that have the potential to
impact any Internet connected business
The Company is dedicated to improving the security of the Internet through the
deployment of its innovative First Line of Defense solutions. Corero products and
services provide our customers with protection against a continuously evolving
spectrum of DDoS attacks and cyber threats that have the potential to impact any
Internet connected business.
Corero provides the opportunity to enhance defence-in-depth security architectures
with an important additional layer of security capable of inspecting traffic arriving from
the Internet in real time and applying access policies designed to match the needs of
the business. The goal of the Corero First Line of Defense security layer is to protect
the customer’s network infrastructure, online services and confidential data from
suspicious or malicious Internet traffic.
The Company’s strategic objectives and plans are summarised below:
MARKET
To gain market endorsement of the value proposition of a new layer of cyber security
protection – First Line of Defense – which is designed to be deployed in front of
Firewalls, Intrusion Prevention Systems and other IT security infrastructure devices,
and to establish Corero as a market leading solution for protection against DDoS and
other cyber threats. The Company is planning to raise its profile through a progression
of referenceable customer deployments and playing an active role as a thought leader
in cyber security protection.
Service providers and their customers are both impacted by the challenges of
DDoS attacks and cyber threats. These attacks have grown in size, frequency and
sophistication in recent years. Enterprises are increasingly calling on their service
providers to assist them in the detection, analysis and mitigation of such attacks
before they have an impact on their operations, and ultimately their business. The
Corero SmartWall TDS, launched on 3 February 2014, has been developed for the
service provider market and gives service providers the opportunity to deliver First
Line of Defense, always on, threat protection and visibility to their customers as a
value added security service. SmartWall TDS provides access to a new market for
Corero to complement its current enterprise focused product offering.
The SmartWall
TDS opportunity:
Enterprises are
increasingly calling
on their service
providers to
assist them in the
detection, analysis
and mitigation of
DDoS attacks and
cyber threats before
they have an impact
on their operations,
and ultimately
their business
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 15
Annual Report & Accounts for the year ending 31 December 2013 15
TECHNOLOGY
To develop a software-based technology platform leveraging high performance
multicore processor hardware as well as virtual machine based software deployments
to deliver the Corero industry leading First Line of Defense solutions in a scalable,
high performance and “open” manner capable of interfacing with other security
hardware and software solutions.
SALES
To enhance the Corero sales and business development capability to drive organic
revenue growth and expand our geographical sales organisation to access new
customers in new markets. Corero is committed to a channel sales strategy, focused
on selling through partners, both distributors and resellers. The sales objectives will
be achieved through a combination of strong sales leadership, sales tools and programs
to drive sales growth. The sales effort will continue to be underpinned by strong post
sales customer support.
MANAGEMENT AND EMPLOYEES
To have a management team with the experience and skills to manage new technology
investment and product innovation which connects with the market opportunity to deliver
strong revenue growth. The Group will align additional investment in headcount with
revenue goal achievement.
PRINCIPAL RISKS AND UNCERTAINTIES
The principal risks and uncertainties for Corero are:
•
•
•
•
•
Market awareness: We need to invest in targeted public relations and marketing
to raise market awareness of Corero and our solutions. If we are not successful in
connecting with the market it will compromise our growth plans.
Technology change and innovation: Our market is competitive and characterised
by rapid changes in technology, customer requirements and frequent new product
introductions and improvements. To grow, we need to be focused on our chosen
market and deliver continuous innovation to stay ahead of our competition.
People: Retaining and recruiting people with the necessary skills and
characteristics. Revenue growth requires a strong sales and business development
capability. We operate in a high growth market with new players emerging. If we are
unable to recruit and retain the right skills this will compromise our growth plans.
Partner engagement and development: Our partner focused sales model requires
us to have strong partner relationships to ensure our mutual business interests are
maximised. Failure to successfully execute our channel strategy will compromise our
growth plans.
Geographic distribution: Finding the right balance for geographic growth to avoid
overextending our resources by expanding too fast or spreading ourselves too thin.
By order of the Board
Duncan Swallow
Company Secretary
24 March 2014
Enhance the Corero
sales and business
development
capability to drive
organic revenue
growth and expand
our geographical sales
organisation to access
new customers
in new markets
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�16 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Board of Directors
Jens Montanana
Non-executive Chairman
Age: 53
Appointed: 9 August 2010
Jens is the founder and CEO of Datatec Limited, established in 1986. Between 1989
and 1993 Jens served as managing director and vice-president of US Robotics (UK)
Limited, a wholly owned subsidiary of US Robotics Inc., which was acquired by
3Com. In 1993, he co-founded US start-up Xedia Corporation in Boston, an early
pioneer of network switching and one of the market leaders in IP bandwidth
management, which was subsequently sold to Lucent Corporation in 1999 for
$246 million. In 1994, Jens became CEO of Datatec Limited which listed on the
Johannesburg Stock Exchange in 1994 and on AIM in 2006. He has previously
served on the boards and sub-committees of various public companies.
Ashley Stephenson
Chief Executive Officer
Age: 53
Appointed: 6 September 2013
Ashley first joined Corero Network Security as Executive Vice President of the
Network Security division, with responsibility for product and solution strategy in
March 2012, and was appointed chief executive officer of the division in January 2013.
An IT industry executive and Internet technology entrepreneur, Ashley has operating
experience in the United States, Europe and Asia. Previously, he was CEO of Reva
Systems, acquired by ODIN, and Xedia Corporation, acquired by Lucent. He has
provided strategic advisory services to a number of leading multi-national IT
companies including technology vendors, distributors and services companies.
Ashley began his career at IBM Research & Development in the UK. He is a graduate
of Imperial College, London with a degree in Physics and an Associate of the Royal
College of Science.
Andrew Miller
Chief Financial Officer and Chief Operating Officer
Age: 49
Appointed: 9 August 2010
Prior to joining the Company, Andrew was with the Datatec Limited group in
a number of roles between 2000 and 2009 including the Logicalis Group
Operations Director and Corporate Finance and Strategy Director. He led the
Logicalis acquisition strategy, acquiring and integrating 12 companies in the US,
UK, Europe and South America. Prior to this, Andrew gained considerable corporate
finance experience in London with Standard Bank, West Deutsche Landesbank and
Coopers & Lybrand. He trained and qualified as a chartered accountant and has a
bachelor’s degree in commerce from the University of Natal, South Africa.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 17
Richard Last
Non-executive Director
Age: 56
Appointed: 22 May 2008
Richard is Chairman of a number of companies including Servelec Group plc, a UK
technology group quoted on the London Stock Exchange; Arcontech Group PLC,
a provider of IT solutions for the financial services sector which is listed on AIM;
Lighthouse Group plc, an AIM listed financial services group; and the British Smaller
Technology Companies VCT 2 plc, a fully listed Venture Capital Trust. He is also a
director of a number of private companies. Richard is a Fellow of the Institute of
Chartered Accountants in England and Wales (FCA). Richard is chairman of the
Corero Audit Committee.
Andrew Lloyd
Non-executive Director
Age: 48
Appointed: 19 November 2012
Andrew has been involved in the IT software and systems sector for more than
25 years. His career has included roles in early stage companies, high-growth
pre-IPO ventures as well as large corporations such as Computer Associates
and Oracle. He is currently Chief Customer Officer of workforce management
software company Workplace Systems Limited and previously was Senior Vice
President of PRISMTECH Group’s OpenSplice business. Andrew has a BSc (Hons),
Electronic and Electrical Engineering from Heriot-Watt University, Scotland. Andrew
is chairman of the Corero Remuneration Committee.
Duncan Swallow
Company Secretary
Age: 49
Appointed: 1 November 2007
Duncan is responsible for the Company secretarial function and is also the Group
Financial Controller. Prior to joining the Company, Duncan was Divisional Financial
Controller for CCH, a Wolters Kluwer business, specialising in providing books,
online information, software, CPD and fee protection to tax and accounting
professionals. He is a fellow of the Association of Chartered Certified Accountants.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�18 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Directors’ Report
for the year ended 31 December 2013
Group results
The Group’s Statement of Comprehensive Income on page 27 shows a profit for the year of $8.2 million (2012: loss $5.9 million).
Going concern
The financial position, cash flows and borrowing facilities are described in the Strategic Review on pages 4 to 5.
Forecasts and projections, taking into account reasonably possible changes in trading performance, show that the Company
and Group will be able to operate within the level of current cash balances and facilities.
The Directors are satisfied, in view of the cash reserves of $9.8 million (2012: $4.9 million) held on the balance sheet at 31 December 2013
and receivables-backed financing facility of $2.0 million, that the Company and the Group have adequate resources to continue operating
for the foreseeable future. For this reason the going concern basis has been adopted in preparing the accounts.
Dividends
The Directors have not recommended a dividend (2012: $nil).
Share capital
The issued share capital of the Company together with details of movements in the Company’s issued share capital during the financial
period are shown in note 25 to the financial statements. As at the date of this report, 85,637,416 ordinary shares of 1p each (‘ordinary
shares’) were in issue and fully paid with an aggregate nominal value of $1.3 million.
The market price of the ordinary shares at 31 December 2013 was 17.8p and the shares traded in the range 12.8p to 31.0p during the year.
Issue of shares
At the AGM held on 13 June 2013 shareholders granted authority to the Board under the Articles and section 551 of the Companies Act
2006 (the ‘Act’) to exercise all powers of the Company to allot relevant securities up to an aggregate nominal amount of £285,458. It is
proposed at the forthcoming AGM to renew the authority to allot relevant securities up to an aggregate nominal amount of £285,458,
being one-third of the nominal value of the current issued share capital.
Also at the AGM held on 13 June 2013, shareholders granted authority to the Board under the Articles and section 570(1) of the Act to
exercise all powers of the Company to allot equity securities wholly for cash up to an aggregate nominal amount of £85,637 without
application of the statutory pre-emption rights contained in section 561 (1) of the Act. It is proposed at the forthcoming AGM to renew
the authority to allot relevant securities wholly for cash up to an aggregate nominal amount of £85,637 being 10% of the current nominal
value of the issued share capital, without application of the statutory pre-emption rights.
Substantial shareholdings
The Company has been notified of the following holdings that are 3% or more of the Group’s ordinary share capital as at 19 March 2014:
Ordinary shares of 1 pence each
Jens Montanana*
Blackrock, Inc.
Herald Investment Management
Sabvest Capital Holdings Limited
BFG Investments Group Limited
Number
33,943,687
7,303,735
7,261,723
4,585,000
2,731,023
%
39.6
8.5
8.5
5.4
3.2
* of which 20,936,545 are held in the name of JPM International Limited, which is wholly owned by Jens Montanana, and 9,000,000 are held in the name of The
New Millennium Technology Trust of which Jens Montanana is a beneficiary.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 19
Directors and directors’ interests
The directors who served in office during the year and up to the date of this report and their interests in the Company’s shares were
as follows:
Ordinary shares held
Jens Montanana
Andrew Miller
Richard Last
Andrew Lloyd
Ashley Stephenson
(appointed 6 September 2013)
19 March 2014
31 December 2013
31 December 2012
Number
33,943,687
723,255
1,066,667
–
–
%
Number
%
Number
39.6
33,943,687
39.6
15,943,687
0.8
1.3
–
–
723,255
1,066,667
–
–
0.8
1.3
–
–
623,255
400,000
–
n/a
%
27.9
1.3
0.7
–
n/a
The biographical details of the current Directors of the Company are given on pages 16 to 17.
Jens Montanana, Ashley Stephenson, Andrew Miller, Richard Last and Andrew Lloyd hold share options, details of which are shown
in note 30 to the Financial Statements.
Directors’ indemnities
The Company has made qualifying third party indemnity provisions for the benefit of its Directors which for Jens Montanana, Andrew
Miller, Richard Last and Andrew Lloyd were made in prior reporting periods, and for Ashley Stephenson in the current reporting period.
These remain in force at the date of this report.
Financial risk management objectives and policies
Capital management
The Group monitors its available capital, which it considers to be all components of equity against its expected requirements.
The Group’s objectives when maintaining capital are to safeguard the entity’s ability to continue as a going concern, so that it can
continue to provide returns for shareholders and benefits for other stakeholders, and to ensure that sufficient funds can be raised for
investing activities. In order to maintain or adjust the capital structure, the Company may return capital to shareholders, issue new
shares, or sell assets to reduce debt. The Group does not review its capital requirements according to any specified targets or ratios.
Treasury management
The objectives of Group treasury policies are to ensure that adequate financial resources are available for development of the business
while at the same time managing financial risks. Financial instruments are used to reduce financial risk exposures arising from the
Group’s business activities and not for speculative purposes.
The Group’s treasury activities are managed by the Group finance function under the direction of the Group Financial Controller.
The Group Financial Controller reports to the Board on the implementation of Group treasury policy.
The Group’s business activities expose it to a variety of financial risks. The policies for managing these risks are described below:
• Liquidity risk – arises from the Group’s management of working capital and finance charges. It is the risk that the Group will
encounter difficulty in meetings its financial obligations as they fall due. Liquidity risk is managed centrally by the finance function.
Budgets are agreed by the Board annually in advance enabling the Group’s cash flow requirements to be anticipated.
• Credit risk – arises from cash and cash equivalents and from credit exposures to the Group’s customers including outstanding
receivables and committed transactions. Credit risk is managed with regular reports of exposures reviewed by management.
The Group does not set individual credit limits but will seek to ensure that customers enter into legally enforceable contracts
that include settlement terms that demonstrate the customers’ commitment to the transaction and minimise this risk exposure.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�20 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Directors’ Report continued
for the year ended 31 December 2013
Financial risk management objectives and policies continued
Treasury management continued
The amounts of trade receivables presented in the Statement of Financial Position are shown net of allowances for doubtful accounts
estimated by management based on prior experience and their assessment of the current economic environment (note 18).
The credit risk on liquid funds and financial instruments is limited because the counterparties are banks with acceptable credit ratings
assigned by international credit rating agencies.
The Group has no significant concentration of credit risk, with exposure spread over a large number of customers.
• Cash flow interest rate risk – the Group’s policy is to minimise interest rate cash flow risk exposure on its financing. The Group’s
policy is to balance the risk in relation to cash balances held by spreading these across a number of financial institutions as
opposed to maximising interest income.
• Currency risk – there is no material impact on the Group’s Statement of Comprehensive Income from exchange rate movements,
as foreign currency transactions are entered into by Group companies whose functional currency is aligned with the currencies in
which it transacts.
Environment
The Group’s activities are primarily office based and as such the directors believe that there is no significant environmental impact arising
from the Group’s activities. The Group complies with local WEEE regulations. No environmental performance indicators are therefore
included within this report. The Group’s environmental policy states: “We endeavour to recycle appropriate materials where possible and
to efficiently use natural resources and energy supplies so as to minimise our environmental impact. We will comply with the relevant
statutes and legislation. Furthermore employees are encouraged to be environmentally aware. Company cars are not provided.”
Research and development
The development of computer software is an integral part of the Group’s business and the Group continues to develop its core software
in response to user demand, and particularly the changing IT security threat landscape, and changes in software technology. During
the year the Group enhanced its existing products and developed new products. A capital investment for continuing operations of
$3.8 million (2012: $2.4 million) was made during the year. Amortisation of $0.3 million (2012: $0.7 million) was charged to the Statement
of Comprehensive Income during the year.
Employees
The quality and commitment of the Group’s employees has played a major role in the Group’s business success. This has been
demonstrated in many ways, including strong customer satisfaction, the development of new product offerings and the flexibility
employees have shown in adapting to changing business requirements. The Group operates sales commission, incentive bonus plans
and share option plans to provide incentives for achievements which add value to the business.
Annual General Meeting
The AGM will be held at the offices of FinnCap Ltd, 60 New Broad Street, London, EC2M 1JJ, on 18 June 2014 at 9.30 a.m. The notice
convening the meeting is on page 62 together with details of the business to be considered.
Auditors
In so far as each director is aware:
•
•
there is no relevant audit information of which the Company’s auditors are unaware; and
the directors have taken all the steps that they ought to have taken to make themselves aware of any relevant audit information
and to establish that the Company’s auditors are aware of that information.
A resolution to re-appoint BDO LLP for the ensuing year will be proposed at the AGM.
By order of the Board
Duncan Swallow
Company Secretary
24 March 2014
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 21
Corporate Governance Report
As an AIM listed company, Corero is not required to comply with the UK Corporate Governance Code however, the Company has
regard to the requirements of the Code and its activities in these areas are described below.
The Board
Corero recognises its responsibility to provide entrepreneurial and responsible leadership to the Group within a framework of prudent
and effective controls (described below) allowing assessment and management of the key issues and risks impacting the business.
The Board sets Corero’s overall strategic direction, reviews management performance and ensures that the Group has the necessary
financial and human resources in place to meet its objectives. The Board is satisfied that the necessary controls and resources exist
within the Group to enable these responsibilities to be met.
Operational management of the Group is delegated to the Chief Executive Officer.
The Board of Directors comprises the non-executive chairman, two executive directors and two non-executive directors whose
Board and Committee responsibilities as at 31 December 2013 are set out below:
Jens Montanana
Ashley Stephenson
Andrew Miller
Richard Last
Andrew Lloyd
Board
Chairman
Member
Member
Member
Member
Audit
Remuneration
Member
Member
Chairman
Member
Chairman
The composition of the Board of Directors is reviewed regularly. Appropriate training, briefings, and induction are available to all
directors on appointment and subsequently as necessary, taking into account existing qualifications and experience.
Richard Last and Andrew Lloyd are considered to be independent.
Executive directors’ normal retirement age is 60 and non-executive directors’ normal retirement age is 65. One third of all directors are
subject to annual reappointment by shareholders as well as any director appointed by the Board in the period since the last AGM.
Richard Last and Ashley Stephenson (appointed 6 September 2013) will be offering themselves for re-election at the forthcoming AGM.
The Board of Directors meets on average once a quarter and additional meetings are held each year to review and approve the Group’s
strategy and financial plans for the coming year. Each director is provided with sufficient information to enable them to consider matters
in good time for meetings and enable them to discharge their duties properly.
All directors have access to the advice and services of the Company Secretary. There is also a procedure in place for any director to
take independent professional advice if necessary, at the Company’s expense.
The Board also ensures that the principal goal of the Company is to create shareholder value, while having regard to other stakeholder
interests and takes responsibility for setting the Company’s values and standards.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�22 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Corporate Governance Report continued
The Board continued
There is a documented schedule of matters reserved for the Board, the most significant of which are:
•
•
•
•
•
•
•
•
•
•
responsibility of the overall strategy and management of the Group;
approval of strategic plans and budgets and any material changes to them;
approval of the acquisition or disposal of subsidiaries and major investments, projects and contracts;
oversight of the Group’s operations ensuring competent and prudent management, sound planning and management of adequate
accounting and other records;
changes relating to the Group’s capital structure;
final approval of the annual and interim financial statements and accounting policies;
approval of the dividend policy;
ensuring an appropriate system of internal control and risk management is in place;
approval of changes to the structure, size and composition of the Board;
review of the management structure and senior management responsibilities;
• with the assistance of the Remuneration Committee, approval of remuneration policies across the Group;
• delegation of the Board’s powers and authorities;
•
•
consideration of the independence of the non-executive directors; and
receiving reports on the views of the Company’s shareholders.
In the year ended 31 December 2013 the Board received monthly briefings on the Group’s performance (including detailed commentary
and analysis), key issues and risks affecting the Group’s business.
The Company maintains liability insurance for its directors and officers. The Company has also entered into indemnity agreements
with the Directors, in terms of which the Company has indemnified its directors, subject to the Companies Act limitations, against
any liability arising out of the exercise of the directors’ powers, duties and responsibilities as a director or officer.
In the year ended 31 December 2013 the Board met on four scheduled occasions; further meetings and conference calls are held as and
when necessary. Details of Directors’ attendance at scheduled meetings in the year to 31 December 2013 is shown in the table below.
Jens Montanana
Ashley Stephenson (appointed 6 September 2013)
Andrew Miller
Richard Last
Andrew Lloyd
Board Committees
Meetings attended
4/4
2/2
4/4
4/4
4/4
The Company has an Audit Committee and Remuneration Committee, details of which are set out below.
Audit Committee
The Audit Committee members comprise Richard Last, who is the committee chairman, and Jens Montanana, and meets twice a year.
The Group Chief Financial Officer and Group Financial Controller, and the Company’s external auditors attend the meetings. The Audit
Committee considers the adequacy and effectiveness of the risk management and control systems of the Group. It reviews the scope
and results of the external audit, its cost effectiveness and the objectivity of the auditors. It also reviews, prior to publication, the interim
financial statements, preliminary results announcement, the annual financial statements and the other information included in the
annual report.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 23
The Audit Committee met twice in the year ended 31 December 2013. The attendance of individual Committee members at Audit
Committee meetings in the year to 31 December 2013 is shown in the table below:
Richard Last
Jens Montanana
Remuneration Committee
Meetings attended
2/2
2/2
The Remuneration Committee comprises Andrew Lloyd, who is the committee chairman, Jens Montanana and Richard Last.
It meets at least twice a year and reviews and advises upon the remuneration and benefits packages of the executive directors.
The remuneration of the chairman and non-executive directors is decided upon by the Board of Directors.
The Remuneration Committee met twice in the year ended 31 December 2013. The attendance of individual Committee members
at Remuneration Committee meetings in the year to 31 December 2013 is shown in the table below:
Andrew Lloyd
Jens Montanana
Richard Last
Nominations Committee
Meetings attended
2/2
2/2
2/2
Due to the size of the Board of Directors, the directors do not consider there to be any need for a nominations committee. Issues that
would normally be dealt with by a nominations committee are handled by the Board of Directors. The Board of Directors will review the
need for a nominations committee on a regular basis.
Internal controls
The directors are responsible for the Group’s system of internal control and for reviewing its effectiveness whilst the role of
management is to implement policies on risk management and control. The Group’s system of internal control is designed to manage,
rather than eliminate, the risk of failure to achieve the Group’s business objectives and can only provide reasonable, and not absolute,
assurance against material misstatement or loss.
The Board continually reviews the effectiveness of other internal controls, including financial, operational, compliance controls and risk
management. There were no specific reports tabled during the year ended 31 December 2013.
The Group operates a risk management process, which is embedded in normal management and governance processes. As part of the
annual strategic planning and budgeting process, the Group documents the significant risks identified, the probability of those risks
occurring, their potential impact and the plans for managing and mitigating each of those risks.
The Group operates a series of controls to meet its needs. These controls include, but are not limited to, the annual strategic planning and
budgeting process, a clearly defined organisational structure with authorisation limits, reviews by senior management of monthly financial
and operating information including comparisons with budgets, monthly treasury and cash flow reports and forecasts to the Board.
The Audit Committee receives reports from management and observations from the external auditors concerning the system of internal
control and any material control weaknesses. Significant risk issues, if any, are referred to the Board of Directors for consideration.
The Board of Directors makes an annual assessment of the effectiveness of the Group’s internal control system, including financial,
operational and compliance controls, before making this statement. The Board of Directors also considers issues included in reports
received during the year, how the risks have changed during the year and reviews any reports prepared on internal controls by
management and any issues identified by external auditors.
The Board of Directors does not believe it is currently appropriate to establish a separate, independent internal audit function given the
size of the Group.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�24 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Corporate Governance Report continued
Remuneration report
The Remuneration Committee’s principal function is to set remuneration of the Group’s executive directors and management to ensure
they are fairly compensated.
Basic salaries are set to ensure high quality executive directors and management are attracted and retained by the Group. They reflect
the knowledge, skill and experience of each individual director. Bonuses are non-pensionable and only payable if the Remuneration
Committee assesses the director’s achievements as worthy of the award.
The Remuneration Committee is also responsible for ensuring the Group’s share option schemes are operated properly. Details of
directors’ share options at 31 December 2013 are disclosed in note 30 of the Financial Statements.
Details of directors’ remuneration for the year ended 31 December 2013 is set out in note 27 of the Financial Statements. Jens
Montanana has elected to waive the fees payable to him for the financial year ended 31 December 2013.
Ashley Stephenson, executive director, has a service agreement which provides for the payment of six months’ base salary if the
agreement is terminated by the Company without cause.
Andrew Miller, executive director, has an employment agreement which is terminable by either party on not less than three months’
written notice increasing by one month at the end of each complete 12 month period of continuous employment provided that the
notice period shall not exceed six months in total. The agreement contains provisions for early termination in certain circumstances.
None of the Non-executive Directors has a service agreement. Letters of appointment for Jens Montanana, Richard Last and Andrew
Lloyd are for 12 month terms and provide that the appointment may be terminated by either party giving to the other not less than three
months’ notice.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 25
Statement of Directors' Responsibilities
The directors are responsible for preparing the Annual Report and Financial Statements in accordance with applicable law and regulations.
Company law requires the directors to prepare financial statements for each financial year. Under that law the directors have elected to
prepare the Group and Company financial statements in accordance with International Financial Reporting Standards as adopted by
the European Union (IFRSs). Under company law the directors must not approve the financial statements unless they give a true and fair
view of the state of affairs of the Group and parent company and of the profit or loss of the Group for that period. The directors’ are also
required to prepare financial statements in accordance with the rules of the London Stock Exchange for companies trading securities
on the AIM. In preparing these financial statements, the directors are required to:
•
select suitable accounting policies and then apply them consistently;
• make judgements and estimates that are reasonable and prudent;
•
state whether applicable IFRSs have been followed, subject to any material departures disclosed and explained in the
financial statements; and
• prepare the financial statements on the going concern basis unless it is inappropriate to presume that the Group will
continue in business.
The directors are responsible for keeping adequate accounting records that are sufficient to show and explain the Group’s transactions
and disclose with reasonable accuracy at any time the financial position of the Group and enable them to ensure that the financial
statements comply with the Companies Act 2006. They are also responsible for safeguarding the assets of the Group and hence for
taking reasonable steps for the prevention and detection of fraud and other irregularities.
The directors are responsible for ensuring the annual report and the financial statements are made available on a website. Financial
statements are published on the Company’s website in accordance with legislation in the United Kingdom governing the preparation
and dissemination of financial statements, which may vary from legislation in other jurisdictions. The maintenance and integrity of the
Company’s website is the responsibility of the directors. The directors’ responsibility also extends to the ongoing integrity of the
financial statements contained therein.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�26 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Independent Auditor’s Report
to the members of Corero Network Security plc
We have audited the financial statements of Corero Network Security plc for the year ended 31 December 2013 which comprise the
consolidated statement of comprehensive income, the consolidated and Company statements of financial position, the consolidated
and Company statements of cash flows, the consolidated and Company statements of changes in equity and the related notes.
The financial reporting framework that has been applied in their preparation is applicable law and International Financial Reporting
Standards (IFRSs) as adopted by the European Union and, as regards the parent Company financial statements, as applied in
accordance with the provisions of the Companies Act 2006.
This report is made solely to the Company’s members, as a body, in accordance with Chapter 3 of Part 16 of the Companies Act 2006.
Our audit work has been undertaken so that we might state to the Company’s members those matters we are required to state to them in
an auditor’s report and for no other purpose. To the fullest extent permitted by law, we do not accept or assume responsibility to anyone
other than the Company and the Company’s members as a body, for our audit work, for this report, or for the opinions we have formed.
Respective responsibilities of directors and auditors
As explained more fully in the statement of directors’ responsibilities, the directors are responsible for the preparation of the financial
statements and for being satisfied that they give a true and fair view. Our responsibility is to audit and express an opinion on the
financial statements in accordance with applicable law and International Standards on Auditing (UK and Ireland). Those standards
require us to comply with the Financial Reporting Council’s (FRC’s) Ethical Standards for Auditors.
Scope of the audit of the financial statements
A description of the scope of an audit of financial statements is provided on the FRC’s website at www.frc.org.uk/auditscopeukprivate.
Opinion on financial statements
In our opinion:
•
•
•
•
the financial statements give a true and fair view of the state of the Group’s and the parent Company’s affairs as at
31 December 2013 and of the Group’s profit for the year then ended;
the Group financial statements have been properly prepared in accordance with IFRSs as adopted by the European Union;
the parent Company financial statements have been properly prepared in accordance with IFRSs as adopted by the European
Union and as applied in accordance with the provisions of the Companies Act 2006; and
the financial statements have been prepared in accordance with the requirements of the Companies Act 2006.
Opinion on other matters prescribed by the Companies Act 2006
In our opinion the information given in the strategic report and directors’ report for the financial year for which the financial
statements are prepared is consistent with the financial statements.
Matters on which we are required to report by exception
We have nothing to report in respect of the following matters where the Companies Act 2006 requires us to report to you if, in our opinion:
•
•
•
adequate accounting records have not been kept by the parent Company, or returns adequate for our audit have not been received
from branches not visited by us; or
the parent Company financial statements are not in agreement with the accounting records and returns; or
certain disclosures of directors’ remuneration specified by law are not made; or
• we have not received all the information and explanations we require for our audit.
Gary Hanson (senior statutory auditor)
For and on behalf of BDO LLP, statutory auditor
London
United Kingdom
24 March 2014
BDO LLP is a limited liability partnership registered in England and Wales (with registered number OC305127).
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 27
Consolidated Statement
of Comprehensive Income
for the year ended 31 December 2013
Revenue
Cost of sales
Gross profit
Operating expenses before highlighted items
Depreciation and amortisation of intangible assets
Operating expenses
Operating loss
Finance income
Finance costs
Loss before taxation
Taxation
Loss for the year from continuing operations
Profit from discontinued operations
Profit from sale of discontinued operations
Profit/(loss) for the year
Other comprehensive income
Difference on translation of UK functional currency entities
Transfer of translation differences on disposal of foreign subsidiary to disposal account
Total comprehensive income/(expense) for the year
Total profit/(loss) for the year attributable to:
Equity holders of the parent
Non-controlling interest
Total comprehensive income/(expense) for the year attributable to:
Equity holders of the parent
Non-controlling interest
Total
Total comprehensive income/(expense) for the year attributable
equity holders of the parent arises from:
Continuing operations
Discontinued operations
Total
* restated for disposal of Corero Business Systems Limited. See note 9.
Basic and diluted earnings/(loss) per share
Basic and diluted loss per share from continuing operations
Basic and diluted earnings per share from discontinued operations
Basic and diluted earnings/(loss) per share
The notes on pages 33 to 61 form part of these financial statements.
Total
2012*
Restated
$’000
11,378
(3,407)
7,971
(13,743)
(2,399)
(16,142)
(8,171)
116
(507)
(8,562)
371
(8,191)
2,302
–
(5,889)
537
–
(5,352)
(6,055)
166
(5,889)
(5,495)
143
(5,352)
(7,570)
2,075
(5,495)
2012
Cents
(13.4)
3.7
(9.7)
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
Total
2013
$’000
10,268
(3,588)
6,680
(12,911)
(2,309)
(15,220)
(8,540)
44
(388)
(8,884)
371
(8,513)
1,436
15,244
8,167
1,016
(1)
9,182
8,054
113
8,167
9,036
146
9,182
(7,499)
16,535
9,036
2013
Cents
(9.4)
20.7
11.3
Note
13,14,15
5
6
8
9
9
11
�28 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Consolidated Statement
of Financial Position
as at 31 December 2013
Assets
Non-current assets
Goodwill
Acquired intangible assets
Capitalised development expenditure
Property, plant and equipment
Current assets
Inventories
Trade and other receivables – due in less than one year
Trade and other receivables – due in more than one year
Cash and cash equivalents
Liabilities
Current Liabilities
Trade and other payables
Borrowings
Deferred income
Net current assets/(liabilities)
Non-current liabilities
Borrowings
Deferred income
Deferred taxation
Net assets
Total equity attributable to owners of the parent
Ordinary share capital
Deferred share capital
Share premium
Share options reserve
Translation reserve
Retained earnings
Non-controlling interest
Total equity
Note
2013
$’000
2012
$’000
12
13
14
15
17
18
18
19
20
22
20
22
23
25
25
26
17,983
2,635
6,121
1,343
28,082
329
3,483
237
9,775
13,824
(2,171)
(256)
(3,195)
(5,622)
8,202
–
(1,423)
(825)
(2,248)
34,036
1,333
7,051
43,507
293
1,193
(19,341)
34,036
–
34,036
18,811
3,739
4,528
1,241
28,319
622
4,442
1,123
4,861
11,048
(3,972)
(182)
(7,592)
(11,746)
(698)
(5,984)
(1,146)
(1,196)
(8,326)
19,295
925
7,051
38,046
268
211
(27,395)
19,106
189
19,295
These financial statements were approved by the Board of Directors on 24 March 2014 and signed on their behalf.
Andrew Miller
Director
The notes on pages 33 to(cid:3)(cid:29)1 form part of these financial statements.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 29
Company Statement
of Financial Position
as at 31 December 2013
Assets
Non-current assets
Investments in subsidiaries
Current assets
Trade and other receivables – due in more than one year
Cash and cash equivalents
Liabilities
Current Liabilities
Trade and other payables
Net current assets
Net assets
Equity
Ordinary share capital
Deferred share capital
Share premium
Share options reserve
Translation reserve
Retained earnings
Total equity
Note
2013
$’000
2012
$’000
16
18
19
25
25
26
36,930
36,930
10,201
9,626
19,827
(229)
19,598
56,528
1,333
7,051
43,507
293
3,259
1,085
56,528
26,720
26,720
8,407
2,971
11,378
–
11,378
38,098
925
7,051
38,046
268
1,171
(9,363)
38,098
These financial statements were approved by the Board of Directors on 24 March 2014 and signed on their behalf.
Andrew Miller
Director
The notes on pages 33 to(cid:3)(cid:29)1 form part of these financial statements.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�30 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Statements of Cash Flows
for the year ended 31 December 2013
Group
Company
Cash flows from operating activities
Note
13
14
15
8
30
9
13
14
15
Profit/(loss) for the year
Adjustments for:
Amortisation of acquired intangible assets
Amortisation of capitalised development expenditure
Depreciation
Finance income
Finance expense
Taxation
Share-based payment charge
Profit on disposal of subsidiary
Increase in provisions
Decrease/(increase) in inventories
(Increase)/decrease in trade and other receivables
(Decrease)/increase in payables
Net cash from operating activities
Cash flows from investing activities
Acquisition of subsidiaries, net of cash acquired
Purchase of intangible assets
Capitalised development expenditure
Purchase of property, plant and equipment
Sale proceeds from disposal of subsidiary less costs
Repayments from subsidiaries
Payments made to subsidiaries
Net cash used in investing activities
Cash flows from financing activities
Net proceeds from issue of ordinary share capital
Term loan received
Finance income
Finance expense
Repayment of term loans
Capital element of finance lease repayments
Receipt/(repayment) of credit facility
Net cash from financing activities
Effects of exchange rates on cash and cash
equivalents
Net increase/(decrease) in cash and cash equivalents
Cash and cash equivalents at 1 January
Cash and cash equivalents at 31 December
The notes on pages 33 to 61 form part of these financial statements.
2013
$’000
10,448
–
–
–
2012
$’000
430
–
–
–
(382)
(443)
2013
$’000
8,167
1,202
511
822
(48)
408
(371)
25
(15,244)
–
293
(2,863)
(406)
(7,504)
–
(107)
(4,202)
(1,148)
17,225
–
–
2012
$’000
(5,889)
1,157
1,044
566
(119)
507
(371)
9
–
–
(233)
–
(1,802)
(5,131)
–
(237)
(3,174)
(802)
–
–
–
11,768
(4,213)
–
–
25
(10,816)
725
–
10
69
79
–
–
–
–
16,328
1,966
(18,558)
(264)
5,869
1,897
48
(39)
(8,432)
(23)
256
(424)
1,074
4,914
4,861
9,775
6,989
5,869
250
119
(64)
(121)
(27)
(189)
–
43
–
–
–
–
6,957
5,912
6,984
568
(1,819)
6,680
4,861
928
6,655
2,971
9,626
209
(1,743)
4,714
2,971
-
–
9
–
–
–
–
40
36
10
–
–
–
–
792
(9,774)
(8,972)
6,868
–
116
–
–
–
–
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 31
Consolidated Statement
of Changes in Equity
for the year ended 31 December 2013
1 January 2012
Loss for the year
Other comprehensive income
Total comprehensive
expense for the year
Contributions by and
distributions to owners
Share-based payments
Issue of share capital
Shares to be issued
Dilution of ownership
of subsidiary
Total contributions by and
distributions to owners
31 December 2012
Profit for the year
Other comprehensive income
Disposal of non-controlling interest
share of translation reserve
Total comprehensive
income for the year
Contributions by and
distributions to owners
Share-based payments
Issue of share capital
Disposal of non-controlling interest
in non-wholly owned subsidiary
Total contributions by and
distributions to owners
31 December 2013
Share
capital
$’000
7,803
–
–
–
–
173
–
–
173
7,976
–
–
–
–
–
408
–
408
8,384
Shares
to be
issued
$’000
Share
premium
account
$’000
Share
options
reserve
$’000
Translation
reserve
$’000
Retained
earnings
$’000
Total
attributable
to equity
holders of
the parent
$’000
Non-
controlling
interest
$’000
Total
equity
$’000
124
–
–
–
–
–
(124)
–
(124)
–
–
–
–
–
–
–
–
–
–
31,228
–
–
–
–
6,818
–
–
6,818
38,046
–
–
–
–
–
5,461
–
5,461
43,507
259
–
–
–
9
–
–
–
9
268
–
–
–
–
25
–
–
25
293
(349)
–
560
(21,340)
(6,055)
–
17,725
(6,055)
560
36
17,761
166 (5,889)
537
(23)
560
(6,055)
(5,495)
143
(5,352)
–
–
–
–
–
–
–
–
9
6,991
(124)
–
–
–
9
6,991
(124)
–
10
10
–
211
–
1,015
–
(27,395)
8,054
–
6,876
19,106
8,054
1,015
10
6,886
189 19,295
8,167
113
1,015
–
(33)
–
(33)
33
–
982
8,054
9,036
146
9,182
–
–
–
–
–
–
25
5,869
–
–
25
5,869
–
(335)
(335)
–
1,193
–
(19,341)
5,894
34,036
(335)
5,559
– 34,036
The share capital comprises the nominal values of all shares issued.
The share premium account comprises the amounts subscribed for share capital in excess of the nominal value.
The share options reserve represents the cost to the Group of share options.
The translation reserve arises on retranslating the net assets of UK operations into US dollars.
The retained earnings are all other net gains and losses and transactions with owners not recognised elsewhere.
The notes on pages 33 to 61 form part of these financial statements.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�32 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Company Statement of Changes in Equity
for the year ended 31 December 2013
1 January 2012
Profit for the year
Other comprehensive income
Total comprehensive income for the year
Contributions by and distributions to owners
Share-based payments
Issue of share capital
Shares to be issued
Total contributions by and distributions to owners
31 December 2012
Profit for the year
Other comprehensive income
Total comprehensive income for the year
Contributions by and distributions to owners
Share-based payments
Issue of share capital
Total contributions by and distributions to owners
31 December 2013
Share
capital
$’000
Shares to
be issued
$’000
Share
premium
account
$’000
Share
options
reserve
$’000
Translation
reserve
$’000
Retained
earnings
$’000
Total
equity
$’000
7,803
124
31,228
259
(525)
(9,793)
29,096
–
–
–
–
173
–
173
7,976
–
–
–
–
408
408
8,384
–
–
–
–
–
(124)
(124)
–
–
–
–
–
–
–
–
–
–
–
–
6,818
–
6,818
38,046
–
–
–
–
5,461
5,461
–
–
–
9
–
–
9
–
1,696
1,696
–
–
–
–
430
–
430
–
–
–
–
430
1,696
2,126
9
6,991
(124)
6,876
268
1,171
(9,363)
38,098
–
–
–
25
–
25
–
10,448
10,448
2,088
2,088
–
2,088
10,448
12,536
–
–
–
–
–
–
25
5,869
5,894
43,507
293
3,259
1,085
56,528
The notes on pages 33 to 61 form part of these financial statements.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 33
Notes to the Financial Statements
1. General information
Presentation currency
These consolidated financial statements
are presented in US Dollars (“$”) which
represents the presentation currency of
the Group. The average $-GBP sterling
(“GBP”) exchange rate, used for the
conversion of the statement of
comprehensive income, for the 12 months
ended 31 December 2013 was 1.57 (2012:
1.59). The closing $-GBP exchange rate,
used for the conversion of the Group’s
assets and liabilities, at 31 December 2013
was 1.66 (2012: 1.63).
Corero Network Security plc is a public
limited company incorporated in the
United Kingdom under the Companies
Act 2006.
2. Significant accounting policies
2.1 Basis of preparation
The Group and parent Company financial
statements have been prepared in
accordance with EU endorsed
International Financial Reporting
Standards (IFRS), International Financial
Reporting Interpretations Committee
(IFRIC) interpretations and those parts
of the Companies Act 2006 applicable
to companies reporting under IFRS.
2.2 Going Concern
The financial statements have been
prepared on a going concern basis.
The directors have prepared detailed
income statement, balance sheet and
cash flow projections for the period to
31 December 2015. The cash flow
projections have been subjected to
sensitivity analysis at the revenue, cost
and combined revenue and cost levels.
The cash flow projections show that the
Group will maintain a positive cash
balance until at least 31 December 2015.
As a result, the directors are of the opinion
that the Group has adequate working
capital to continue as a going concern for
the foreseeable future and, in particular, for
a period of at least 12 months from the date
of approval of these financial statements.
2.3 Basis of consolidation
The consolidated financial statements
incorporate the results, assets, liabilities
and cash flows of the Company and each
of its subsidiaries for the financial year
ended 31 December 2013.
Subsidiaries are entities controlled by
the Group. Control is deemed to exist
when the Group has the power, directly
or indirectly, to govern the financial and
operating policies of an entity so as to
obtain benefits from its activities. The
results, assets, liabilities and cash flows
of subsidiaries are included in the
consolidated financial statements from
the date control commences until the
date that control ceases.
The results of operations disposed during
the year are included in the consolidated
statement of comprehensive income up
to the date of disposal. A discontinued
operation is a component of the Group’s
business that represents a separate
major line of business that has been
disposed of. Discontinued operations are
presented in the consolidated statement
of comprehensive income as single lines
which comprise the post-tax profit or loss
of the discontinued operation up to the
date of sale along with the post-tax gain
or loss on the disposal of the assets less
costs to sell of discontinued operations.
Where necessary, adjustments are made
to the financial statements of subsidiaries
to bring the accounting policies used into
line with those used by the Group.
Intra-group balances and transactions
are eliminated on consolidation.
2.4 Business combinations
The acquisition method is used to
account for all acquisitions. The cost
of an acquisition is measured at the fair
values, on the date of exchange, of assets
given, liabilities incurred or assumed,
and equity instruments issued.
At the date of acquisition, the identifiable
assets and liabilities and contingent
liabilities of a subsidiary are measured at
their fair values. Any excess of the cost
of acquisition over the fair values of
the identifiable net assets acquired is
recognised as goodwill.
Non-controlling interests are initially
recognized at their fair value. The total
comprehensive income of non-wholly
owned subsidiaries is attributed to owners
of the parent and to the non-controlling
interests in proportion to their relative
ownership interests.
2.5 Revenue
Revenue is measured at the fair value of
the consideration received or receivable
and represents the amounts receivable for
services provided in the normal course of
business, net of all related discounts and
sales tax.
The Group has adopted the following
policy in respect of revenue recognition:
1. Hardware and Software Products
When a sales arrangement contains
multiple elements, such as hardware and
software products, licenses and/or
services, the Group allocates revenue to
each element based on a selling price
hierarchy, having evaluated each
deliverable in an arrangement to
determine whether they represent
separate units of accounting. A deliverable
constitutes a separate unit of accounting
when it has standalone value.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�34 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Notes to the Financial Statements continued
The selling price for a deliverable is based
on its vendor specific objective evidence
(“VSOE”) if available, third party evidence
(“TPE”) if VSOE is not available, or best
estimated selling price (“BESP”) if neither
VSOE nor TPE is available. In multiple
element arrangements where more-than-
incidental software deliverables are
included, revenue is allocated to each
separate unit, accounting for each of the
non-software deliverables and to the
software deliverables as a group using the
relative selling prices of each of the
deliverables in the arrangement based on
the aforementioned selling price hierarchy.
The Group establishes the VSOE of selling
price using the price charged for a
deliverable when sold separately. The TPE
of selling price is established by evaluating
similar and interchangeable competitor
products or services in standalone sales
to similarly situated customers. The best
estimate of selling price is established
considering both internal and external
factors such as pricing practices,
customer pricing strategies, margin
objectives, market conditions, competitor
pricing strategies, and industry
technology lifecycles.
2. Consulting and Professional Services
Revenue from the provision of consultancy
and professional services is recognised as
the work is performed.
3. Maintenance and Support Services
Revenue is recognised on a straight line
basis over the life of the agreement.
2.6 Cost of sales
Cost of sales includes all direct costs
associated with revenue generation,
including services delivery, support costs
and amounts charged by external third
parties for services and goods directly
related to revenue. Examples of such
costs would include, but not be limited to,
external consultants and third party
hardware and software costs.
2.7 Foreign currencies
Transactions in foreign currencies are
translated at the exchange rate ruling at
the date of each transaction. Foreign
currency monetary assets and liabilities
are retranslated using the exchange rates
at the reporting date. Gains and losses
arising from changes in exchange rates
after the date of the transaction are
recognised in profit or loss in the
Statement of Comprehensive Income.
Non-monetary assets and liabilities that
are measured in terms of historical cost
in a foreign currency are translated at
the exchange rate at the date of the
original transaction.
In the consolidated financial statements,
the net assets of the Group’s UK
operations are translated into US dollars
at the exchange rate at the reporting date.
Income and expense items are translated
into US dollars at the average exchange
rates for the period. The resulting
exchange differences are recognised in
the translation reserve. Such translation
differences are recognised in profit or
loss on the disposal of the UK operation.
2.8 Intangible assets
Internally generated intangible assets
The Group’s internally generated
intangible asset relates to its
development expenditure.
Development expenditure is capitalised
only when it is probable that future
economic benefit will result from the
project and the following criteria are met:
•
The technical feasibility of the
product has been ascertained;
• Adequate, technical, financial
•
and other resources are available
to complete and sell or use the
intangible asset;
The Group can demonstrate how
the intangible asset will generate
future economic benefits and the
ability to use or sell the intangible
asset can be demonstrated;
•
•
It is the intention of management to
complete the intangible asset and
use it or sell it; and
The development costs can be
measured reliably.
Expenditure not meeting these criteria
is expensed in the Statement of
Comprehensive Income.
After initial recognition, internally
generated intangible assets are carried at
cost less accumulated amortisation and
any impairment losses.
Acquired intangible assets
Purchased computer software is carried
at cost less accumulated amortisation
and any impairment losses.
Customer contracts and the related
customer relationships are carried at cost
less accumulated amortisation and any
impairment losses.
Identifiable intangible assets acquired
as part of a business combination are
initially recognised separately from
goodwill, irrespective of whether the
assets have been recognised by the
acquiree before the business
combination. An intangible asset is
considered identifiable only if it is
separable or if it arises from contractual
or other legal rights, regardless of
whether those rights are transferable
or separable from the entity or from
other rights and obligations.
Intangible assets acquired as part of
a business combination and recognised
by the Group are computer software,
customer contracts and the related
customer relationships.
After initial recognition, assets acquired as
part of a business combination are carried
at cost less accumulated amortisation and
any impairment losses.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 35
Amortisation
Intangible assets are amortised on a
straight line basis, to reduce their carrying
value to zero over their estimated useful
lives. The following useful lives were
applied during the year:
• Computer software acquired –
3 or 5 years straight line
• Customer contracts and the related
customer relationships –
7 years straight line
• Capitalised development expenditure –
5 years straight line
Amortisation costs are included within
operating expenses in the Statement
of Comprehensive Income.
Methods of amortisation and useful lives
are reviewed, and if necessary adjusted,
at each reporting date.
2.9 Property, plant and equipment
Property, plant and equipment is stated at
cost less accumulated depreciation and
any impairment losses. Cost comprises
the purchase cost of property, plant and
equipment together with any directly
attributable costs.
Subsequent costs are included in an
asset’s carrying value or are recognised as
a separate asset when it is probable that
future economic benefits associated with
the additional expenditure will flow to the
Group and the cost of the item can be
measured reliably. All other costs are
charged to the Statement of
Comprehensive Income as incurred.
Depreciation commences when an
asset is available for use. Depreciation
is calculated so as to write off the cost
or value of an asset, net of anticipated
disposal proceeds, over the useful life
of that asset as follows:
•
Leasehold improvements –
Period of the lease straight line
• Computer equipment –
2 to 4 years straight line
•
Fixtures and fittings –
2 to 5 years straight line
• Office equipment –
3 to 5 years straight line
Methods of depreciation, residual values
and useful lives are reviewed, and if
necessary adjusted, at each balance
sheet date.
The gain or loss arising from the disposal
or retirement of an item of property, plant
and equipment is determined as the
difference between the net disposal
proceeds and the carrying amount of
the item, and is included in the Statement
of Comprehensive Income.
2.10 Inventory
Inventory is stated at the lower of cost
or net realisable value. Cost is computed
using standard cost, which approximates
actual cost, on a first-in, first-out basis.
Rapid technological change and new
product introductions and enhancements
could result in excess or obsolete inventory.
To minimise this risk, the Group evaluates
inventory levels and expected usage on
a periodic basis and records valuation
allowances as required.
2.11 Impairment
At each reporting date, the Group
assesses whether there is any indication
that its assets have been impaired. If any
such indication exists, the recoverable
amount of the asset is estimated in order
to determine the extent of any impairment.
If it is not possible to estimate the
recoverable amount of the individual
asset, the recoverable amount of the
cash-generating unit to which the
asset belongs is determined.
The recoverable amount of an asset or a
cash-generating unit is the higher of its fair
value less costs to sell and its value in use.
The value in use is the present value of the
future cash flows expected to be derived
from an asset or cash-generating unit. This
present value is discounted using a pre-tax
rate that reflects current market
assessments of the time value of money
and of the risks specific to the asset for
which future cash flow estimates have not
been adjusted. If the recoverable amount of
an asset is less than its carrying amount,
the carrying amount of the asset is reduced
to its recoverable amount. That reduction is
recognised as an impairment loss.
An impairment loss relating to assets
carried at cost less any accumulated
depreciation or amortisation is recognised
immediately in the Statement of
Comprehensive Income.
Goodwill acquired in a business
combination is, from the acquisition date,
allocated to each of the cash-generating
units or groups of cash-generating units
that are expected to benefit from the
synergies of the combination.
Goodwill is tested for impairment at least
annually, and whenever there is an
indication that the asset may be impaired.
An impairment loss is recognised for
cash-generating units if the recoverable
amount of the unit is less than the carrying
amount of the unit. The impairment loss is
allocated to reduce the carrying amount of
the assets of the unit by first reducing the
carrying amount of any goodwill allocated
to the cash-generating unit, and then
reducing the carrying amounts of the other
assets of the unit pro rata.
If an impairment loss subsequently
reverses, the carrying amount of the asset
is increased to the revised estimate of its
recoverable amount but limited to the
carrying amount that would have been
determined had no impairment loss been
recognised in prior years. A reversal of
an impairment loss is recognised in the
Statement of Comprehensive Income.
Impairment losses on goodwill are not
subsequently reversed.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�36 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Notes to the Financial Statements continued
2.12 Leases
Where substantially all of the risks and
rewards incidental to ownership of a
leased asset are transferred to the
Company (a “finance lease”), the asset is
treated as if it had been purchased
outright. The amount initially recognised
as an asset is the lower of the fair value of
the leased property and the present value
of the minimum lease payments payable
over the term of the lease. The
corresponding lease commitment is
shown as a liability. Lease payments are
analysed between capital and interest.
The interest element is charged to the
Statement of Comprehensive Income over
the period of the lease and is calculated
so that it represents a constant proportion
of the lease liability. The capital element
reduces the balance owed to the lessor.
Where substantially all of the risks and
rewards incidental to ownership are not
transferred to the Company (an “operating
lease”), the total rentals payable under the
lease are charged to the Statement of
Comprehensive Income on a straight-line
basis over the lease term. The aggregate
benefit of lease incentives is recognised
as a reduction of the rental expense over
the lease term on a straight-line basis.
2.13 Investments in subsidiaries
In the Company’s separate
financial statements, investments
in subsidiaries are carried at cost
less any impairment provisions.
2.14 Taxation
The tax expense represents the sum
of current tax and deferred tax.
Current tax
Current tax is based on taxable profit for
the year and is calculated using tax rates
enacted or substantively enacted at the
reporting date. Taxable profit differs from
accounting profit either because items are
taxable or deductible in periods different
to those in which they are recognised in
the financial statements, or because they
are never taxable or deductible.
Deferred tax
Deferred tax on temporary differences at
the reporting date between the tax bases
of assets and liabilities and their carrying
amounts for financial reporting purposes
is accounted for using the balance sheet
liability method.
Using the balance sheet liability method,
deferred tax liabilities are recognised in full
for all taxable temporary differences and
deferred tax assets are recognised to the
extent that it is probable that taxable profits
will be available against which deductible
temporary differences can be utilised.
However, if the temporary difference arises
from the initial recognition of goodwill or
the initial recognition of an asset or liability
in a transaction other than a business
combination, that at the time of the
transaction affects neither accounting
nor taxable profit, it is not recognised
as deferred tax asset or liability.
Deferred taxation is measured at the
tax rates that are expected to apply
when the asset is realised, or the liability
settled, based on tax rates and laws
enacted or substantively enacted at
the reporting date.
2.15 Provisions
A provision is recognised when, as a
result of a past event, the Group has a
legal or constructive obligation, it is
probable that an outflow of resources
embodying economic benefits will be
required to settle the obligation and a
reliable estimate of the amount of such
an obligation can be made.
Provisions are measured at the best
estimate of the expenditure required to
settle the obligation at the reporting date.
When the effect is material, the expected
future cash flows required to settle the
obligation are discounted at the pre-tax
rate that reflects the current market
assessments of the time value of money
and the risks specific to the obligation.
2.16 Post-retirement benefits
The Group makes contributions in respect
of certain employees to defined
contribution pension plans under which
it is required to pay fixed contributions
to group and personal pension funds.
Contributions to the schemes are based
on a proportion of the employees’
earnings and are charged to the
Statement of Comprehensive Income
when incurred. The Group has no
obligation beyond these contributions.
2.17 Financial instruments
The Group classifies financial
instruments, or their component parts,
on initial recognition as a financial asset,
a financial liability or an equity instrument
in accordance with the substance of
the contractual arrangement.
Financial assets and financial liabilities
are recognised in the Group’s statement
of financial position when the Group
becomes party to the contractual
provisions of the instrument.
The particular recognition and
measurement methods adopted for
the Group’s financial instruments
are disclosed below:
Trade and other receivables
Trade and other receivables are stated at
their fair value at time of initial recognition,
reflecting where material the time value
of money. A provision for impairment
of trade receivables is established when
there is evidence that the Group will not
be able to collect all amounts due
according to the original terms of these
receivables. The amount of the provision
is the difference between the carrying
value and the present value of estimated
future cash flows, discounted at the
original effective interest rate.
Cash and cash equivalents
Cash and cash equivalents include cash
in hand, deposits on call with banks.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 37
Trade and other payables
Trade and other payables are not interest
bearing and are stated at their fair value
at time of initial recognition. Thereafter
they are accounted for at amortised cost.
2.18 Equity instruments
An equity instrument is any contract that
evidences a residual interest in the assets of
the Company after deducting all its liabilities.
Equity instruments issued by the Company
are recorded at the proceeds received,
net of directly attributable issue costs.
2.19 Employee share option schemes
The Group operates an equity-settled
share-based compensation plan. The fair
value of the employees’ services received
in exchange for the grant of share options
is measured at grant date and recognised
as an expense on a straight line basis over
the vesting period, based on the Group’s
estimate of shares that will eventually vest.
Fair value is determined by reference to
the Black-Scholes option pricing model.
At each reporting date, the Group revises
its estimate of the number of options that
are expected to become exercisable.
When share options are exercised, the
proceeds received, net of any transaction
costs, are credited to share capital
(nominal value) and share premium.
2.20 Receivables-backed working
capital facility
The Group makes use of a receivables-
backed working capital facility. Trade
receivables are recognised as the Group
retains the significant risks and benefits.
The related funding is shown as a financial
liability and accounted for on an amortised
cost basis.
2.21 Standards and Interpretations not
yet effective
There are no standards and interpretations
that are issued but not yet effective at the
date of authorisation of these financial
statements that the Group reasonably
expects will have an impact on disclosures,
financial position or performance when
applied at a future date.
3. Critical accounting judgements
and key sources of estimation
uncertainty
3.1 Critical judgements in applying
the Group’s accounting policies
In the process of applying the Group
accounting policies, the following
judgements have had a significant effect
on the amounts recognised in the
financial statements:
Internally generated research
and development costs
Management monitors progress of internal
research and development projects.
Judgement is required in distinguishing the
research phase from the development
phase. Development costs are recognised
as an asset when all criteria are met,
whereas research costs are expensed as
incurred. Management monitors whether
the recognition requirements for
development costs continue to be met.
This is necessary as the economic success
of any product development is uncertain.
3.2 Key accounting estimates
and assumptions
Key assumptions concerning the future and
other key sources of estimation uncertainty
that have a significant risk of causing a
material adjustment to the carrying
amounts of assets and liabilities within
the next financial year are as follows:
Impairment of intangible assets and
property, plant and equipment
The Group tests goodwill at least annually for
impairment, and whenever there is an
indication that the asset may be impaired. All
other intangible assets and property, plant
and equipment are tested for impairment
when indicators of impairment exist.
Impairment is determined with reference to
the higher of fair value less costs to sell and
value in use. Value in use is estimated using
discounted future cash flows. Significant
assumptions are made in estimating future
cash flows about future events including
future market conditions, future growth rates
and appropriate discount rates. Changes in
these assumptions could affect the outcome
of impairment reviews. Details of the main
assumptions used in the assessment of the
carrying value of the Group’s cash generating
unit is set out in note 12.
Impairment of investments and
intercompany balances (applies to the
Company Financial Statements only)
The directors have reviewed the carrying
value of the intercompany balances and
cost of investments in subsidiaries of the
Company with reference to current and
future trading conditions. The investment
and intercompany balances between the
Company and Corero Network Security,
Inc. and Corero Network Security (UK)
Limited have been reviewed with
reference to a valuation based on a
discounted free cash flow which the
directors consider to be an appropriate
valuation methodology, in conjunction
with the goodwill impairment review.
Going Concern
The directors have reviewed the future
profit and cash flow projections in
conjunction with the current economic
climate in order to express an opinion on
the adequacy of working capital and the
ability to continue as a going concern for
the foreseeable future. The methodology
and uncertainties contained in the
projections are detailed in the note 2.2.
4. Segment reporting
Business segments
Subsequent to the sale of the Corero
Business Systems division the Group is
managed according to one business unit;
Corero Network Security which makes up
the Group’s reportable operating segment.
This business unit forms the basis on
which the Group reports its primary
segment information to the Board, which
management consider to be the Chief
Operating Decision maker for the
purposes of IFRS 8 Operating Segments.
The loss before taxation for the year was
$8.9 million (2012: $8.6 million). Included
in the loss were the central costs of
$1.1 million (2012: $1.2 million) which
comprise mainly central and parent
Company overheads relating to the
Group management, the finance
function and regulatory requirements.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�38 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Notes to the Financial Statements continued
Reportable Operating Segments
Continuing operations
Discontinued operations
Total
2013
$’000
17,983
2,635
6,121
1,343
28,082
329
3,720
9,775
13,824
(2,171)
(256)
(3,195)
(5,622)
8,202
–
(1,423)
(825)
(2,248)
34,036
2012
$’000
17,983
3,734
2,662
1,095
25,474
622
2,482
3,754
6,858
(2,185)
(182)
(4,057)
(6,424)
434
(5,984)
(1,146)
(1,196)
(8,326)
17,582
2013
$’000
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
2012
$’000
828
5
1,866
146
2,845
–
3,083
1,107
4,190
(1,787)
–
(3,535)
(5,322)
(1,132)
–
–
–
–
1,713
2013
$’000
17,983
2,635
6,121
1,343
28,082
329
3,720
9,775
13,824
(2,171)
(256)
(3,195)
(5,622)
8,202
–
(1,423)
(825)
(2,248)
34,036
2012
$’000
18,811
3,739
4,528
1,241
28,319
622
5,565
4,861
11,048
(3,972)
(182)
(7,592)
(11,746)
(698)
(5,984)
(1,146)
(1,196)
(8,326)
19,295
Non-current assets
Goodwill
Acquired intangible assets
Capitalised development expenditure
Property, plant & equipment
Current assets
Inventories
Trade and other receivables
Cash and cash equivalents
Current liabilities
Trade and other payables
Borrowings
Deferred income
Net current assets/(liabilities)
Non-current liabilities
Borrowings
Deferred income
Deferred taxation
Net assets
The Group’s revenues from external customers and its non-current assets are divided into the following geographical areas:
Continuing operations
Geographical area
North America
EMEA
APAC
Other countries
Total
2013
$’000
Revenue
5,998
2,972
802
496
2013
$’000
Non-current
assets
28,082
–
–
–
10,268
28,082
2012
$’000
Revenue
5,736
4,100
1,389
153
11,378
2012
$’000
Non-current
assets
25,474
–
–
–
25,474
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 39
EMEA revenue analysis
UK
Europe
Other
Total
2013
$’000
1,882
656
434
2,972
2012
$’000
2,152
1,739
209
4,100
Revenues for external customers are identified on the basis of invoicing systems and adjusted to take into account the difference
between invoiced amounts and deferred revenue adjustments required by IAS.
The revenue is analysed as follows for each revenue category:
Hardware and licence revenue
Maintenance and support services revenue
Total
Discontinued operations
Geographical area
EMEA – UK
Total
2013
$’000
4,409
5,859
10,268
2012
$’000
4,429
6,949
11,378
2013
$’000
Revenue
5,630
5,630
2013
$’000
Non-current
assets
–
–
2012
$’000
Revenue
9,187
9,187
2012
$’000
Non-current
assets
2,845
2,845
Revenues from external customers have been identified on the basis of invoicing systems.
The revenue is analysed as follows for each revenue category:
Licence revenue
Professional services and support revenue
Total
5. Finance income
Interest on bank deposits
2013
$’000
2,154
3,476
5,630
2013
$’000
44
2012
$’000
3,207
5,980
9,187
2012
$’000
116
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�40 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Notes to the Financial Statements continued
6. Finance costs
8% Loan note interest payable
Bank interest payable (accounts receivable financing facility and term loan)
Finance interest
Other
7. Loss for the year
The following items have been included in arriving at the loss for the year before taxation
Amortisation of acquired intangible assets (note 13)
Amortisation of capitalised development (note 14)
Depreciation of property, plant and equipment (note 15)
Research and development cost
Operating lease rentals payable
Amortisation of acquired intangible assets (note 13)
Amortisation of capitalised development (note 14)
Impairment of capitalised development (note 14)
Depreciation of property, plant and equipment (note 15)
Research and development cost
Operating lease rentals payable
Auditor’s remuneration
Remuneration received by the Company’s auditor or an associate
of the Company’s auditor for the audit of these Financial Statements
The audit of the accounts of other group companies
Fees payable to the Company’s auditor for corporate finance services
Fees payable to the Company’s auditor for taxation compliance services
Fees payable to the Company’s auditor for taxation advisory services
2013
$’000
370
15
3
–
388
Continuing
2013
$’000
Discontinued
2013
$’000
1,200
337
772
3,795
343
2
174
50
407
71
Continuing
2012
$’000
Discontinued
2012
$’000
1,154
366
382
497
2,413
321
3
296
–
69
562
120
2013
$’000
25
75
10
39
9
158
2012
$’000
443
51
6
7
507
Total
2013
$’000
1,202
511
822
4,202
414
Total
2012
$’000
1,157
662
382
566
2,975
441
2012
$’000
33
73
5
24
25
160
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 41
8. Tax on loss on ordinary activities
Deferred tax credit for the year
The tax assessed on the loss on ordinary activities for the year differs from the weighted average
UK corporate rate of tax of 23.25% (2012: 24.5%). The differences are reconciled below:
Total tax reconciliation
Profit/(loss) before taxation
Theoretical tax charge/(credit) at UK Corporation tax rate 23.25% (2012: 24.5%)
Effect of:
– expenditure that is not tax deductible
– R&D tax credits
– accelerated capital allowances
– other timing differences
– relief for losses brought forward
– losses not utilised
– income not taxable
– deferred tax credit
Actual taxation credit
Factors Affecting Future Tax Charges
2013
$’000
371
2012
$’000
371
7,795
1,812
(6,260)
(1,534)
220
(594)
(21)
2
(149)
2,274
(3,544)
371
371
198
(934)
(10)
1
(268)
2,547
–
371
371
As at 31 December 2013, the Group’s cumulative fixed asset timing differences were $17,000 (2012: $24,000) and no deferred tax asset
has been recognised in respect of these items.
In addition, the tax losses at that date amounted to $41.8 million (2012: $37.7 million). This comprised UK tax losses of $6.8 million and
US tax losses of $35.0 million. $2.1 million of the tax losses relates to US capitalised R&D deductions which will be available at an
accelerated level for 3 years. $9.0 million of the tax losses relate to pre-acquisition US tax losses which can be offset against taxable
profits over 18 years (there is a limit on the utilisation of pre-acquisition tax losses of $0.7 million per annum and any unused loss may
be carried forward to subsequent periods). All other US tax losses will expire in 20 years from the end of the accounting period in which
the loss arose.
The deferred tax asset of $1.4 million (2012: $1.9 million) at a rate 20% relating to the UK tax losses (after offsetting the deferred
tax liability of $nil (2012: $0.4 million) relating to capitalised research and development expenditure) and the deferred tax asset of
$12.3 million (2012: $9.7 million) at a rate of 35% relating to the US tax losses have not been recognised due to uncertainties as to the
extent and timing of their future recovery.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�42 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Notes to the Financial Statements continued
9. Discontinued operations
The Company’s interest in CBS was sold on 1 August 2013. The net cash consideration was $16.5 million, after the repayment of the
CBS debt of $1.8 million. The Company had a legal and beneficial holding of 92% of the issued share capital of CBS, with the remainder
held by management employees of CBS.
Results from discontinued operations up to the date of disposal:
Revenue
Cost of sales
Gross profit
Operating expenses before highlighted items
Depreciation and amortisation of intangible assets
Operating expenses
Operating profit
Finance income
Finance interest
Profit before taxation
Taxation
Profit for the year
The profit on the disposal of discontinued operations was determined as follows:
Disposal proceeds
Redemption of term loan
Net assets disposed of
Goodwill
Capitalised development expenditure
Property, plant and equipment
Trade and other receivables
Cash and cash equivalents
Trade and other payables
Deferred income
Cumulative translation reserve
Non-controlling interest
Legal and professional fees
Bonuses and benefits
Indemnity provision
Profit on sale
Total
2013
$’000
5,630
(1,060)
4,570
(2,891)
(227)
(3,118)
1,452
4
(20)
1,436
–
1,436
$’000
(771)
(1,980)
(217)
(4,342)
(860)
1,817
3,592
(1)
335
(184)
(186)
(209)
Total
2012
$’000
9,187
(1,945)
7,242
(4,575)
(368)
(4,943)
2,299
3
–
2,302
–
2,302
$’000
16,471
1,779
(2,427)
(579)
15,244
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 43
The statement of cash flows includes the following amounts relating to discontinued operations:
Operating activities
Investing activities
Financing activities
Net cash from discontinued operations
2013
$’000
(1,420)
(538)
1,762
(196)
2012
$’000
1,135
(883)
3
255
10. Profit of the parent Company for the financial year
The Company has taken advantage of section 408 of the Companies Act 2006 and has not included an income statement in these
financial statements. The parent Company’s profit for the year was $10,448,000 (2012: $430,000).
11. Earnings per share
Earnings/(loss) per share is calculated by dividing the earnings attributable to ordinary shareholders of the Company by the weighted
average number of ordinary shares in issue during the year.
At the reporting dates there were no potentially dilutive ordinary shares. Therefore the diluted earnings/(loss) per share is equal to the
earnings/(loss) per share.
Loss per share from continuing operations
Earnings per share from discontinued operations
Basic and diluted earnings/(loss) per share
2013
weighted
average
number of
1p shares
Thousand
79,794
79,794
79,794
2013
(loss)/
earnings
per share
Cents
(9.40)
20.72
11.32
2013
profit
$’000
(7,499)
16,535
9,036
2012
weighted
average
number of
1p shares
Thousand
56,426
56,426
56,426
2012
(loss)/
earnings
per share
Cents
(13.42)
3.68
(9.74)
2012
loss
$’000
(7,570)
2,075
(5,495)
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�44 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Notes to the Financial Statements continued
12. Goodwill
Group
Cost
At 1 January 2012
Foreign currency translation
At 31 December 2012
Foreign currency translation
Disposal on sale of CBS
At 31 December 2013
Impairment
At 1 January 2012
At 31 December 2012
At 31 December 2013
Carrying amount
At 31 December 2013
At 31 December 2012
At 1 January 2012
$’000
18,772
39
18,811
(57)
(771)
17,983
–
–
–
17,983
18,811
18,772
Goodwill is tested at least annually for impairment and whenever there are indications that goodwill might be impaired.
Goodwill is allocated to the Group’s cash-generating unit (CGU) which at 31 December 2013 comprised Corero Network Security (“CNS”).
As at 31 December the carrying amount of goodwill allocated to this CGU is:
CNS
Discontinued operations
Total
2013
$’000
17,983
–
17,983
Total
2012
$’000
17,983
828
18,811
The recoverable amount for the CNS CGU was determined based on a discounted cash flow calculation using cash flow projections
over a 10 year period (2012: 10 year period). The key assumptions for the discounted cash flow calculation are those regarding revenue
growth and discount rates as summarised in the table below and commented on below:
Forecast cash flow period
Extrapolated cash flow period
Cumulative annual growth rate (CAGR) for revenue used for the forecast/extrapolated period
Revenue growth rates used beyond the extrapolated period
Discount rate
Discount rate required for recoverable amount to equal carrying amount
Percentage reduction in forecast revenue for recoverable amount to equal carrying amount
2013
2012
Years 1–2
Years 1–2
Years 3–10
Years 3–10
14.1%
1.5%
15.5%
19.4%
9.5%
12.4%
1.5%
11.2%
13.0%*
4.8%*
Amount by which the CGU’s recoverable amount exceeds its carrying amount
$13.1 million
$8.6 million*
* the 2012 valuation model has been refined to be on a consistent basis with the 2013 model. The changes to the 2012 model reflect the assumption that cash flows
occur on average halfway through each year and discounting after tax cash flows (at the point tax losses are fully utilised) with an after tax weighted average cost
of capital (“WACC”) assuming a blended tax rate of 30.6% for the forecast and extrapolated period cash flows.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 45
•
•
•
The pre-tax cash flows for the forecast period are derived from the most recent financial budget for the year ending 31 December
2014 and the plan for the year ending 31 December 2015 approved by the Board. The extrapolation for the period 2016 to 2023 is
based on management estimates (with the key assumptions set out below).
The future pre-tax cash flows are discounted by a weighted average cost of capital (“WACC”) of 15.5%.
The key assumptions underlying the cash flow projections and which the recoverable amount is most sensitive to are (i) the revenue
growth rates forecast and extrapolated for the period 2014 to 2018 (ii) and the discount rate.
i.
The cash flow forecasts assume a CAGR revenue growth of 28.2% in the period 2014 to 2018 (63.8% for the period 2014 to
2015) and 3.7% for the period 2019 to 2023 (a CAGR of 14.1% for 10 year forecast period). The management of the Group
believe these growth rates are appropriate for the forecasts given the expected impact from the new product, SmartWall TDS,
which was launched in February 2014 and which is expected to start generating revenue from new customer sales targeted at
the service provider and cloud computing markets in 2014 and deliver a step change in revenue in the forecast period.
These growth rates are supported by the fact that the IT security market is forecast to grow strongly for the foreseeable future.
Gartner for instance forecast that the IT security market will grow by a CAGR of 8.5% in the period 2012 to 2017 and IDC
forecast that the DDoS protection market will grow from $270 million in 2012 to $870 million in 2017 (CAGR 18.2%).
The above market growth rates used in the future cash flow assumptions reflect that CNS is in the early stages of the
commercial exploitation of its intellectual property. In addition, the business’ strategy is to continue to develop its product and
solution offerings to remain a market leader in its chosen market thereby providing the opportunity to generate above market
average growth rates.
The growth rate assumed in the period beyond the 10 year extrapolation period of 1.5% is considered reasonable as historically
IT spend has exceeded GDP growth.
ii.
The discount rate is based on a cost of equity using the Capital Asset Pricing Model with the key inputs being a risk-free
interest rate estimate of 3.75% (based on 30 year US government bonds), comparable company betas, an equity risk premium
of 5.5%, and small company risk premium of 4.5%. The WACC has been assessed based on that fact that the Company had no
gearing at 31 December 2013. The WACC used in the valuation reflects current market assessments of the time value of money
and the risks specific to CNS.
As stated above, the valuation to support the recoverable amount of the CNS CGU is highly sensitive to small changes in cash flow
forecasts and discount rate assumptions, and there is no guarantee that the expected growth will be achieved. If the expected growth is
not achieved, this could result in a requirement to impair the goodwill associated with the CNS CGU in the future. If the revenue growth
in 2014 and 2015 is reduced by 20% (which in the assessment of management is reasonably possible), and a 10% reduction is made to
overheads, this would result in an impairment of goodwill of $3.7 million. If the discount rate is increased by 20% (which in the
assessment of management is reasonably possible), this would reduce the amount by which the CGU’s recoverable amount exceeds its
carrying amount to $2.3 million.
Apart from the considerations in determining the recoverable amount of the CNS CGU described above, the management of the Group
is not currently aware of any other reasonably possible changes that would necessitate changes in its key estimates.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�46 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Notes to the Financial Statements continued
13. Acquired intangible assets
Group
Cost
At 1 January 2012
Additions
Foreign currency translation
Disposals
At 31 December 2012
Additions
Foreign currency translation
Disposals (including sale of CBS)
At 31 December 2013
Amortisation
At 1 January 2012
Charge for year
Foreign currency translation
Disposals
At 31 December 2012
Charge for year
Foreign currency translation
Disposals (including sale of CBS)
At 31 December 2013
Net book value
At 31 December 2013
At 31 December 2012
At 1 January 2012
Company
The Company has no intangible fixed assets (2012: $nil).
Computer
software
$’000
Customer
relationships
$’000
6,148
237
8
(425)
5,968
107
(13)
(280)
5,782
(1,663)
(1,129)
(8)
425
(2,375)
(1,174)
13
271
197
–
–
–
197
–
–
–
197
(23)
(28)
–
–
(51)
(28)
–
–
Total
$’000
6,345
237
8
(425)
6,165
107
(13)
(280)
5,979
(1,686)
(1,157)
(8)
425
(2,426)
(1,202)
13
271
(3,265)
(79)
(3,344)
2,517
3,593
4,485
118
146
174
2,635
3,739
4,659
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 47
14. Capitalised development expenditure
Group
Cost
At 1 January 2012
Additions
Foreign currency translation
At 31 December 2012
Additions
Foreign currency translation
Disposal on sale of CBS
At 31 December 2013
Amortisation
At 1 January 2012
Charge for year
Impairment
Foreign currency translation
At 31 December 2012
Charge for year
Foreign currency translation
Disposal on sale of CBS
At 31 December 2013
Net book value
At 31 December 2013
At 31 December 2012
At 1 January 2012
$’000
3,377
3,174
132
6,683
4,202
(218)
(3,438)
7,229
(1,052)
(662)
(382)
(59)
(2,155)
(511)
100
1,458
(1,108)
6,121
4,528
2,325
The impairment recorded during 2012 of $382,000 related to expenditure on certain CNS products. Having identified that these
products would not generate cash inflows in the future sufficient to support their full carrying value, management determined that an
impairment should be recorded.
Company
The Company has no capitalised development expenditure (2012: $nil).
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�48 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Notes to the Financial Statements continued
15. Property, plant and equipment
Group
Computer
Equipment
$’000
Fixtures and
Fittings
$’000
Office
Equipment
$’000
Leasehold
Improvements
$’000
Cost
At 1 January 2012
Additions
Disposals
Reclassification
Foreign currency translation
At 31 December 2012
Additions
Disposals
Foreign currency translation
At 31 December 2013
Depreciation
At 1 January 2012
Charge for year
Disposals
Reclassification
Foreign currency translation
At 31 December 2012
Charge for the year
Disposals
Foreign currency translation
At 31 December 2013
Net book value
At 31 December 2013
At 31 December 2012
At 1 January 2012
Company
2,557
706
(924)
–
19
2,358
1,110
(498)
(28)
2,942
(1,656)
(505)
908
2
(15)
(1,266)
(763)
343
22
(1,664)
1,278
1,092
901
532
22
–
(2)
3
555
5
(463)
(3)
94
(481)
(17)
–
(4)
(2)
(504)
(18)
456
1
(65)
29
51
51
246
–
(8)
–
3
241
28
(138)
(5)
126
(222)
(12)
8
4
(3)
(225)
(14)
115
4
(120)
6
16
24
310
74
–
2
6
392
5
(309)
(11)
77
(271)
(32)
–
(2)
(5)
(310)
(27)
284
6
(47)
30
82
39
The Company has no property, plant and equipment (2012: $nil).
Total
$’000
3,645
802
(932)
–
31
3,546
1,148
(1,408)
(47)
3,239
(2,630)
(566)
916
–
(25)
(2,305)
(822)
1,198
33
(1,896)
1,343
1,241
1,015
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 49
16. Investments in subsidiaries
Net book value
At 1 January
Divestment of investment in Corero Business Systems Limited
Investment in Corero Network Security, Inc.
Provision against investment in Corero Network Security, Inc.
Foreign currency translation
At 31 December
Company
2013
$’000
Company
2012
$’000
26,720
(5,302)
16,188
(725)
49
18,220
(10)
7,558
–
952
36,930
26,720
Included in the Company's investment in Corero Network Security, Inc. is a loan note instrument. These loan notes bear interest at 5%
per annum that at the election of Corero Network Security, Inc. is payable quarterly or added to the principal amount. The loan notes
are repayable on 31 October 2016.
Loan note instrument
The Company owns:
2013
$’000
7,384
2012
$’000
6,893
100% of the issued share capital of Corero Network Security, Inc., a company incorporated in Delaware, USA. The principal business
of the company consists of the development and sale of hardware and software security products.
100% of the issued share capital of Corero Group Services Limited, a company incorporated and registered in England and Wales.
The principal business of the company consists of providing administration services to the Group.
100% of the issued share capital of Corero Network Security (UK) Limited, a company incorporated and registered in England and Wales.
The principal business of the company consists of providing sales and marketing services on behalf of Corero Network Security, Inc.
On 1 August 2013 the Company sold its 92% interest in Corero Business Systems Limited.
17. Inventories
Gross inventory
Less: provision for impairment
Net inventory
Net inventory comprises only finished goods.
The Company holds no inventory (2012: $nil).
Group
2013
$’000
709
(380)
329
Group
2012
$’000
1,340
(718)
622
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�50 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Notes to the Financial Statements continued
18. Trade and other receivables
Trade receivables
Less: provision for impairment
Net trade receivables
Amounts owed by subsidiaries
Other debtors
Prepayments and accrued income
Group
2013
$’000
3,035
–
3,035
–
277
408
3,720
Group
2012
$’000
3,303
(16)
3,287
–
1,592
686
5,565
Company
2013
$’000
Company
2012
$’000
–
–
–
10,108
93
–
10,201
–
–
–
8,304
103
–
8,407
The banking facility of the Group, summarised in note 20, is secured by assets of Corero Network Security, Inc. Up to 80% of the trade
receivables of Corero Network Security, Inc., included under ‘Group’, can be financed and are therefore secured for credit enhancements.
None of the Company’s trade and other receivables are secured by collateral or credit enhancements.
Amounts due from Group undertakings are recoverable after more than one year from the reporting date.
The age of trade receivables not impaired but past due are as follows:
Not more than 3 months
More than 3 months but not more than 6 months
More than 6 months but not more than 1 year
More than one year
Group
2013
$’000
1,184
13
–
–
1,197
Group
2012
$’000
1,285
272
134
128
1,819
The directors consider that the carrying amount of trade and other receivables approximates their fair value.
The maturity profile of trade and other receivables is set out in the table below:
In one year or less, or on demand
In more than one year, but not more than five years
Group
2013
$’000
3,483
237
3,720
Group
2012
$’000
4,442
1,123
5,565
Company
2013
$’000
–
10,201
10,201
Company
2012
$’000
–
8,407
8,407
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 51
The analysis of trade and other receivables by foreign currency is set out in the table below:
US dollars
UK pound
Group
2013
$’000
3,523
197
3,720
Group
2012
$’000
2,322
3,243
5,565
Company
2013
$’000
–
10,201
10,201
Company
2012
$’000
–
8,407
8,407
The Group’s foreign currency receivables are denominated in the reporting currency of the subsidiaries in which they arise. There is no
impact on the profit/(loss) for the year from exchange rate movements on such financial instruments.
19. Trade and other payables
Trade payables
Other taxation and social security
Other payables
Accruals
Group
2013
$’000
710
70
133
1,258
2,171
Group
2012
$’000
1,018
533
290
2,131
3,972
Company
2013
$’000
Company
2012
$’000
–
–
–
229
229
–
–
–
–
–
None of the Group or Company’s trade and other payables are secured by collateral or credit enhancements.
The directors consider that the carrying amount of trade and other payables approximates its fair value.
77% (2012: 90%) of the trade and other payables are due in less than 3 months.
The analysis of trade and other payables by foreign currency is set out in the table below:
US dollars
UK pound
Group
2013
$’000
1,494
677
2,171
Group
2012
$’000
1,443
2,529
3,972
The Group’s foreign currency payables are denominated in the reporting currency of the subsidiaries in which they arise. There is no
impact on the profit/(loss) for the year from exchange rate movements on such financial instruments.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�52 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Notes to the Financial Statements continued
20. Borrowings
Group
Current
Accounts receivable financing facility
Fixed term loan
Non-current
Fixed term loan
8% Loan notes
Company
The Company has no borrowings (2012: $nil).
2013
$’000
2012
$’000
256
–
256
–
–
–
–
182
182
197
5,787
5,984
The accounts receivable financing facility bears interest at c.8.5% of the financed value. The CNS facility limit is US$2.0 million. 80% of
the eligible accounts receivable balance can be financed. The facility requires a minimum quick asset ratio covenant of 1.15:1 and a
consolidated quick asset ratio covenant of 2.0:1. The funding is secured by a first lien on the corporate assets of Corero Network
Security, Inc. and is guaranteed by Corero Network Security plc.
The carrying value of the financed accounts receivable assets is $0.3 million. All receipts for financed assets are payable to a lockbox
account held with the provider of the financing facility. The accounts receivable assets are exposed to the risk of non or late payment by
customers. There are no restrictions on the use of the financed accounts receivable assets.
The fixed term loans were repaid in February 2013 and the 8% loan notes were repaid in October 2013.
At 31 December 2013, the Group’s liabilities have contractual maturities which are summarised below. These contractual maturities
reflect the payment obligations which may differ from the carrying values of the liabilities at the balance sheet date.
Group
Trade and other payables
Borrowings
Total
Company
Trade and other payables
Total
In one year or less,
or on demand
More than one
but less than five years
2013
$’000
1,896
256
2,152
2012
$’000
3,868
182
4,050
2013
$’000
275
–
275
2012
$’000
104
5,984
6,088
More than one but
less than five years
2013
$’000
229
229
2012
$’000
–
–
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 53
21. Financial instruments
The Group’s financial instruments are categorised as shown below:
Group
Financial assets
Trade and other receivables
Cash
Group
Financial liabilities
Financial liabilities at amortised cost:
Trade and other payables
Accounts receivable financing
Fixed term loan
8% Loan notes
Book Value
2013
$’000
Book Value
2012
$’000
3,312
9,775
13,087
4,879
4,861
9,740
Book Value
2013
$’000
Book Value
2012
$’000
2,171
256
–
–
2,427
3,972
–
379
5,787
10,138
There are no differences between the fair values and book values held by the Group and Company.
The Company has a loan note instrument with CNS, Inc. at 31 December 2013 of $7.4 million (note 16) (2012: $6.9 million). The instrument
is denominated and repayable in GBP which is the functional currency of the Company and therefore the Company does not bear any
foreign exchange risk. As the Group’s reporting currency is dollars unrealised gains/losses on translation of the GBP balance are included
within the Consolidated Statement of Comprehensive Income. A 5% weakening/strengthening of the GBP against the dollar would have
the effect of increasing/decreasing the Company’s comprehensive income for the year and decreasing/increasing the Company’s net
assets by $0.4 million.
The repayment of amounts receivable from subsidiaries, including the loan note from CNS, Inc. (note 16) is dependent on CNS CGU
generating future revenue growth and cash flows. Note 12 sets out management’s assumptions in assessing whether there is any
impairment of the CNS CGU goodwill at 31 December 2013. The valuation model concluded that the CGU’s recoverable amount
exceeded its carrying amount. This assessment supports the carrying value of the amounts receivable from subsidiaries.
Amounts owed by subsidiaries are similarly subject to exchange rate movements. These totalled $10.1 million at 31 December 2013 and
are included in note 18.
22. Deferred income
Group
Current
More than one year but less than five years
2013
$’000
3,195
1,423
4,618
2012
$’000
7,592
1,146
8,738
The Group’s deferred income balance will be recognised as revenue evenly over the remaining term of the support agreements in place.
Support agreements expire at various times throughout the year with no particular seasonality.
Company
The Company has no deferred income (2012: $nil).
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�54 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Notes to the Financial Statements continued
23. Deferred tax liability
Group
1 January 2012
Credit to income statement
31 December 2012
Credit to income statement
31 December 2013
$’000
1,567
(371)
1,196
(371)
825
The deferred tax liability relates to the software and customer relationships acquired as part of the Top Layer Networks, Inc. acquisition
in March 2011. The deferred tax liability has been calculated using a US Federal tax rate of 34%. The liability is released to the
Statement of Comprehensive Income as the intangible software and customer relationship assets are amortised.
24. Pensions
The Group’s pension arrangements are operated through defined contribution schemes.
Defined contribution schemes
Defined contribution pension costs
Defined contribution pension costs
25. Share capital
Authorised share capital
Continuing
2013
$’000
Discontinued
2013
$’000
43
73
Continuing
2012
$’000
Discontinued
2012
$’000
43
108
The authorised share capital comprises 745,821,970 (2012: 745,821,970) ordinary shares of 1p (1.66c) each and 1,518,990 (2012:
1,518,990) deferred shares of £2.99 ($4.96) each.
Issued ordinary share capital
1 January 2012
47,713,718 ordinary shares of 1p each
Issued
10,615,694 ordinary shares of 1p each (1.58c)
308,000 ordinary shares of 1p each (1.60c)
31 December 2012
58,637,412 ordinary shares of 1p each
Issued
27,000,004 ordinary shares of 1p each (1.51c)
31 December 2013
85,637,416 ordinary shares of 1p each
Total
2013
$’000
116
Total
2012
$’000
151
$’000
752
168
5
925
408
1,333
On 20 March 2013, 27,000,004 ordinary shares with a nominal value of 1p were issued at 15p (23c) per share by way of a placing.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 55
Deferred share capital
The deferred share capital consists of 1,518,990 deferred shares of £2.99 ($4.96) each.
31 December 2013
31 December 2012
$’000
7,051
7,051
The deferred shares have no voting or dividend rights and, on a return of capital, will have the right to receive the amount paid up
thereon after the holders of the ordinary shares have received, in aggregate, the amount paid up thereon plus £10,000,000 ($16,574,000)
per ordinary share. The deferred shares are not transferable (save with the consent of the Directors). The Company may, at any time,
transfer the deferred shares to any other person or buy back the deferred shares, for an aggregate payment of 1p (1.66c).
26. Share premium
1 January 2012
10,615,694 ordinary shares at 42p (66c) less issue costs
308,000 ordinary shares at 24p (38c)
31 December 2012
27,000,004 ordinary shares of 14p each (21c) less issue costs
31 December 2013
$’000
31,228
6,700
118
38,046
5,461
43,507
Consideration received in excess of the nominal value of the 27,000,004 shares issued on 20 March 2013 as a result of the placing has
been included in share premium, less registration, placing commission and professional fees of $261,000. The amount of such directly
attributable costs deducted from share premium in 2012 was $340,000.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�56 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Notes to the Financial Statements continued
27. Employees and directors
Employee expenses during the period
Group
Wages and salaries
Social security costs
Other pension costs (note 24)
Cost of employee share scheme (note 30)
Group
Wages and salaries
Social security costs
Other pension costs (note 24)
Cost of employee share scheme (note 30)
Average monthly numbers of employees (including directors) employed
Continuing
Sales and marketing
Technical, support and services
Management, operations and administration
Discontinued
Sales and marketing
Consulting and professional services
Technical and support
Management, operations and administration
Company
The Company has no employees (2012: nil).
Continuing
2013
$’000
Discontinued
2013
$’000
11,003
1,010
43
25
2,626
318
73
–
Total
2013
$’000
13,629
1,328
116
25
12,081
3,017
15,098
Continuing
2012
$’000
Discontinued
2012
$’000
11,319
1,185
43
9
4,235
519
108
–
Total
2012
$’000
15,554
1,704
151
9
12,556
4,862
17,418
2013
Number
2012
Number
23
43
14
80
32
42
14
88
2013
Number
2012
Number
12
18
23
5
58
15
18
18
5
56
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 57
Directors
Executive directors
Andrew Miller
Ashley Stephenson
(appointed 6 September 2013)
Non-executive directors
Richard Last
Jens Montanana
Andrew Lloyd
Salary
& fees
$’000
231
77
25
41
31
405
Bonus
$’000
Benefits
$’000
Pension
$’000
Total
2013
$’000
Total
2012
$’000
174
85
–
–
–
8
3
–
–
–
259
11
22
–
–
–
–
22
435
165
25
41
31
697
350
–
30
41
4
425
Bonus payments of $259,000 were awarded during the period to 31 December 2013 (2012: $95,000). The bonus payable to Andrew Miller
includes a special bonus, approved by the Remuneration Committee of $125,000, relating to the successful disposal of CBS in 2013.
Andrew Miller has a service contract with a 6 month notice period. A subsidiary company provides for pension contributions of 10%
of basic salary payable to a personal pension plan.
No directors were accruing benefits from the Group’s defined contribution pension arrangements (2012: nil).
Post the year end, Jens Montanana notified the Company that he wished to waive his non-executive director fees for the year ended
31 December 2013 of $41,000. Jens Montanana waived his non-executive director fees for the year ended 31 December 2012 of $41,000.
28. Operating lease commitments
The Group has total future minimum lease payments under non-cancellable operating leases totalling $553,000 (2012: $1,083,000)
analysed by year of expiry as follows:
Land and building agreements expiring:
Within one year
Within two to five years
The Company has no operating lease commitments (2012: $nil).
2013
$’000
5
548
553
2012
$’000
26
1,057
1,083
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�58 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Notes to the Financial Statements continued
29. Contingent liabilities
The Group and Company do not have any contingent liabilities (2012: $nil).
On 17 March 2011, the Corero Remuneration Committee approved the establishment of the Corero Early Exit Incentive Plan (“EEIP”).
The EEIP is a cash settled change of control incentive plan for the senior executives of the Group that provides for a cash payment in
the event of (i) a sale of substantially all of the assets of the Corero Network Security business, or (ii) an offer for all of the shares of
Corero Network Security plc, in the period up to 30 April 2014 (thereafter it will lapse).
The cash incentive payment is determined based on the difference between (i) the value of the transaction (consideration for the sale of
all or substantially all of the assets of Corero Network Security, Inc. or offer for all of Corero Network Security plc’s shares) and (ii)
Corero Network Security plc’s accumulated cost of capital comprising the cash investment by Corero Network Security plc
shareholders and shares issued for acquisitions or other purposes, defined as the “Total Gain”. The EEIP will pay those executives
granted the incentive a percentage of the Total Gain. Under the terms of the EEIP, awards up to a maximum of 3.0% of the Total Gain
can be issued with a maximum of 0.5% per individual.
On 13 September 2013, the Corero Remuneration Committee approved the extension of the EEIP to 30 April 2016 with the awards
capped at a maximum of 2.5% of the Total Gain with a maximum of 0.65% per individual.
At 31 December 2013, EEIP awards comprising 2.1% (2012: 1.7%) of the Total Gain had been awarded (including an award of 0.65% to
Ashley Stephenson and an award of 0.65% to Andrew Miller, both Company directors).
As at the date of this report no discussions are in progress or contemplated which would result in the incentive payment being payable.
As a result no provision has been recorded in the financial statements relating to the EEIP.
30. Share options
The Company has the following share option schemes:
• Enterprise Management Incentive Scheme for its employees, which has been approved by HMR&C,
• 2010 Executive Enterprise Management Incentive Scheme, which has been approved by HMR&C,
• 2010 Unapproved Share Option Scheme, and
• Deferred Payment Share Plan.
In August 2010, 1,257,000 options were granted to certain directors and employees under the 2010 Executive Enterprise
Management Incentive scheme and 2010 Unapproved Share Option Scheme. The options granted vested immediately upon grant.
All other options granted in 2010–2013 have a three year vesting period, vesting one third on the first anniversary of grant, one
third on the second anniversary of grant and one third on the third anniversary of grant. There are no vesting conditions.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 59
Share options granted at 31 December 2013 were as follows:
Option Holders
Date
granted
Expiry
date
Exercise
price
At
1 January
2013
Granted
Exercised
Lapsed/
cancelled
At
31 December
2013
Enterprise Management Incentive Scheme
Other Holders
January 2003
January 2013
735p (1,195c)
October 2003
October 2013
1,095p (1,780c)
February 2005
February 2015
495p (805c)
April 2006
April 2016
555p (902c)
633
333
2,200
5,361
September 2008
September 2018
300p (488c)
25,334
March 2011
March 2021
36p (59c)
7,000
March 2011
March 2021
40p (65c)
165,000
March 2012
March 2022
54.5p (89c)
30,000
September 2012 September 2022
43p (70c)
110,000
–
–
–
–
–
–
–
–
–
April 2013
April 2023
25p (38c)
–
120,000
2010 Executive Enterprise Management Incentive Scheme
Andrew Miller
August 2010
August 2020
25p (41c)
476,000
September 2012
March 2022
54.5p (89c)
80,000
–
–
April 2013
April 2023
25p (38c)
–
250,000
2010 Unapproved Share Option Scheme
Jens Montanana
August 2010
August 2020
25p (41c)
165,000
March 2012
March 2022
54.5p (89c)
30,000
–
–
April 2013
April 2023
25p (38c)
–
80,000
Richard Last
March 2012
March 2022
54.5p (89c)
20,000
–
Andrew Lloyd
April 2013
April 2023
25p (38c)
April 2013
April 2023
25p (38c)
–
–
60,000
60,000
Ashley Stephenson*
March 2012
March 2022
54.5p (89c)
180,000
–
April 2013
April 2023
25p (38c)
–
400,000
Other holders
August 2010
August 2020
31p (50c)
308,000
March 2011
March 2021
36p (59c)
246,583
March 2011
March 2021
40p (65c)
305,000
May 2011
May 2021
35p (57c)
110,000
September 2011
September 2021
37.5p (61c)
439,000
March 2012
March 2022
54.5p (89c)
854,250
September 2012 September 2022
43p (70c)
146,000
–
–
–
–
–
–
–
April 2013
April 2023
25p (38c)
September 2013 September 2023
25p (40c)
–
–
1,068,375
145,000
Unapproved Share Option Scheme
Other holders
April 2008
April 2017
555p (902c)
8,772
–
3,714,466
2,183,375
(633)
(333)
(2,200)
(5,361)
(25,334)
–
(125,000)
–
–
(25,000)
–
–
–
–
–
–
–
–
–
–
–
–
(107,333)
–
(110,000)
(118,500)
(347,500)
(102,500)
–
–
–
–
–
7,000
40,000
30,000
110,000
95,000
476,000
80,000
250,000
165,000
30,000
80,000
20,000
60,000
60,000
180,000
400,000
308,000
139,250
305,000
–
320,500
506,750
43,500
–
–
1,068,375
145,000
(8,772)
–
(978,466)
4,919,375
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
The closing mid market price for the Company’s shares at 31 December 2013 was 17.8p (29.5c) and the high and low for the year was
31.0p (50c) and 12.8p (20c). There are no performance conditions to be met before share options are exercisable.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�60 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Notes to the Financial Statements continued
Changes in directors options held between 1 January 2013 and the 31 December 2013 are detailed in the following table:
Granted
during year
Cancelled
during year
At
31 December
2013
Exercise
price
Date from
which partially
exercisable
Expiry
date
Andrew Miller
Richard Last
Jens Montanana
Andrew Lloyd
Ashley Stephenson*
* appointed 6 September 2013
At
1 January
2013
476,000
80,000
–
–
–
250,000
20,000
–
–
60,000
165,000
30,000
–
–
180,000
–
–
80,000
60,000
–
–
400,000
–
–
–
–
–
–
–
–
–
–
–
476,000
80,000
250,000
20,000
60,000
25p (41c)
August 2010
August 2020
54.5p (89c)
March 2013
March 2022
25p (38c)
April 2014
April 2023
54.5p (89c)
March 2013
March 2022
25p (38c)
April 2014
April 2023
165,000
25p (41c)
August 2010
August 2020
30,000
80,000
60,000
54.5p (89c)
March 2013
March 2022
25p (38c)
25p (38c)
April 2014
April 2023
April 2014
April 2023
180,000
54.5p (89c)
March 2013
March 2022
400,000
25p (38c)
April 2014
April 2023
In addition, Andrew Miller has a contractual right (granted in March 2011) to purchase 140,000 ordinary shares in the Company from
the Employee Share Ownership Trust at 40p per share pursuant to a grant made to him under the Deferred Payment Share Plan.
None of the directors holding office at the balance sheet date exercised options during the year.
Share based payments
The Remuneration Committee can grant options to employees of the Group under the Group’s share option schemes.
Options are granted with a fixed exercise price which is equal to the market price at the date of the grant or higher price determined
by the Remuneration Committee. The contracted life is ten years from the date of grant.
Options are valued using the Black-Scholes option-pricing model.
Options granted during 2013
The value of options granted during the year was calculated using the Black-Scholes option pricing model. The following variables and
ranges were used:
Share price at date of grants
Exercise price
Expected volatility
Years to maturity
Risk free interest rate
The following table provides information on all options outstanding at the end of the year:
Weighted average remaining contractual life
Exercise price range
Weighted average share price
Weighted average exercise price
Expected volatility
Risk free rate – 5 year gilt rate
Expected dividend yield
The total charge in the year relating to employee share based payments was $25,000 (2012: $9,000).
25p (38c–40c)
25p (38c–40c)
0.2%
9.26–9.72
0.74–1.8%
8.3 years
25p–55p (41c–91c)
34p (56c)
33p (55c)
0.2%–6.4%
0.63%–2.6%
Nil
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 61
31. Related parties and transactions
Related party transactions subsist between Group companies and relate to costs paid on behalf of the parent Company.
The 2013 costs paid by other Group companies on behalf of the parent Company were $317,000 (2012: $342,000).
The parent Company received $339,000 intercompany interest from Corero Network Security, Inc. during the year (2012: $327,000).
As part of the placing on 20 March 2013 directors contributed $4.2 million (note 25).
The directors consider the Group’s key management personnel to be the Board of directors of the Company and the Chief Executive
Officers of Corero Network Security, Inc. and Corero Business Systems Limited up to the date of disposal whose compensation is
detailed below:
Key management personnel
692
Salary & fees
$’000
Bonus
$’000
406
Benefits
$’000
18
Pension
$’000
22
2013
$’000
1,138
2012
$’000
1,025
Company key management compensation was $nil (2012: $nil) as the key management are employed by subsidiaries.
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�62 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Notice of AGM
Notice is hereby given that the annual general meeting (the “AGM”) of Corero Network Security plc (the “Company”) will be held at the
offices of finnCap Ltd, 60 New Broad Street, London, EC2M 1JJ, on 18 June 2014 at 9.30 a.m. for the following purposes:
Ordinary Business
To consider and, if thought fit, pass the following resolutions which will be proposed as ordinary resolutions:
1. Report and accounts
To receive the audited annual accounts of the Company for the year ended 31 December 2013, together with the directors’ report
and the auditor’s report on those annual accounts.
2. Re-election of director
To re-elect Mr Richard Last, who retires by rotation in accordance with the Company’s articles of association, as a director of
the Company.
3. Re-election of director
To re-elect Mr Ashley Stephenson, who retires in accordance with the Company’s articles of association, as a director of
the Company.
4. Re-appointment of auditors
To re-appoint BDO LLP as auditors of the Company to hold office from the conclusion of this AGM until the conclusion of the next
annual general meeting at which accounts are laid before the Company.
5. Auditors’ remuneration
To authorise the directors to determine the remuneration of the auditors.
Special Business
To consider and, if thought fit, pass the following resolutions of which resolutions 6 and 9 will be proposed as ordinary resolutions and
resolutions 7 and 8 will be proposed as special resolutions:
6. Directors’ authority to allot shares
THAT, in substitution for all existing and unexercised authorities and powers granted to the Directors prior to the date of this
resolution in accordance with section 551 of the Companies Act 2006 (“Act”), the Directors be generally and unconditionally
authorised for the purposes of section 551 of the Act to exercise all the powers of the Company to allot shares in the Company and
grant rights to subscribe for or to convert any security into shares of the Company (such shares and rights to subscribe for or to
convert any security into shares of the Company being “relevant securities”) up to a maximum nominal amount of £285,458.05 on
such terms and conditions as the Directors may determine provided that, unless previously revoked, varied or extended, this
authority shall expire on the earlier of the date falling 15 months after the date of the passing of this resolution and the conclusion of
the next annual general meeting of the Company except that the Company may at any time before such expiry make an offer or
agreement which would or might require relevant securities to be allotted after such expiry and the Directors may allot relevant
securities in pursuance of such an offer or agreement as if this authority had not expired.
7. Disapplication of pre-emption rights
THAT, in substitution for all existing and unexercised authorities and powers granted to the Directors prior to the date of this
resolution in accordance with section 570(1) of the Act and subject to and conditional on the passing of resolution 6, the Directors be
and are hereby empowered to allot equity securities (as defined in section 560(1) of the Act) of the Company for cash, pursuant to the
authority of the Directors under section 551 of the Act conferred by resolution 6 above, and/or by way of a sale of treasury shares for
cash (by virtue of section 573 of the Act), in each case as if section 561(1) of the Act did not apply to such allotment, provided that
this power shall be limited to:
(a) the allotment of equity securities in connection with an offer by way of a rights issue or an offer of equity securities open for
acceptance for a period fixed by the Directors (i) to the holders of ordinary shares in proportion (as nearly as may be practicable)
to their respective holdings and (ii) to holders of other equity securities as required by the rights of those securities or as the
Directors otherwise consider necessary, but subject to such exclusions or other arrangements as the Directors may deem
necessary or expedient in relation to treasury shares, fractional entitlements, record dates, legal or practical problems in or
under the laws of any territory or the requirements of any regulatory body or stock exchange; and
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 63
(b) the allotment and/or sale of treasury shares for cash (otherwise than pursuant to resolution 7(a) above) of equity securities up to a
maximum nominal amount of £85,637.42,
and that, unless previously revoked, varied or extended, this power shall expire on the earlier of the date falling 15 months after the
date of the passing of this resolution and the conclusion of the next annual general meeting of the Company except that the
Company may before the expiry of this power make an offer or agreement which would or might require equity securities to be
allotted (and treasury shares to be sold) after such expiry and the Directors may allot equity securities (and sell treasury shares) in
pursuance of such an offer or agreement as if this power had not expired.
8. Authority to purchase Company’s own shares
THAT the Company be generally and unconditionally authorised for the purposes of section 701 of the Act to make market purchases
(as defined in section 693(4) of the Act) on a recognised investment exchange (as defined in section 693(5) of the Act) of ordinary
shares of £0.01 each in the capital of the Company (“Ordinary Shares”) and to hold such shares as treasury shares (as defined in
section 724(3) of the Act) and/or on such terms and in such manner as the Directors may from time to time determine provided that:
(a) this authority shall be limited to the purchase of Ordinary Shares up to a maximum aggregate nominal value equal to £85,637.42
representing approximately 10 per cent. of the nominal value of the current issued ordinary share capital of the Company;
(b) the minimum price which may be paid for such Ordinary Shares is £0.01 (exclusive of expenses);
(c) the maximum price (exclusive of expenses) which may be paid for an Ordinary Share shall not be more than 5 per cent. above the
average middle market quotations for an Ordinary Share on the relevant recognised investment exchange on which Ordinary
Shares are traded for the five business days immediately preceding the date on which the Ordinary Share is purchased;
(d) unless previously revoked, varied or extended, the authority hereby conferred shall expire at the earlier of the date which is 15
months from the date of the passing of this resolution and the conclusion of the next annual general meeting of the Company; and
(e) the Company may make a contract or contracts to purchase Ordinary Shares under the authority hereby conferred prior to the
expiry of such authority which will or may be executed wholly or partly after the expiry of such authority and may make a
purchase of Ordinary Shares in pursuance of any such contract or contracts.
9. Electronic communication
To approve that the Company may be authorised, subject to and in accordance with the provisions of the Act, to send, convey or
supply all types of notices, documents or information to its shareholders by means of electronic equipment for the processing
(including digital compression), storage and transmission of data, employing wires, radio optical technologies or any other
electromagnetic means, including by making such notices, documents or information available on a website.
24 March 2014
Registered Office:
Regus House
Highbridge
Oxford Road
Uxbridge
Middlesex
UB8 1HR
By order of the Board
Duncan Swallow
Company Secretary
O
v
e
r
v
i
e
w
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
i
a
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
�64 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Notice of AGM continued
The following notes explain your general rights as a shareholder and your rights to attend and vote at the AGM or to appoint someone
else to vote on your behalf:
Notes:
1. Resolution 9 is to allow the Company to take advantage of the
provisions of the Companies Act 2006 (the “2006 Act”) which enable
companies to communicate electronically or via a website with all
shareholders (including, for example, providing the annual report and
accounts by such means) unless the shareholder asks in writing that he
or she should continue to receive paper documents. Increased use of
electronic communications will deliver savings to the Company in
terms of administration, printing and postage costs as well as speeding
up the provision of information to shareholders. The reduced use of
paper will also have environmental benefits. If this resolution is passed,
we will write to shareholders in accordance with the 2006 Act, inviting
those shareholders who wish to continue to receive hard copy
documents to contact the Company. As this will only take place after
the AGM, shareholders do not need to take any action at present.
2. Pursuant to Regulation 41 of the Uncertificated Securities Regulations
2001 (as amended), only those members registered in the register of
members of the Company at 6.00 p.m. on 16 June 2014 (or if the AGM
is adjourned, on the day which is two business days before the time
fixed for the adjourned AGM) shall be entitled to attend and vote at the
AGM in respect of the number of shares registered in their name at that
time. Any changes to the register of members after such time shall be
disregarded in determining the rights of any person to attend or
vote at the AGM.
3.
Information regarding the general meeting, including information
required by section 311A of the Act, is available from www.corero.com.
4. CREST members who wish to appoint a proxy or proxies through the
CREST electronic proxy appointment service may do so for the AGM to
be held at 9.30 a.m. on 18 June 2014 and any adjournment(s) thereof by
using the procedures described in the CREST Manual (available from
www.euroclear.com). CREST personal members or other CREST
sponsored members, and those CREST members who have appointed
a voting service provider should refer to their CREST sponsors or
voting service provider(s), who will be able to take the appropriate
action on their behalf.
In order for a proxy appointment or instruction made by means of
CREST to be valid, the appropriate CREST message (a “CREST Proxy
Instruction”) must be properly authenticated in accordance with
Euroclear UK & Ireland Limited’s specifications and must contain the
information required for such instructions, as described in the CREST
Manual. The message must be transmitted so as to be received by the
Company’s agent, Capita Asset Services (CREST Participant ID: RA10),
no later than 9.30 a.m. on 16 June 2014. For this purpose, the time of
receipt will be taken to be the time (as determined by the time stamp
applied to the message by the CREST Application Host) from which the
Company’s agent is able to retrieve the message by enquiry to CREST
in the manner prescribed by CREST.
CREST members and, where applicable, their CREST sponsor or voting
service provider should note that Euroclear UK & Ireland Limited does
not make available special procedures in CREST for any particular
messages. Normal system timings and limitations will therefore apply
in relation to the input of CREST Proxy Instructions. It is the
responsibility of the CREST member concerned to take (or, if the
CREST member is a CREST personal member or sponsored member
or has appointed a voting service provider, to procure that his CREST
sponsor or voting service provider takes) such action as shall be
necessary to ensure that a message is transmitted by means of the
CREST system by any particular time. In this connection, CREST
members and, where applicable, their CREST sponsor or voting service
provider are referred in particular to those sections of the CREST
Manual concerning practical limitations of the CREST system
and timings.
The Company may treat as invalid a CREST Proxy Instruction in the
circumstances set out in Regulation 35(5)(a) of the Uncertificated
Securities Regulations 2001.
5.
If you wish to attend the AGM in person, you should make sure
that you arrive at the venue for the AGM in good time before the
commencement of the meeting. You may be asked to prove your
identity in order to gain admission.
6. A member who is entitled to attend, speak and vote at the AGM
may appoint a proxy to attend, speak and vote instead of him.
A member may appoint more than one proxy provided each proxy
is appointed to exercise rights attached to different shares
(so a member must have more than one share to be able to appoint
more than one proxy). A proxy need not be a member of the Company
but must attend the AGM in order to represent you. A proxy must vote
in accordance with any instructions given by the member by whom the
proxy is appointed. Appointing a proxy will not prevent a member from
attending in person and voting at the AGM (although voting in person at
the AGM will terminate the proxy appointment). A proxy form is
enclosed. The notes to the proxy form include instructions on how to
appoint the Chairman of the AGM or another person as a proxy. You
can only appoint a proxy using the procedures set out in these Notes
and in the notes to the proxy form.
7. To be valid, a proxy form, and the original or duly certified copy of the
power of attorney or other authority (if any) under which it is signed or
authenticated, should reach the Company’s registrar, Capita Asset
Services, PXS, 34 Beckenham Road, Beckenham BR3 4TU, by no later
than 9.30 a.m. on 16 June 2014.
8.
In the case of joint holders of shares, the vote of the first named in the
register of members who tenders a vote, whether in person or by proxy,
shall be accepted to the exclusion of the votes of other joint holders.
9. A member that is a company or other organisation not having a
physical presence cannot attend in person but can appoint someone to
represent it. This can be done in one of two ways: either by the
appointment of a proxy (described in Notes 2 and 4 to 6 above) or of a
corporate representative. Members considering the appointment of a
corporate representative should check their own legal position, the
Company’s articles of association and the relevant provision of the
Companies Act 2006.
In the case of a corporation, the form of proxy must be executed under
its common seal or signed on its behalf by a duly authorised attorney
or duly authorised representative of the corporation.
10. The following documents are available for inspection at the registered
office of the Company during usual business hours on any weekday
(Saturday, Sunday or public holidays excluded) from the date of this
notice until the conclusion of the AGM and will also be available for
inspection at the place of the AGM from 9.00 am on the day of the AGM
until its conclusion:
(a) copies of the executive directors’ service contracts with the
Company and any of its subsidiary undertakings; and
(b) letters of appointment of the non-executive directors.
�Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 65
Advisors
Directors
Jens Montanana (Non-executive Chairman)
Ashley Stephenson (CEO)
Andrew Miller (CFO and COO)
Richard Last (Non-executive Director)
Andrew Lloyd (Non-executive Director)
Secretary and Registered Office
Duncan Swallow
Regus House
Highbridge
Oxford Road
Uxbridge
Middlesex
UB8 1HR
Nominated Adviser and Broker
FinnCap
60 New Broad Street
London
EC2M 1JJ
Auditor
BDO LLP
55 Baker Street
London
W1U 7EU
Solicitors
Dorsey and Whitney LLP
199 Bishopsgate
London
EC2M 3UT
FIRST LINE OF DEFENSE
Corero Network Security plc (‘Corero’, the ‘Group’ or the ‘Company’)
SmartWall™ Threat Defense System
Corero Network Security, an organisation’s First
Line of Defense® against DDoS (Distributed Denial
of Service) attacks and cyber threats, is a pioneer
in global network security. Corero products and
services provide Online Enterprises, Service
Providers, Hosting Providers, and Managed
Security Service Providers with an additional layer
of security capable of inspecting Internet traffic
and enforcing real-time access or monitoring
policies designed to match the needs of the
protected business. Corero technology enhances
any defense-in-depth security architecture with a
scalable, flexible and responsive defence against
DDoS attacks and cyber threats before they reach
the targeted IT infrastructure allowing online
services to perform as intended. For more
information, visit www.corero.com.
Contents
Overview
01 Highlights
02 Chairman’s Statement
Strategic Report
04 Our performance
06 What we do
08 Why we do it
10 How we do it –
Our business model
14 Our strategy for
sustainable growth
Essential Reads
6-7
WHAT WE DO
8-9
WHY WE DO IT
06 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 07
08 Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013
Corero Network Security plc
Annual Report & Accounts for the year ending 31 December 2013 09
STRATEGIC REPORT
What
we do
The Corero First Line of Defense
products and services stop DDoS
attacks and cyber threats
OUR TECHNOLOGY
A high performance network appliance which is deployed on premises (at the customer or managed location) or in service provider
networks. The appliance inspects Internet traffic in real time before it is allowed to pass into the customers protected IT environment
to ensure unwanted and malicious Internet traffic is removed.
• The Corero Patented
Dynamic Threat
Assessment technology
uses several algorithms
including advanced
challenge-response
techniques to categorise
all sources as unknown,
trusted, suspicious or
malicious based upon
their real-time behaviours.
• The Corero Request/
Response Behaviour
Analysis controls access
to downstream devices
based upon a source’s
“behaviours” which
enables enforcement of
usage standards on every
source IP address which
provides detection of
application-layer denial
of service attacks, as
well as other unwanted
behaviours and blocks
them before they reach
the victim devices.
• The Corero Protocol
Validation Engines inspects
all packets of a network
and/or application
transaction and compares
the observed content and
characteristics to what is
allowed, expected, or
required, based upon the
protocol specifications and
known implementations,
and takes the appropriate
real time actions (e.g.
detection/blocking) of
the violations.
• Corero has a real-time
reputation engine,
ReputationWatch, that
provides automated
real-time defence against
previously identified DDoS
attack sources. In addition,
IP address geolocation
technology enables
enforcement of security
policies based on national
origin of IP addresses.
OUR SERVICES
Threat
Update
Reputation
Watch
An automated protection update service that provides Corero customers with timely,
proactive protection from the latest security threats. The subscription service delivers
frequent protection updates and security advisories. These updates include updated
vulnerability and attack signatures to provide the most current, effective network threat
monitoring. Security advisories, an important aspect of the Threat Update Service,
inform customers of newly discovered threats, and recommend any actions that might
be necessary to obtain protection against the threat.
Enables customers to automatically block malicious IP addresses. Corero continuously
receives data feeds from global intelligence across the Internet to determine the current
threat status of malicious or suspicious IP addresses. Using IP reputation-based
information, ReputationWatch automatically identifies and blocks access from suspicious
sites including sources that have participated in DDoS attacks, systems delivering
specially crafted denial-of-service exploits, anonymized IP addresses behind proxies,
phishing sites, and spam sources. ReputationWatch also allows customers to block or
alert on access from countries with which they do not transact business for example by
choosing to block or set rate limits on all traffic from a nation or geography.
SecureWatch
A service which ensures that customers’ First Line of Defense solutions are always
up to date, running at optimum performance, and continuously protecting customers’
IT infrastructure against the latest threats.
SecureWatch
Plus
A comprehensive suite of DDoS defence configuration, optimization, 24x7 monitoring
and attack mitigation services. These services are customised to meet the security
requirements and business goals of each customer. SecureWatch PLUS includes access
to experts to assist in the realisation of the desired DDoS defence solution starting with
the organisation-specific implementation, commissioning and testing, continuing with
round-the-clock monitoring, and immediate response in the event of a DDoS attack.
Corero is dedicated to improving the
security of the Internet through the
deployment of its innovative First Line
of Defense solutions which provide
customers with protection against a
continuously evolving spectrum of
DDoS attacks and cyber threats that
have the potential to impact any Internet
connected business.
STRATEGIC REPORT
Why we
do it
The world in
which we operate
OUR MARKET
$17.9b
2013 worldwide IT security
spending will be $17.9 billion
Source: IDC
Number of companies
suffering cyber attacks to
steal commercial secrets
doubled in 2012-13
Source: Kroll
21%
of companies report that
DDoS is the most costly
form of attack
Source: Ponemon Institute
Firewalls don’t cut it anymore
as a first line of defence
Source: Network World
DDoS protection market to
double in period to 2017
(approaching $1 billion)
Source: IDC
The Internet has transformed the way commercial and public sector
organisations do business
Organisations today are embracing technology to enhance the productivity of their
employees, generate new revenue sources and improve their operating efficiency.
These technologies include cloud services, mobile computing, online services and
social networking. This greater reliance on information technology has significantly
increased the attack surface within organisations that is vulnerable to potential security
attacks. As a result organisations are having to make significant investments in IT
security to help protect against a myriad of potential threats.
The threat landscape has evolved
“Cyber attacks are one of the top four threats to our national security and cyber-crime
is costing our economy billions of pounds a year. And as businesses and government
move more of their operations online, the scope of potential targets will continue to
grow. It’s a race: to build sufficient cyber defences to match the growing volume and
dependence of our online economic, security and social interests.”
UK Cabinet Office Minister, Francis Maude
Cyber-crime continues to be costly
• The average annualised cost of cyber-crime for organisations is $11.6 million
per year (an increase of 26% over 2012)
• Cyber attacks have become common occurrences – two successful attacks
per company per week (an increase of 18% over 2012)
• The most costly cyber-crimes are those caused by DDoS, malicious insiders
and web-based attacks
Source: Ponemon Institute 2013 Cost of Cyber Crime Study
Existing security solutions do not protect against next-generation threats
Though firewalls are still a critical and necessary component of any IT network, they
are no longer the best type of device to deploy as the network’s first line of defence.
While firewalls serve many purposes, they do not have complete Layer 3–7 protection.
Attackers know these limitations and have devised attacks that can evade or overwhelm
a firewall, as well as the secondary security devices behind the firewall, such as intrusion
prevention systems.
The opportunity for Corero
Organisations need to respond to the increased risk presented by the growing number
of DDoS attacks and cyber threats – a security device specifically designed to detect
and stop unwanted traffic before it can overrun the IT infrastructure causing performance
issues, security exposures and even catastrophic outages.
This new first line of defence must be able to identify malicious attack traffic even if it
mimics legitimate traffic and the true customer communications that businesses want
and welcome.
The Corero First Line of Defense solution applies industry best practices as well as
sophisticated analysis techniques to thoroughly inspect traffic in order to stop DDoS
attacks and cyber threats. The Corero solution stops unwanted traffic that slows the
infrastructure and frustrates users, and in the process protects the existing infrastructure
and enables maximum uptime of business applications.
THE COMPETITIVE ENVIRONMENT
Corero is a leader in protecting enterprises and public sector
organisations against DDoS attacks and cyber threats. We have
defined the market for on premises First Line of Defense and
have developed the following key competitive advantages that
we believe will allow us to extend our leadership position:
• Always-on protection that blocks both network-layer flooding
attacks, as well as the more difficult to detect, low and slow
application-layer attacks.
• Granular configuration of security policies in order to allow
legitimate traffic to pass while blocking unwanted traffic.
• Broad security coverage – Inspection of every packet and
every flow (using Deep Packet Inspection) rather that a
sample-based approach used by most competitors.
• Purpose-built security appliance for high speed traffic
inspection using a multi-core processor architecture.
• Competitive price-performance resulting in the lowest total
cost of ownership for the end user.
• Expert security knowledge and technical support provided
by Corero’s 24x7 Security Operations Centre.
Our next generation product, SmartWall TDS, was launched
on 3 February 2014 to address the Internet service provider and
hosting provider markets. It adds key features like asymmetric
inspection, and multi-tenancy to allow our First Line of Defense
solutions to be deployed in service provider networks and hosting
data centers as a services-oriented platform. Service providers
and hosting providers can now deploy this platform in a modular
and scalable fashion to not only protect their own infrastructure but
more importantly to roll out revenue generating DDoS protection
services to multiple customers. SmartWall TDS extends our current
competitive advantages with the following key features:
OPPORTUNITIES
The awareness of cyber-crime and the impact on businesses
(small and large) is increasing with Board room accountability and
regulatory focus in certain industries, such as financial services.
We expect this trend to have a positive impact on our market.
Ernst & Young’s Global information Security Survey 2013 reported
that 50% of respondents indicate that their budgets will increase
anywhere from 5% to 25% or more in the next 12 months, and
14% of spend in the coming 12 months will be on security
innovation (emerging technology).
KEY MARKET CHALLENGES
• Robust security coverage – comprehensive network
security protection against layer 3 and layer 4 for both
IPv4 and IPv6 traffic.
• Industry-leading density, scalability and performance
– protection is provided through configurable access policies
with scalability from 10Gbps to 1Tbps in a single rack.
• Green, energy-efficient platform – energy-efficient design
with front-to-back cooling which fully supports economic
and environmental initiatives.
• Powerful centralised management for configuring,
controlling, and monitoring all SmartWall TDS appliances
from a central location.
• Flexible deployment configurations – multiple appliances
can be distributed to key control points in the provider
network or centrally combined in 1 Rack Unit shelves in
various configurations.
• Single solution to deliver comprehensive threat protection,
always-on connectivity, and complete visibility with the
family of SmartWall appliances.
The Corero principal competitors are other DDoS defence
equipment manufacturers such as Arbor Networks Inc.
and Radware Limited.
Corero is targeting a high growth security market; the DDoS
market is forecast to grow by 18% (CAGR) in the period 2012
to 2017 (Source: IDC) to $870 million. The existing Corero
DDS product is targeted at the enterprise on premises DDoS
protection market. The new SmartWall™ TDS product is
targeted at the service provider and hosting provider market.
The market for security products and services is competitive and
characterised by rapid changes in technology, the evolving cyber
threat landscape, customer requirements, and industry standards
and frequent new product introductions and improvements. We
need to be focused on our chosen market and deliver continuous
innovation to stay ahead of our competition. Corero will
address this challenge by working closely with our customers
and prospects, to leverage the flexibility of our platform
technology to deliver continuously evolving leadership
protection against the latest DDoS attacks and cyber threats.
Today’s enterprises are increasingly
dependent on their online presence for
generating revenues, ensuring employee
productivity, or providing a superb
customer experience. Ubiquitous Internet
access makes the enterprise susceptible
to cyber threats from around the world.
The resulting service outages cause
costly downtime, lost productivity, brand
damage and impact the enterprise’s
legitimate users.
Bankers
Santander
2 The Forbury
Reading
RG1 3EU
Silicon Valley Bank
3003 Tasman Drive
Santa Clara, California
95054
USA
Registrars
Capita Asset Services
Northern House
Woodsome Park
Fenay Bridge
Huddersfield
HD8 OLA
Website address
www.corero.com
O
v
e
r
v
e
w
i
i
S
t
r
a
t
e
g
c
R
e
p
o
r
t
G
o
v
e
r
n
a
n
c
e
i
F
n
a
n
c
a
i
l
S
t
a
t
e
m
e
n
t
s
N
o
t
i
c
e
o
f
A
G
M
C
o
r
p
o
r
a
t
e
D
i
r
e
c
t
o
r
y
Designed and produced by
www.accruefulton.com
�FIRST LINE OF DEFENSE
Corero Network Security plc
Annual Report & Accounts 2013
C
o
r
e
r
o
N
e
t
w
o
r
k
S
e
c
u
t
i
r
y
p
c
l
A
n
n
u
a
l
R
e
p
o
r
t
&
A
c
c
o
u
n
t
s
2
0
1
3
FIRST LINE OF DEFENSE
Registered Office
Regus House
Highbridge
Oxford Road
Uxbridge
Middlesex
UB8 1HR
�