Cohen & Steers
Annual Report 2023

Plain-text annual report

THE DDOS PROTECTION SPECIALISTS ANNuAl RepORt AND ACCOuNtS 2023 Corero Network Security plc C o r e r o N e t w o r k S e c u r i t y p l c A n n u a l R e p o r t a n d A c c o u n t s 2 0 2 3 Corero is dedicated to improving the security and availability of the internet through the deployment of innovative Distributed Denial of Service (“DDoS”) protection solutions. DDOS – PROTECTION WITHOUT THE DOWNTIME. we are specialists in automatic detection and mitigation solutions, that include network visibility, analytics, and reporting tools. Corero’s technology provides scalable protection capabilities against DDoS attacks, in even the most complex edge and subscriber environments, ensuring internet service availability and uptime. We protect thousands of organisations worldwide, across many verticals. Our customers are primarily internet service providers, hosting providers, cloud providers and SaaS providers. We are deployed internationally and, through our own teams and strategic partners, we continue to expand our footprint. CONteNtS Overview 01 2023 Highlights 02 At a glance 04 Business Model 06 Focus on Alliances: Akamai Technologies 08 Case Study: TechEnabler 10 Market Overview 12 Corero Explained 16 Customer proposition 17 Investor proposition Strategic Report 18 Chief Executive Officer’s Review 22 Financial Review 24 Key Performance Indicators 26 Key Stakeholders 26 Section 172 Statement 28 Principal Risks and Uncertainties 30 Environmental, Social and Governance Report Governance 32 Board of Directors 34 Non-Executive Chairman’s Corporate Governance Introduction 35 QCA Code Compliance 36 Corporate Governance Report 38 Board Performance and Remuneration Policy 39 Board Committee Reports 40 Directors’ Report 43 Statement of Directors’ Responsibilities 44 Independent Auditor’s Report Financial Statements and associated notes 49 Consolidated Income Statement 50 Consolidated Statement of Comprehensive Income 51 Consolidated Statement of Financial Position 52 Consolidated Statement of Cash Flows 53 Consolidated Statement of Changes in Equity 54 Notes to the Financial Statements 78 Company Statement of Financial Position 79 Company Statement of Changes in Equity Corporate Directory 83 Glossary 84 Corporate Directory FOR MORE INFORMATION VISIT corero.com OVERVIEW Strategic Report Governance Financial Statements Corporate Directory 2023 HIGHLIGHTS ReVeNue ARR1 $22.3m $16.9m GROSS MARGiN 90.3% 2019 2020 2021 2022 2023 $9.7m $16.9m $20.9m $20.1m $22.3m $7.2m $9.8m 2019 2020 2021 2022 2023 $12.8m $14.4m $16.9m 2019 2020 2021 2022 2023 81.0% 77.3% 85.1% 87.2% 90.0% Net CASH $5.2m 2019 2020 2021 2022 2023 $5.4m $4.4m $5.2m $7.6m $8.4m ADJuSteD eBitDA2 $2.2m -$2.5m 2019 -$0.6m 2020 pROFit/(lOSS) BeFORe tAXAtiON -$0.2m -$6.6m 2019 -$4.0m 2020 2021 $3.2m 2022 $1.7m 2023 $2.2m 2021 $1.4m 2022 $0.4m 2023 -$0.2m 1 ARR is defined as the normalised annualised recurring revenues and includes recurring revenues from contract values of annual support, software subscription and from DDoS Protection-as-a-Service (‘DDPaaS’) contracts 2 Adjusted EBITDA is defined as Earnings before interest, tax, depreciation, and amortisation excluding unrealised gains/(losses) on an intercompany loan and PPPL forgiveness FINANCIAL HIGHLIGHTS • Total revenue increased by 11% to $22.3 million (2022: $20.1 million) • ARR up 17% to $16.9 million as at 1 January 2024 (1 January 2023: $14.4 million) • Order intake increased by 4% to $24.8 million from $23.9 million in 2022 • Gross margins of 90% (2022: 87%) • Adjusted EBITDA2 of $2.2 million (2022: $1.7 million) • Loss before taxation of -$0.2 million (2022: profit of $0.4 million) • Earnings and diluted earnings per share of 0.0 cents (2022: 0.1 cents) • Net cash at 31 December 2023 of $5.2 million (2022: $4.4 million) OPERATIONAL HIGHLIGHTS • Customer support contract renewal rate of 98% (2022: 98%) demonstrating both the quality of Corero solutions and customer service • Annualised Recurring Revenues1 (‘ARR’) increased to $16.9 million (2022: $14.4 million), underpinning future revenues and reinforcing the importance of Corero’s solutions for our customers • The Group remains committed to ongoing investment across its technology platform and resource expansion to strengthen its market-leading position Corero Network Security plc Annual Report and Accounts 2023 01 AT A GLANCE WE ARE… DYNAMIC AND FAST-MOVING. Corero is dedicated to improving the security and availability of the internet through the deployment of innovative DDoS protection solutions. WHAT WE DO • Prevent downtime in the event of a DDoS attack • Eliminate the need for operator intervention by automatically mitigating over 98% attacks • Enable service providers to deliver added value to customers by offering DDoS protection services OUR MISSION Corero’s mission is to be our customers’ trusted partner on their journey to implement effective DDoS protection matched to their needs. WHY WE DO IT • To make the internet a safer place by protecting organisations from damaging DDoS attacks and the downtime that comes with it. • Corero customers benefit from rapid attack discovery, rapid mitigation, and a dynamic, flexible solution. HOW WE DO IT • Intelligently automated solution that protects from DDoS attacks in under a second. • Flexible and highly scalable deployment options to meet the needs of any business. • Comprehensive visibility with reporting and alerting for clear, actionable intelligence on the DDoS attack activity. 02 Corero Network Security plc Annual Report and Accounts 2023 RESPONSIBLE BUSINESS Corero aspires to carry out its business to the highest ethical standards, treating customers, partners, suppliers, and employees in a professional, courteous and honest manner. Corero is committed to promoting sustainability. We aim to promote good sustainability practice and to carry out our operations in a way which manages and minimises any adverse environmental impacts. Our products are used by thousands of businesses throughout the world to protect against disruptions that could have adverse economic, health, well- being and environmental consequences for the users and customers of those businesses (often in a mission critical way) and the knock-on effects to populations as-a-whole. OVERVIEW Strategic Report Governance Financial Statements Corporate Directory OUR VISION In an internet connected world, every business, application and individual is protected from DDoS attacks. OUR VALUES Values and beliefs underpin the strategy. These are lived to become the culture: Customers First; technology leadership & innovation; Operational excellence; integrity; employee empowerment & teamwork ACHIEVED THROUGH DELIVERED BY OUR PURPOSE To best protect customers from the damaging impact of DDoS cyber security attacks. OUR FOCUS Maintain our superior technological performance while delivering sustainable, long-term value to our stakeholders. OUR STRATEGIC GOALS 1. Grow our pipeline and corresponding revenue 2. Leverage our existing reseller and strategic partnerships and develop new ones 3. Target and expand our Ideal Customer Profile (‘ICP’) relationships 4. Better monetise our existing services and introduce new services 5. Amplify our demand generation programs 6. Continue to enhance our technological innovation leadership ENABLED BY OUR BUSINESS MODEL Please see our business model on pages 4 to 5. SUPPORTED BY OUR SUPPORTERS Our supporters are our customers; our partners including strategic alliance partners; our suppliers, our investors and our employees. Corero Network Security plc Annual Report and Accounts 2023 03 BUSINESS MODEL Corero’s technology provides scalable protection capabilities against DDoS threats, in even the most complex edge and subscriber environments, ensuring internet service availability and uptime. A CUSTOMER DRIVEN BUSINESS MODEL: INPUTS KEY SOLUTIONS SALES CHANNELS OUR CULTURE & VALUES See page 26 MARKET OVERVIEW See page 10 STRATEGIC ALLIANCES Akamai, Juniper and GTT INDIRECT SALES PARTNERS Value-added resellers and distributors DIRECT SALES Corero sales team SMARTWALL ONE SECUREWATCH Support, software updates, maintenance, monitoring INLINE/DATA PATH PROTECTION Surgical protection applicances for 10G, 100G and 400G network deployment SCRUBBING PROTECTION Out-of-band detection for larger networks, with redirection to surgical protection appliances in central scrubbing centers EDGE MITIGATION Out-of-band detection, using customers’ routers to protect large networks at the edge, without deploying applicances CLOUD MITIGATION Defends networks against saturating attacks which exceed their internet bandwidth capacity 04 Corero Network Security plc Annual Report and Accounts 2023 OVERVIEW Strategic Report Governance Financial Statements Corporate Directory CUSTOMER SEGMENTS SOURCE OF REVENUE OUTPUTS SAAS PROVIDERS DDOS PROTECTION AS-A-SERVICE EDGE PROVIDERS REVENUE SHARE CASH FOR REINVESTMENT See page 24 FINANCIAL RETURNS FOR INVESTORS See page 24 HOSTING AND CLOUD PROVIDERS SOFTWARE SUBSCRIPTION LICENCE ESG See page 30 INTERNET SERVICE PROVIDERS SUPPORT AND SERVICES APPLIANCE AND PERPETUAL SOFTWARE LICENCE Corero Network Security plc Annual Report and Accounts 2023 05 FOCUS ON ALLIANCES AKAMAI TECHNOLOGIES & CORERO. DDoS attacks continue to be one of the most prevalent forms of cyberattacks. “As organisations increasingly adopt hybrid workloads, the question of whether to deploy on-premises DDoS protection or subscribe to a cloud DDoS provider is not an ‘either-or’ choice. The partnership between Corero and Akamai provides a comprehensive approach to DDoS protection, allowing organizations and service providers to rest easy for both their on-premises and cloud-based needs,” said Corero’s Chief Technology Officer, Ashley Stephenson. Akamai Technologies, Inc. (Nasdaq: AKAM), the cloud company that powers and protects life online, announced a global partnership with Corero on 20th September 2023, with Akamai now offering Corero’s on-premises DDoS protection to extend Akamai Prolexic, Akamai’s own comprehensive portfolio of DDoS security solutions. DDoS attacks continue to be one of the most prevalent forms of cyberattacks. According to Corero’s threat research, DDoS carpet bombing attacks rose by 300% in 2022, and IPv6-based DDoS attacks increased by 500% during the same period. Similarly, Akamai has observed a record- breaking increase in high packet rate DDoS attacks by cybercriminals, state-sponsored actors, hacktivist groups, and other malicious actors targeting sectors such as financial services, gaming, high tech, and commerce. Prolexic is a cloud-based DDoS protection platform designed to stop attacks before they reach applications, data centers, and internet-facing infrastructure. Now organisations of all sizes that require on-premises DDoS defenses, whether in addition to cloud-based protection or as a stand-alone solution as part of their own network, can leverage Akamai Prolexic on-prem, which is powered by Corero’s SmartWall ONE. Akamai Prolexic on-prem, powered by Corero, helps protect against DDoS attacks on-premises and provides customers and mitigators maximum flexibility for use cases where a cloud solution cannot or may not be used exclusively. Akamai Prolexic hybrid combines cloud- based and on-premises DDoS defenses into a comprehensive solution that offers the lowest possible latencies and minimizes traffic redirection, while providing the security of a massive 20+ tbps dedicated defense capacity from more than 36 scrubbing centers of the Akamai Prolexic cloud platform. 06 Corero Network Security plc Annual Report and Accounts 2023 OVERVIEW Strategic Report Governance Financial Statements Corporate Directory Network services providers, hosting and cloud vendors, and businesses offering SaaS, PaaS, or IaaS can now leverage Akamai Prolexic on- prem and hybrid solutions to protect their own environments and provide DDoS protection services to their customers. With Akamai Prolexic on-prem, the operational costs related to transferring traffic to the cloud can be eliminated for the vast majority of small, fast, and subsaturating attacks, while the cloud- based defenses of Akamai Prolexic defend the network against sophisticated high-volume multi-vector attacks. The new Prolexic hybrid solution also allows companies to protect data-intense real-time services, like videoconferencing, gaming, voice, or multimedia applications, where low-latency local protection is preferred. The hybrid solution allows organisations to bring DDoS defense on-premises while still getting the safety of Prolexic’s massive cloud-based defense capacity to defend against large, sustained attacks. “It’s no secret that DDoS attacks are becoming bigger and more sophisticated. In just the past two years, seven out of 10 attacks observed were the largest ever mitigated by Akamai, and 65% of attacks we are seeing are highly targeted multi- vector attacks,” said Sean Lyons, Senior Vice President and General Manager of Infrastructure Security at Akamai. “Our partnership with Corero allows us to deliver a robust solution while enabling organizations to select the most optimal DDoS solution for their individual use cases whether it be on-demand, always-on, cloud, on-premises, or in a hybrid environment.” Both companies plan to deepen the collaboration further to provide industry- leading infrastructure security solutions by extending seamless cloud signaling, automation, and threat intelligence reporting. To learn more about Akamai and Corero’s strategic partnership, visit www.corero.com/ Akamai-partnership OUR PARTNERSHIP WITH CORERO ALLOWS US TO DELIVER A ROBUST SOLUTION WHILE ENABLING ORGANISATIONS TO SELECT THE MOST OPTIMAL DDOS SOLUTION FOR THEIR INDIVIDUAL USE CASES WHETHER IT BE ON-DEMAND, ALWAYS-ON, CLOUD, ON-PREMISES, OR IN A HYBRID ENVIRONMENT” Sean Lyons SENIOR VICE PRESIDENT AND GENERAL MANAGER OF INFRASTRUCTURE SECURITY AT AKAMAI Corero Network Security plc Annual Report and Accounts 2023 07 CASE STUDY: TECHENABLER OUR STRATEGY IN PRACTICE. TechEnabler Partners with Corero to Deliver Cutting- Edge Anti-DDoS Solutions in Brazil and LATAM with Revenue Sharing Model Corero entered into a key strategic partnership with TechEnabler, an established Brazilian network solutions distributor (the ‘Partnership’). The Partnership will enable Corero to expand its Latin American (‘LATAM’) footprint, which is a key focus of the Company’s overarching growth strategy, as it aims to provide unparalleled DDoS protection across corporate and communications provider networks in Brazil and the broader LATAM region. Leveraging TechEnabler’s extensive network and technical expertise, the Partnership will enable Corero to deploy its flagship SmartWall ONE platform to new customers, offering robust defence mechanisms against the evolving landscape of DDoS attacks and ransom threats. This Partnership is underpinned by a revenue-sharing model, ensuring mutual benefits and success from both organizations’ combined efforts. The Partnership has already secured Corero a product and services deal in excess of $1 million, the Company’s largest ever contract in the LATAM region, showcasing the unique capabilities of TechEnabler’s Local Scrubbing-as-a-Service (‘LSaaS’) offering, using Corero’s technology. The service is designed to deliver zero latency and precise traffic management, setting new standards in DDoS mitigation. Carl Herberger, Chief Executive Officer at Corero, commented: “Creating this strategic partnership with TechEnabler provides an ideal platform to expand our product reach in a key growth market for Corero, alongside aligning our business with a partner who shares our commitment to cybersecurity excellence. This agreement reinforces our focus on security innovation, which in turn will allow a new crop of businesses to fortify their networks against DDoS attacks whilst exploring further opportunities to leverage our cutting-edge solutions.” 08 Corero Network Security plc Annual Report and Accounts 2023 OVERVIEW Strategic Report Governance Financial Statements Corporate Directory Alvaro Aquino, General Manager of TechEnabler, said: “The Corero SmartWall® ONE platform effectively protects companies and carriers against DDoS attacks and ransom threats. Our business success with Corero’s technology since we partnered a little more than a year ago prompted the new revenue- sharing agreement that will bring our companies closer, certainly with even better outcomes for both.” Forte Telecom (which means ‘Strong Telecom’), a wholesale carrier providing services in six Brazilian states, chose Corero/ TechEnabler to protect its network and customers. Forte’s CEO, Sergio Simas, says: “Forte Telecom’s solution was exclusively designed to enable Forte to provide its customers with unique added-value services: It is based on the innovative concept of Local Scrubbing as a Service (LSaaS), which only Corero’s technology can deliver from the system architecture standpoint. Forte’s solution offers zero latency, with milliseconds of response time, and allows for precise customer traffic management, fully visualized throughout a sophisticated customer portal.” TechEnabler provides the Corero technology as the customer desires it. The customer may acquire the platform and choose the defense system design and modeling by TechEnabler, counting on support from the three centers in Brazil (in the cities of São Luís, Rio de Janeiro, and Porto Alegre) besides those in Mexico and Chile; or go for protection against DDoS attacks as a service, in the form of local mitigation, cloud mitigation, or a combination of local and cloud mitigation. Corero and Techenabler’s combined offerings will be showcased at the 14th Brazilian Association of Internet and Telecommunications Service Providers (‘ABRINT’) National Meeting in São Paulo, Brazil, from 12-14 June 2024. CREATING THIS STRATEGIC PARTNERSHIP WITH TECHENABLER PROVIDES AN IDEAL PLATFORM TO EXPAND OUR PRODUCT REACH IN A KEY GROWTH MARKET FOR CORERO, ALONGSIDE ALIGNING OUR BUSINESS WITH A PARTNER WHO SHARES OUR COMMITMENT TO CYBERSECURITY EXCELLENCE.” Carl Herberger CHIEF EXECUTIVE OFFICER Corero Network Security plc Annual Report and Accounts 2023 09 MARKET OVERVIEW CHANGES IN THE GLOBAL DDOS ATTACK LANDSCAPE BRING ABOUT A SURGE IN VOLUME OF ATTACKS AND VARIETY OF DEPLOYMENTS. CYBER THREATS AND DDOS ATTACKS A wide range of critical cybersecurity issues face every internet connected organisation. These threats include DDoS, hacking, breach, phishing, fraud, ransom, data theft and exfiltration. These cyber threats present themselves via the internet connections that are essential to support online business. Corero focuses on one specific category of these cybersecurity threats known as Distributed Denial of Service (‘DDoS’) and has developed an innovative, flexible, solution that delivers automatic detection and protection against these attacks. The broad range of motives for executing DDoS attacks, coupled with the relative ease with which they can be launched, means a variety of actors, including; criminal gangs, activists, terrorist groups and even nation states use them. Aside from those who are focused purely on disrupting services, some of those who carry out DDoS attacks do so for extortion, via ransom DDoS, or as a smokescreen for other cyberattacks designed to steal data. DDoS attacks continue to grow in sophistication, scale and frequency. Businesses and public-sector organisations are equally vulnerable to DDoS attacks and recent years have seen some of the world’s best-known companies fall victim to these attacks, with a significant impact for their customers and bottom line. The DDoS protection market is driven by the growing need for business continuity. Increasingly, always-on protection is the only answer to defend against the short, sharp, attacks which are the most prevalent. This is driving an increasing value-add service revenue opportunity for service providers. To meet the needs of these businesses, Corero’s SmartWall ONE solution delivers fast, automatic, and surgically accurate protection that ensures DDoS attacks are blocked before they can cause any impact. Deep packet inspection with exact match and heuristics-based behavioural detection, rather than traditional header-only flow- based techniques, delivers a speed and accuracy not possible with legacy solutions. And, with flexible deployment options that scale to tens-of-terabits capacity, SmartWall ONE can meet the needs of our customers today and grow with them as they evolve. tHe DDOS pROteCtiON MARket $3.6bn in 2023 Global DDoS Protection Market expected to reach $9.1bn by 2030 at 14% CAGR* 2020 $2,866 2022 2024 2026 2027 $3,916 $5,224 $6,771 $7,300 GlOBAl DDOS pROteCtiON MARket >44,000 Daily Attacks Daily DDoS attacks recorded during the first half of 2023, a 33% increase from 2022** * Verified Market Research DDoS Protection and Mitigation Market Size and Forecast 2023 ** NetScout H1 2023 Report 10 Corero Network Security plc Annual Report and Accounts 2023 OVERVIEW Strategic Report Governance Financial Statements Corporate Directory Corero Network Security plc Annual Report and Accounts 2023 11 CORERO EXPLAINED YOUR QUESTIONS ANSWERED. WHAT IS OUR MISSION? to be the customer’s trusted partner on their journey to implement effective DDoS protection matched to their needs. WHAT IS A DDOS ATTACK? A DDoS attack is a cyber threat, in which multiple computer systems or devices attack a target, such as a server, website or network, and impact the users of the targeted resources. The flood of incoming messages, connection requests, or malformed packets sent to the target causes it to slow or shut down or congests the host network thereby denying service to legitimate users. DDoS attacks are a threat to service availability, network security, brand reputation and ultimately lead to lost revenues. Attackers are continuing to leverage DDoS attacks as part of their cyber threat arsenal to either disrupt business operations or provide a smokescreen while they attempt to access sensitive corporate information. Attackers are increasingly leveraging creative ways to circumvent traditional security solutions or reduce the effectiveness of DDoS scrubbing solutions. DDoS attacks can be found in a multitude of sizes and are launched for a variety of motivations. They may also be used to extort payments via Ransom DDoS. Today’s cyber criminals do not even have to construct the attacks themselves. They can simply download ready made DDoS tools or use DDoS for hire services on the darkweb to accomplish their goals. STEPS IN A TYPICAL DDOS BOTNET ATTACK Step 1 Botmaster sends command and control signals to a botnet of infected devices or hosts identifying the victim and desired type of attack. Step 2 Botnet receives instruction and begins to attack the designated victim by sending a variety of malicious DDoS traffic across the internet. Step 3 Traffic from attacking bots, distributed across the internet, converges on the victim at the same time resulting in congestion, overload and denial of service for legitimate users. EXAMPLE OF A DDOS BOTNET ATTACK 1 2 3 Botmaster sends ‘LAUNCH’ command. Bots send attack traffic to victim. Attack traffic overwhelms the victim server or network. 12 Corero Network Security plc Annual Report and Accounts 2023 BOTMASTER COMMAND AND CONTROL SERVER BOTNET OF HUNDREDS OR THOUSANDS OF INFECTED DEVICES OR HOSTS VICTIM SERVER USERS OVERVIEW Strategic Report Governance Financial Statements Corporate Directory WHAT DAMAGE CAN A DDOS ATTACK DO? High availability of cloud services and online applications are critical for modern businesses and institutions. Any downtime brings risk, including: • Lost revenue. • Loss of control. • Operational costs to mitigate or recover from attacks. • Increased costs to retain unhappy customers and attract new customers. • Brand and reputation damage leading to competitive disadvantage or loss of confidence. • Regulatory fines, legal action, resignations. The SmartWall family of solutions utilise innovative, patented, technology to automatically and surgically remove DDoS attack traffic, while allowing good traffic to flow uninterrupted. They are amongst the highest performing in the industry, while providing the most flexible deployment options for any network for automated and accurate DDoS protection, at unprecedented scale, with the lowest total cost of ownership to the customer. We protect against DDoS attacks in seconds, or less, rather than the minutes or tens of minutes taken by legacy solutions. Corero’s market leading DDoS solution portfolio is endorsed by over 160 direct customers, many of whom are providers using Corero’s solution to protect hundreds, or thousands, of their customers. WHAT SOLUTIONS DO WE HAVE? Corero’s SmartWall DDoS protection solutions are designed to protect business continuity, service availability, revenues and brand reputations from harmful DDoS attacks. We do this for internet service providers, hosting and data centre providers and SaaS enterprises. Our SmartWall ONE solution delivers the industry’s broadest on-premises deployment options. From inline and in-datapath appliances, to out-of-band detection with edge and/or scrubbing protection for the largest provider networks. Corero’s edge solution includes integration that directly powers the silicon filtering capabilities increasingly built into modern edge routers, scaling to tens-of-terabits per second of protection, without the need to deploy additional appliances at the edge or needing to back-haul large volumes of attack traffic to scrubbing centres. WHAT CUSTOMER PROFILES DO WE TARGET? Corero’s Ideal Customer Profile (‘ICP’) is broken down into 3 distinct groups. The first being Tier 2 or Tier 3 internet service providers whose commercial customers would be potential customers for a DDoS Protection Service. The second group consists of hosting, edge and cloud providers that provide critical services and infrastructure to business customers. The third group comprises SaaS providers that have their own infrastructure which requires protection to ensure service availability for their customers. 20+ YEARS OF EVOLVING DDOS ATTACKS MafiaBoy DDoS: Yahoo!, Amazon, Dell, CNN, eBay, E*TRADE Organized Crime: Extortion Coordinated uS Bank attacks: Grew to 200 Gbps, and continue today Mirai Code: The Tbps era of attacks, OVH Memcached blows away the attack size record: 1.3Tbps GitHub 1.7Tbps US ISP 754M ppS Multivector Attack Spammers Discover Botnets estonia: Parliament, Banks, Media, Estonia, Reform Party 500 Gbps Hong kong Attacks: France swarmed after terror attack PlayStation & Xbox hit at Christmas Operation payback Anon hits Church of Scientology protonMail Attack Massive Attack launched Against DyN 500 ppS SyN Flood Carpet bombing / Spread spectrum Rio Olympics: 540 Gbps Spamhaus Attack: Reported to reach 310 Gbps AwS Attack 2.3 tbps Super Bowl DDoS Attack 1993 2001 2003 2005 2007 2009 2011 2013 2016 2017 2018 2019 2020 2021 2022 2023 Corero Network Security plc Annual Report and Accounts 2023 13 CORERO EXPLAINED CONTINUED WHAT STRATEGIC ALLIANCES DO WE HAVE? Akamai Technologies Akamai Technologies, Inc. is an NASDAQ listed company (NASDAQ: AKAM) (‘Akamai’) that provides market-leading content delivery network, cybersecurity, DDoS mitigation, and cloud services. Akamai is headquartered in Cambridge, Massachusetts, with revenue of $3.8bn in 2023. The company operates a network of servers worldwide, renting the capacity of the servers to customers running websites or other web services, in order to provide greater speed or availability to the customer by using an Akamai owned server that is located closer to the user. Corero entered into the partnership with Akamai in H2 2023, enabling Akamai to provide Corero’s best- in-class DDoS protection to its customers, complementing its own Prolexic cloud DDoS solution with Corero’s on-premises technology, allowing for full coverage across cloud, on-premises and hybrid DDoS protection. Juniper Networks Juniper Networks, Inc. (NYSE: JNPR) (‘Juniper’) is one of the world’s largest networking product, solutions and services companies, with revenues of over $5.6bn in 2023. Corero has a global partnership agreement with Juniper enabling Juniper to sell Corero’s SmartWall Threat Defence Director (‘TDD’) software product in conjunction with its own MX and PTX Series routers. Juniper and Corero have developed this fully integrated solution for large-scale network-edge DDoS defence that leverages powerful filtering capabilities in the latest generation of Juniper’s MX and PTX Series routers. GTT Communications GTT Communications, Inc. (NYSE: GTT) (‘GTT’) is a leading global cloud networking provider to multinational clients, with over 600 points of presence (‘POPs’), with revenues of $1.7bn in 2022. GTT operates a global Tier 1 internet network and provides a comprehensive suite of cloud networking services. GTT customers can purchase IP transit with DDoS protection powered by Corero’s SmartWall ONE solutions which are deployed in the GTT network. WHERE ARE WE LOCATED? Corero’s key operational centres are in Marlborough, Massachusetts in the USA and Edinburgh in Scotland, UK, with the Company’s EMEA headquarters and registered office at Salisbury House, 29 Finsbury Circus, London, EC2M 5QQ, UK. HOW DOES THE TECHNOLOGY WORK? HOW DO WE COMBAT DDOS ATTACKS? DDoS mitigation providers typically rely on NetFlow monitoring, to identify internet traffic anomalies and then re-direct that traffic to specialist scrubbing centres (which may be on-premises, or in the cloud) where the internet traffic can be scrubbed with a mix of automatic and manual interventions, before the remaining clean traffic is returned to its original destination. Corero supports this detect-and-redirect model with the Smartwall ETD product line. Detect and redirect can be ineffective if the length of the DDoS attack is short in duration. Continued uptime is critical for modern businesses with the continuity of their services being fundamental to their success. To meet the needs of these customers, Corero offers the Smartwall ONE TDS, TDD and ETD product lines featuring Deep Packet Inspection (‘DPI’), rather than flow monitoring, processing packets in real-time, in the data path or at the network edge, with a high level of automation based on exact match and behavioural heuristics- based rules. These products deliver highly scalable real-time DDoS protection up to tens of terabits per second, which makes Corero’s cost-performance ratio superior in the industry. 14 Corero Network Security plc Annual Report and Accounts 2023 OVERVIEW Strategic Report Governance Financial Statements Corporate Directory SMARTWALL ONE Corero’s SmartWall ONE solution is highly automated, detecting and mitigating attacks surgically without the expensive intervention of security analysts or network operators, who may not even know the network is under attack before SmartWall provides an alert to them that it is already blocking what would otherwise have been a business damaging attack. We have combined advances in Intel x86 multicore CPU technology, Data Plane Development Kit (‘DPDK’) software for packet processing acceleration, and high-performance network interface cards (‘NICs’), together with an innovative, patented, and highly efficient software architecture, to develop a new generation of physical and virtual appliances providing breakthrough price/performance for DDoS defence. With varied deployment topologies (in-line, datapath, scrubbing or edge) Corero’s SmartWall ONE family of solutions utilise innovative, patented technology to automatically and surgically remove the DDoS attack traffic, leaving good traffic to flow unimpeded. Protection is available in cost-effective scaling increments, from tens-of-gigabits to tens-of-terabits, supporting the full spectrum of customer bandwidth protection requirements. SmartWall ONE appliances perform sampled DPI to generate security metadata from traffic flows. The internal rules-engines examine this metadata to flag offending packet flows in real-time and block attacks. At the same time, the security metadata is streamed to the Corero SecureWatch® Analytics platform, where further analysis, involving correlation with other performance metrics and event data, enables rapid identification of new attack vectors. SecureWatch Analytics can formulate new mitigation rules for these vectors that are distributed out to each SmartWall instance. SECUREWATCH The Corero SecureWatch service is a tiered offering comprised of configuration optimisation, monitoring and mitigation response services. Corero’s SecureWatch Analytics application leverages Splunk’s analytics engine and provides detailed reporting to transform Smartwall’s sophisticated DDoS event data into easily consumable dashboards accessed via a multi-user web GUI. This enables customer security analysts to monitor and manage incident responses, with the ability to conduct sophisticated forensic analysis. The Corero multi-tenant SmartWall Service Portal enables a service provider’s customers (or ‘tenants’) to gain visibility into attacks via per-tenant dashboards. Service provider customers can assign tenant service levels and automatically distribute reports which showcase the value of the protection their customers are receiving. SOLUTIONS THAT FIT ANY INFRASTRUCTURE INLINE • Deployed directly on Internet links, in front of edge routers • Inspects all traffic to deliver fast and accurate protection DATAPATH • Deployed locally, adjacent to EDGE • Deployed centrally, remote SCRUBBING • Deployed centrally, remote edge routers from edge routers from edge routers • Inspects all, or selected, traffic to deliver fast and accurate protection • Inspects edge traffic samples and instructs routers to protect locally at the edge • Inspects edge traffic samples and redirects attack traffic to scrubbing protection devices ANALYTICS SERVICES • Traffic & Attack Analysis • World-Class SOC Service PORTAL • Multi-Tenant Protection SaaS CLOUD • Saturation Protection • Trend, Alerting, Reporting • 24x7x365 MSSP/Support • Detailed Reports & Visibility • Business Continuity SUPPORTED BY Corero Network Security plc Annual Report and Accounts 2023 15 CUSTOMER PROPOSITION SPEED SIMPLICITY FLEXIBILITY Attacks mitigated in seconds versus minutes or tens of minutes for competing technologies with zero downtime Automatic software, plug and play appliances for lowest TCO Multiple deployment options: on- premises, hybrid and cloud protection SCALABILITY VISIBILITY SUPPORT Modular and distributed, pay-as-you- grow protection Accurate, forensic-level attack and traffic visibility with SecureWatch Analytics World-Class 24x7x365 SOC support with SecureWatch Managed Services MATURITY JOURNEY SELLING DDOS AS A SERVICE • Per-Tenant visibility into DDoS attacks • Tenant Portal for Alerting & Reporting • Subscribe/Upsell/Retain Tenants DDOS PROTECTION • Full visibility into DDoS attacks • Victim Tenant(s) not impacted • Other Tenants unaffected DDOS MITIGATION • Basic visibility into DDoS attacks • Victim Tenant(s) impacted/sacrificed • Other Tenants may be impacted NO PROTECTION • No visibility of DDoS • Victim Tenant(s) offline • Other Tenants impacted • Am I being attacked? The maturity journey depicts a typical Corero customers’ DDoS journey and Corero’s ability to support customers at all stages of their DDoS growth needs. 16 Corero Network Security plc Annual Report and Accounts 2023 OVERVIEW Strategic Report Governance Financial Statements Corporate Directory INVESTOR PROPOSITION SUPERIOR PERFORMANCE CUSTOMER RELATIONSHIPS High performance, best-in-class solutions: automatic DDoS protection without disrupting or delaying legitimate network traffic. Corero automatically mitigates DDoS attacks in seconds, faster than any other solutions in the market. We enjoy high levels of trust with our customers which translates into high retention rates and long-term relationships. High annualised recurring revenues demonstrate such enduring relationships. Corero solutions provide continuity of service and allow our customers to generate incremental revenue. Our 98% customer support contract renewal rate demonstrates the quality of both our solutions and customer service. CUSTOMER SUPPORT AND SERVICE We provide high levels of customer support and service through our solutions engineers, SOC and Operations teams- worldwide, 24x7x365. We provide high levels of compatibility with customer indigenous equipment and systems. HIGH GROWTH MARKETS The increasingly interconnected world grows faster and more complex with higher speed connections; higher capacities and meshed networks; the proliferation of IoT and 5G devices; and the continued growth of cloud services. PROPRIETARY INTELLECTUAL PROPERTY In-house expertise and proprietary knowledge means we can innovate without significant outsourcing dependencies or royalty costs. Over 20 years of DDoS protection software development expertise leveraged to expand feature set. ATTRACTIVE BUSINESS MODEL, PERFORMANCE AND WORLD CLASS TEAM We have high gross margins, recurring and repeat business. Our world class, highly skilled team have decades of experience in the market we operate in. TIME TO MARKET Superior solution already developed and field proven. No development cycle with customers. Very quick and simple deployment cycles with high software content. On-going R&D investment in our solutions and product enhancements. SCALABILITY – ORGANIC AND PARTNERS We are establishing additional routes to market through our own direct sales team, resellers, distributors, and strategic partnerships. Where customers select appliance-based deployment, manufacturing is outsourced, mitigating any in-house supply constraints. Corero Network Security plc Annual Report and Accounts 2023 17 CHIEF EXECUTIVE OFFICER’S REVIEW THE COMPANY DELIVERED A STRONG PERFORMANCE ACROSS FY 2023. Carl Herberger CHIEF EXECUTIVE OFFICER ReVeNue 11% increase ARR 17% increase I AM DELIGHTED TO HAVE JOINED CORERO AT SUCH AN EXCITING TIME, WITH THE BUSINESS DELIVERING STRONG GROWTH ACROSS ALL OUR KEY METRICS IN FY 2023, ALONGSIDE THE CONTINUED EXPANSION OF BOTH OUR CUSTOMER BASE AND MARKET REACH.” 18 Corero Network Security plc Annual Report and Accounts 2023 Overview STRATEGIC REPORT Governance Financial Statements Corporate Directory STRATEGIC PROGRESS As the DDoS market and cybersecurity sector continue to evolve at a fast pace, and with a myriad of new digital threats emerging, the Company continues to focus on ensuring it is best positioned to remain at the forefront of the industry. The following key strategic pillars have been established to underpin operational and financial progress and drive growth in 2024 and beyond: • Increasing our customer base and market reach, as demonstrated by the addition of Techenabler to our customer base in the Brazilian market. • Growing strategic alliances by entering into a new partnership with Akamai to offer complementary technology to Akamai’s Prolexic Cloud offering. • Better monetising our existing services and introducing new services: we continue to enhance the protection and network security visibility for our customers. • Amplifying our demand generation programmes: increased on-line advertising and marketing campaigns including webinars and thought leadership speaking opportunities. • Continuing to increase our technological innovation leadership by investing in product development and ensuring we respond rapidly to market trends and technological advancements in DDoS protection technology. The launch of the SmartWall ONE solution during 2023 was a significant milestone for Corero as we cemented our position at the cutting edge of the technological landscape. The SmartWall ONE solution delivers a modular architecture which interfaces with industry- leading routers, increased protection against DNS-based attacks, and a new 100G software appliance solution. INTRODUCTION The Company delivered a strong performance in FY 2023, underpinned by new business momentum and organic growth. Despite a difficult macro-economic environment, we were able to deliver double digit growth in both revenue and ARR whilst repaying our outstanding bank loan facility and finishing the year cash generative, EBITDA profitable and debt free. We continued to execute our focused sales strategy during the Period. ARR increased to $16.9 million as at 1 January 2024, growth of 17% over the prior year (ARR at 1 January 2023: $14.4 million), driven by continued demand for Corero’s subscription-based and DDPaaS products. This strong performance continues to improve earnings visibility for the Company going forward, which, when aligned with the Group’s healthy business pipeline built through 2023, ensures Corero remains well positioned for revenue growth in 2024 and beyond. Our global partnership with Akamai, announced in September 2023, has already significantly expanded Corero’s routes to market and we anticipate that the relationship will deliver incremental revenue growth in the medium to long term. We also secured our first major LATAM partnership in the Period, with network solutions distributor TechEnabler supporting our growth in Brazil and the wider region as we aim to broaden our international reach. Corero has built both a market-leading product and management team to execute the Company’s enhanced sales strategy, driven by the following levers: • Large and high growth addressable market; • Market leading proprietary technology with global customer service capability; • Continued investment in sales and channel resources; • Scalable and recurring revenue model with strong gross margins; and • Strong base of existing customers and strategic partnerships. DDOS ADDRESSABLE MARKET AND MARKET DRIVERS The global DDoS protection market was worth c.$3.6 billion in 2023 and is expected to reach $9.1 billion by 2030 at a CAGR of 14%1. Corero operates within a significant segment of this overall market and estimates that the total addressable market exceeds $2.0 billion for its SmartWall ONE solutions. Cybercriminals are increasingly opting to launch DDoS attacks on corporations, favouring the method over more expensive and higher risk forms of cyberattacks, or even using DDoS as camouflage for ransomware attacks. A growing number of businesses globally are beginning to recognise DDoS attacks as their biggest cybersecurity concern largely due to the considerable reputational damage they can inflict2. Companies across all sectors and of all sizes are vulnerable to DDoS attacks, including those operating in fast-growing markets like satellite communications and cryptocurrency. Alarmingly, recent market research revealed that attacks on financial services rose a staggering 154% between 2022 and 20233, which, given the increasing digitalisation of banking, puts consumers in great jeopardy if corporations are not safeguarded by DDoS defence and mitigation solutions. Regionally, EMEA has suffered a sharp increase in DDoS attacks. Cybersecurity commentators believe this spike can be attributed to the geopolitical turmoil and resultant cyber warfare stemming from Russia’s invasion of Ukraine, including the emerging trend of hacktivism4. Strategic regional expansion is integral to Corero’s growth strategy, and post-period-end, we extended our partnership with cybersecurity solutions specialist and distributor Ingecom to increase our presence and exposure in EMEA. DDoS attacks, however, are prevalent across the globe, with North America estimated to account for 39% of the global DDoS protection and mitigation market growth until 20275. Corero’s partnership with Akamai, together with our investment in US sales and marketing initiatives and strategic North American recruitment, has ensured the Company remains well positioned to capitalise on new mandate opportunities within the US market. This is reflected by the geographic mix of the Group’s customer wins across 2023, where Corero secured contracts with a significant number of US and Canadian based companies. Corero Network Security plc Annual Report and Accounts 2023 19 CHIEF EXECUTIVE OFFICER’S REVIEW CONTINUED OUTLOOK Corero expects demand for the Company’s market-leading DDoS protection and mitigation solutions to continue to increase as more and more companies proactively seek trusted providers to help combat the fast- growing rise in these highly disruptive attacks. In 2024, Corero will build upon the robust foundations established in 2023. We are highly focused on continuing our new business and partnership momentum and are actively pursuing prudent regional expansion objectives. Our focus on profitability and positive cash- flow generation, whilst delivering both ARR and revenue growth, will enable us to further demonstrate the scalability of our business model. This will be supported, in part, by continued investment in R&D as we aim to roll-out new product features and innovative service enhancements. With the strong performance in FY 2023 and positive start to 2024, the Board is confident the Company can deliver on its growth prospects by growing Corero’s market share and reinforcing its reputation as the go-to DDoS protection solutions provider. Carl Herberger CHIEF EXECUTIVE OFFICER 26 March 2024 1 MarketsandMarkets – DDoS Protection and Mitigation Security Market Report, https://shorturl.at/gsCKX. 2 T&T – 2023 Cybersecurity Insights Report, https://www.itprotoday.com/attacks-and-breaches/ddos-not-ransomware-top-business-concern-edge-networks. 3 FS-ISAC/Akamai – DDoS: Here to Stay Report, https://shorturl.at/hMY28. 4 Europol – Cyber Attacks: The Apex of Crime-as-a-Service, https://sofiaglobe.com/2023/09/13/europol-russias-war-on-ukraine-led-to-significant-boost-in-ddos- attacks-on-eu-targets/. 5 Technavio – DdoS Protection Mitigation Market by Component, Application, and Geography – Forecast and Analysis 2023–2027, https://www.technavio.com/ report/ddos-protection-mitigation-market-analysis. 20 Corero Network Security plc Annual Report and Accounts 2023 Overview STRATEGIC REPORT Governance Financial Statements Corporate Directory Corero Network Security plc Annual Report and Accounts 2023 21 FINANCIAL REVIEW I AM PLEASED TO REPORT THAT THE COMPANY ACHIEVED DOUBLE DIGIT GROWTH ACROSS BOTH REVENUE AND ARR, WAS CASH GENERATIVE AND PROFITABLE, EXITING THE YEAR DEBT FREE. Phil Richards CHIEF FINANCIAL OFFICER 22 Corero Network Security plc Annual Report and Accounts 2023 Overview STRATEGIC REPORT Governance Financial Statements Corporate Directory REVENUE AND GROSS MARGINS Revenue in the year ended 31 December 2023 increased by 11% to $22.3 million in 2023 from $20.1 million in 2022. Annualised recurring revenues increased by 17% in the year with ARR of $16.9 million as at 1 January 2024, driven by growth in DDPaaS and software subscription orders (ARR at 1 January 2023: $14.4 million). The Company’s overall gross margin improved in the full year to 90% (2022: gross margin of 87%) driven by revenue mix changes in 2023. Software subscription license and appliance revenues in particular saw better margin capture while other revenue streams recorded similar margins to prior periods. OPERATING EXPENSES AND R&D INVESTMENT Underlying operating expenses excluding foreign exchange movements on intercompany balances and before depreciation and amortisation increased by $1.5 million from $16.5 million to $18.0 million due to continued investment both in sales and product development. PROFITABILITY The Group reported a positive EBITDA of $1.8 million in 2023. Adjusted EBITDA for the year was $2.2 million (2022: $1.7 million). Further details on these measures are provided in the Key Performance Indicators section on pages 24 to 25. Loss after taxation was $0.2 million (2022: profit of $0.6 million). Basic and diluted loss per share was 0.0 cents per share (2022: profit 0.1 cents per share). OPERATING CASH AND CASH EQUIVALENTS Overall, net cash generated from operating activities amounted to $3.1 million in the year (2022: used of $1.7 million), primarily due to the timing of working capital movements. Cash and cash equivalents excluding the impact of exchange rates decreased by $0.8 million (2022: decrease of $5.2 million). The Company used its strong balance sheet position to repay in full its bank term loan facility early during the year. The total amount of the bank term loan repaid during 2023 amounted to $1.2 million. Net cash, defined as cash at bank less total borrowings, at 31 December 2023 was $5.2 million (2022: $4.4 million). Phil Richards CHIEF FINANCIAL OFFICER 26 March 2024 Underlying operating expenses included a depreciation charge of $0.3 million (2022: $0.5 million) and an amortisation charge for research and development (‘R&D’) of $1.5 million (2022: $1.7 million). During the year, the Group enhanced its product offerings with new features and functionality, with R&D investment of $1.8 million (2022: $1.7 million). Capital expenditures in property plant and equipment were $0.8 million (2022: $0.4 million). The charge for share based payments amounted to $0.2 million in 2023 (2022: $0.4 million). Financing costs were lower in the year at $0.2 million (2022: $0.3 million) due to the repayment of the Company’s debt facility in 2023. ADJuSteD eBitDA $2.2m +29% -$2.5m 2019 -$0.6m 2020 2021 $3.2m 2022 $1.7m 2023 $2.2m pROFit/(lOSS) BeFORe tAXAtiON -$0.2m -150% -$6.6m 2019 -$4.0m 2020 2021 $1.4m 2022 $0.4m 2023 -$0.2m GROSS MARGiN 90.3% +3% 2019 2020 2021 2022 2023 81.0% 77.3% 85.1% 87.2% 90.3% Net CASH $5.2m +18% 2019 2020 2021 2022 2023 $5.4m $4.4m $5.2m $7.6m $8.4m Corero Network Security plc Annual Report and Accounts 2023 23 KEY PERFORMANCE INDICATORS Represents revenue from the sale of Corero solutions. peRFORMANCe Revenue for the year ended 31 December 2023 increased to $22.3 million (2022: $20.1 million). Represents the normalised annualised recurring revenues and includes recurring revenues from contract values of annual support, software license subscription and from DDoS protection-as-a-Service (‘DDpaaS’) contracts. peRFORMANCe Annualised recurring revenues increased in the year with ARR of $16.9 million as at 1 January 2024, driven by growth in DDPaaS and software subscription orders (ARR at 1 January 2023: $14.4 million). Represents gross profit divided by revenue. it measures the Group’s profitability before overheads. peRFORMANCe Corero’s gross margin of 90% increased from 2022 of 87%. REVENUE $22.3m +11% 2019 2020 2021 2022 2023 $9.7m $16.9m $20.9m $20.1m $22.3m ARR (ANNUALISED RECURRING REVENUES) $16.9m +17% $7.2m $9.8m 2019 2020 2021 2022 2023 $12.8m $14.4m $16.9m GROSS MARGIN % 90.3% +30 basis points 2019 2020 2021 2022 2023 81.0% 77.3% 85.1% 87.2% 90.3% 24 Corero Network Security plc Annual Report and Accounts 2023 Overview STRATEGIC REPORT Governance Financial Statements Corporate Directory ADJUSTED EBITDA $2.2m +29% -$2.5m 2019 -$0.6m 2020 2021 $3.2m 2022 $1.7m 2023 $2.2m PROFIT/(LOSS) BEFORE TAXATION -$0.2m -150% -$6.6m 2019 -$4.0m 2020 2021 $1.4m 2022 $0.4m 2023 -$0.2m NET CASH $5.2m +18% 2019 2020 2021 2022 2023 $5.4m $4.4m $5.2m $7.6m $8.4m peRFORMANCe Adjusted EBITDA of $2.2 million increased 29% from prior year (2022: $1.7 million). Represents the operating profit less unrealised foreign exchange differences on an intercompany loan, pppl forgiveness, depreciation, amortisation and any impairment of goodwill. the Board considers the Adjusted eBitDA to be a further useful measure of profitability as it excludes other significant non-cash items in addition to classic typical eBitDA non-cash items. For further details please see note 8. Represents the Company’s loss arising from operations, after depreciation, amortisation and any finance income or expenditure before any taxation charges or credits. peRFORMANCe Corero delivered a loss before taxation of $0.2 million (2022: profit before taxation of $0.4 million). Represents cash at bank less total borrowings. peRFORMANCe Net cash as at 31 December 2023 was $5.2 million (2022: $4.4 million). The Company repaid all of its outstanding bank loan debt during 2023. At 31 December, borrowings were nil (2022: $1.2 million). Corero Network Security plc Annual Report and Accounts 2023 25 KEY STAKEHOLDERS SECTION 172 STATEMENT The Directors are aware of their duty under Section 172 of the Companies Act 2006 to act in the way which they consider, in good faith, would be most likely to promote the success of the Company for the benefit of its members as a whole and, in doing so, to have regard (amongst other matters) to the: likely consequences of any decisions in the long-term interests of the Company’s employees; need to foster the Company’s business relationships with suppliers, customers and others; impact of the Company’s operations on the community and environment; Company’s reputation for high standards of business conduct; and need to act fairly as between members of the Company. The Board reviewed and re-confirmed the Company’s key stakeholder groups during the year. These are set out below along with details of the forms of engagement undertaken by the Board: WHY THEY MATTER WHAT MATTERS TO THEM CUSTOMERS Customers are the lifeblood of a successful growing business. Corero customers are concerned with having products and services that protect their online presence and operations from the increasing threat of DDoS attacks. High availability of cloud services and applications are critical for modern businesses and institutions, their revenue streams rely on having internet connectivity protected from the threat of DDoS attacks. SHAREHOLDERS Shareholders own the business. They are the providers of capital to grow and invest for future success. Concerned with a broad range of issues including, but not limited to, Corero’s financial and operational performance, strategic execution, investment plans and governance. PARTNERS Partners are an extension of Corero, representing the Corero brand in the market, providing an additional route to market to scale the business. Corero’s partners harness Corero’s innovative technology to deliver customer success through creation of unique joint value propositions. They share insights into what current and future customers want, ultimately impacting product strategy and roadmaps and accelerating business growth through sales and marketing programmes, as well as technical training, often with a greater, and more geographically dispersed sales force. EMPLOYEES Corero employees are a key resource, dedicated to creating, selling and supporting solutions that protect Corero’s customers from the increasing threat of DDoS attacks. Employees seek opportunities for personal development and career progression, a culture of inclusion and diversity, compensation and benefits, and the ability to make a difference within Corero. R E D L O H E K A T S R E D L O H E K A T S R E D L O H E K A T S R E D L O H E K A T S 26 Corero Network Security plc Annual Report and Accounts 2023 Overview STRATEGIC REPORT Governance Financial Statements Corporate Directory EVERY DAY CORERO IS INTERACTING WITH CUSTOMERS AND PROSPECTIVE CUSTOMERS – INCLUDING IN TENDERS, IN TECHNICAL PRESENTATIONS, IN QUOTING, IN INVOICING, IN DEPLOYMENT, AND IN AFTER-SALES AND ON-GOING CUSTOMER SUPPORT.” CORERO’S ENGAGEMENT THE BOARD’S ENGAGEMENT KEY EVENTS IN THE YEAR Executive Directors meet with customers throughout the year and feedback issues to the Board. The Board reviews strategy and monitors performance during the year with the aim of meeting customers’ needs more effectively. Receives regular competitor updates to understand Corero’s competitive performance and its strengths and weaknesses as regards meeting customer needs. Corero employees interact with customers every day– including in tenders, in technical presentations, in quoting, in invoicing, in deployment, and in after-sales and on-going customer support. Communications such as annual reports, interim reports and notices of general meetings. Investor roadshows, Stock Exchange announcements and press releases; www.corero.com. Board attendance at the AGM to answer questions. Feedback on investor meetings held by the Chairman. Executive Director meetings with investors. Corero consulted with major shareholders and key strategic partners during investor roadshows and forums. Partner Code of Conduct define expectations of responsible business and behaviour. Board updates regarding partner relationships, development and engagement. Regular Board reports, including updates on performance and key partner issues. Senior management engaged in quarterly review of progress of strategic partner relationships. The Board provides on-going consideration of key strategic partnerships, and whether to change or add to existing relationships. Board engaged in review of progress of strategic partner relationships. Board member engagement with Juniper and Akamai management. Various activities and forums to foster participation in Group events, invite opinions, questions and ideas. Regular ‘All Hands’ meetings are held. Board members attend the employee ‘All Hands’ meetings where appropriate. Performance appraisal and objective setting processes are performed annually. Corero Network Security plc Annual Report and Accounts 2023 27 PRINCIPAL RISKS AND UNCERTAINTIES THE GROUP HAS A NUMBER OF PRINCIPAL RISKS AND UNCERTAINTIES. REVENUE GROWTH Corero’s strategy outlined on page 3 depends on delivering revenue growth to meet these ambitions. Clearly, higher order intake and related revenue growth provides the opportunity for Corero to invest further in its future. Revenue growth is highly important to deliver profitable growth for the business. Conversely, lower sales growth reduces the Company’s cash resources which could impact the Company’s investment in sales and marketing and product development and its other associated goals. To deliver this order intake and, as a subset revenue growth, Corero needs to identify, meet and exceed customer needs. If Corero is not successful in identifying customer prospects with a business need Corero can solve, or developing go-to-market partner and channel partner relationships which generate revenue, this will compromise growth plans and success. To be successful Corero is: • targeting its Ideal Customer Profile (‘ICP’); • focusing its lead generation and sales resources, and product development, on its ICP; • working closely with go-to-market partners to grow its sales opportunity pipeline, progress sales opportunities and generate revenue and cash; and • developing relationships with new go-to-market partners and channel partners to expand its routes to market. RISK MANAGEMENT The Company operates a risk assessment process, which is embedded in day-to-day management and governance processes. As part of the annual planning and budgeting process, Corero management document the significant risks identified, the probability of those risks occurring, their potential impact and the plans for managing and mitigating each of those risks. The Board reviews the annual risk assessment including an annual assessment of the effectiveness of the Company’s internal control system, comprising financial, operational and compliance controls, to ensure that the Company’s risk management framework identifies and addresses all relevant risks in order to execute and deliver the Company’s strategy. The Directors are responsible for the Company’s system of internal control and for reviewing its effectiveness, whilst the role of management is to implement policies on risk management and control. The Company’s system of internal control is designed to manage, rather than eliminate, the risk of failure to achieve the Company’s business objectives and can only provide reasonable, and not absolute, assurance against material misstatement or loss. The Company operates a series of controls to meet its needs. These controls include, but are not limited to, the annual strategic planning and budgeting process, a clearly defined organisational structure with authorisation limits, reviews by senior management of monthly financial and operating information including comparisons with budgets, and forecasts to the Board. Given the size of the Company, the Board has concluded it is not appropriate to establish a separate, independent internal audit function. The Board will keep this under review. The Audit, Risk and Compliance Committee (‘ARCC’) reviews the effectiveness of internal controls. The ARCC receives reports from management and observations from the external auditors concerning the system of internal control and any material control weaknesses. Significant risk issues, if any, are referred to the Board for consideration. The Corero Risk Register, Auditor’s report, assessment of the effectiveness of the internal control system and key judgements report for the Annual Report and Accounts are tabled and reviewed by the ARCC. 28 Corero Network Security plc Annual Report and Accounts 2023 Overview STRATEGIC REPORT Governance Financial Statements Corporate Directory OTHER NON-PRINCIPAL RISKS AND UNCERTAINTIES There are a multitude of other risks and uncertainties that face companies like Corero, these include: risks and uncertainties associated with local legal requirements, political and geographic risk, the enforceability of laws and contracts, changes in tax laws, terrorist activities, wars and invasions, natural disasters and other types of health epidemics. PEOPLE To grow and address the challenges resulting from technology change and innovation in the DDoS protection market, the Company needs to retain and recruit the required sales, business development, and software development skills. Corero operates in a high growth cyber security market and if it is unable to recruit and retain the right skills this will compromise growth plans. Consequently, Corero targets paying salaries in the upper quartile for comparable positions. TECHNOLOGY CHANGE AND INNOVATION MARKET AWARENESS The DDoS mitigation market is competitive and characterised by changes in technology, customer requirements and new product introductions and improvements. Cybersecurity and DDoS attacks are constantly evolving and changing as attackers develop new methods and tools to evade defences. Corero is focused on its chosen markets and delivering continuous innovation by adding new DDoS attack defences and new machine learning and artificial intelligence capabilities, and striving to provide market leading solutions to secure customers from the threat of DDoS attacks. Corero is an emerging player in the DDoS prevention market and competes with much larger established organisations. If Corero is not successful in connecting with the market and raising its profile this will compromise growth plans. To raise market awareness of Corero and its DDoS protection solutions, the Company will continue to invest in targeted digital marketing and lead generation programmes, together with its brand awareness programmes. Corero Network Security plc Annual Report and Accounts 2023 29 ENVIRONMENTAL, SOCIAL AND GOVERNANCE (ESG) REPORT CORERO ASPIRES TO CARRY OUT ITS BUSINESS TO THE HIGHEST ETHICAL STANDARDS. we treat customers, partners, suppliers and employees in a professional, courteous and honest manner. we are committed to complying with environmental, social and governance requirements and Corero is dedicated to improving the security and availability of the internet for all. CORERO’S CULTURE AND VALUES We seek to live our culture and values every day, in a dynamic and professional manner. Our defined values are: Customers First; Technology Leadership & Innovation; Operational Excellence; Integrity; and Employee Empowerment & Team Work. In common with most intellectual property technology businesses, we know that the expertise, experience, and passion of our employees is genuinely what make our products and services market leading. For example, Corero’s Security Operation Centre (‘SOC’) comprises a team of highly experienced security analysts whose role it is to assist our customers’ IT and security teams mitigate the growing number of increasingly sophisticated DDoS attacks. This service and customer support offering is therefore an important competitive differentiator. Customers tell us they value the service levels and our team regularly receives very favourable feedback from our customers. CORERO’S APPROACH TO RESPONSIBLE BUSINESS IN SOCIETY Corero recognises that long-term success is underpinned by good relations with its key stakeholders, both external (partners, suppliers, customers, shareholders, regulators and others) and internal (employees). As part of Corero’s annual planning and budgeting process, the Company identifies its stakeholders and their respective needs, interests and expectations. In addition, the strategy for engaging with these stakeholder groups is formulated and implemented. Corero values feedback from its stakeholders and proactively endeavours to address any matter identified. Feedback is gathered from: customers and partners relating to Corero’s products and services in an on-going, continuous manner; shareholders, through investor relations roadshows; and employees as a part of regular ‘All Hands’ meetings. EMPLOYEES, DIVERSITY AND INCLUSION AND EMPLOYEE INTERACTION Our employees are Corero’s most important asset and the continued and sustained development of the Company relies on its ability to retain and attract high calibre employees and are proud to have many experienced and talented employees in our team. Corero operates an employee share option plan, with awards approved by the Corero Remuneration Committee. The Corero equal opportunities policy ensures that all job applicants and employees are treated fairly, no matter what age, race, colour, gender, religion or beliefs, sexual orientation, marital or partner status, ethnic origin or community, disability, and without favour or prejudice. We are committed to applying this policy throughout all aspects of employment, recruitment and selection, training, development and promotion. 30 Corero Network Security plc Annual Report and Accounts 2023 Overview STRATEGIC REPORT Governance Financial Statements Corporate Directory The Corero equal opportunity policy has been developed to maintain the following policy objectives: • To provide a safe and welcoming environment, in which individuals are valued, included and respected. • To advance equality of opportunity. • To eliminate unfair discrimination. • To foster good relations between different groups of people. We are an increasingly international, multi-cultural, gender diverse and diverse organisation. For example, many of our UK-based software engineers are drawn from local universities but also sponsored on EU skilled-migrant visas. Inclusion is the practice of providing everyone with equal access to opportunities and resources. We believe employees find an environment of understanding and respect at Corero – where voices and opinions are heard and carefully considered – this is made easier by the relatively flat hierarchy and agile nature of the business and the values we share. Employees are regularly informed of matters concerning their interest and the financial factors affecting the Company. The Company uses company-wide forums to communicate matters as well as team and individual meetings. ENVIRONMENTAL SUSTAINABILITY Corero has identified the following UN Sustainable Development Goals (‘SDGs’) most applicable to its activities listed in the table below. Corero is committed to promoting sustainability. We aim to lead, follow and to promote good sustainability practice, to carry out our operations in a way which manages and minimises any adverse environmental impacts from our activities. For many years Corero has operated a flexible remote working policy before remote working was necessitated by the COVID-19 pandemic. We aim to mitigate unnecessary travel and the impact on climate change. Our products are used by thousands of businesses throughout the world to protect against disruptions that could have adverse economic, health, well-being and environmental consequences for the users and customers of those businesses (sometimes in a mission critical way) and the knock-on effects to populations as- a-whole. Disruptions may emanate from individuals, groups, corporates or state- sponsored actors. Corero is committed to reducing our resource consumption where possible. Furthermore employees are encouraged to be environmentally aware. For example, Corero encourages the reuse or recycling of office waste, including paper, packaging, computer supplies and redundant equipment. Company cars are not provided. Wherever possible we seek to ensure that waste materials are disposed of in an environmentally safe manner and in accordance with regulations. We aim to provide materials such as marketing collateral in a paperless, digital way. ETHICAL BUSINESS Corero is committed to the fundamental values of integrity, transparency and accountability. We have a zero-tolerance policy with regard to bribery and corruption with reporting mechanisms in place. Corero adopts and enacts an Ethics and Anti- Bribery Policy to record the ethical way in which we conduct business and to make our ethical standards clear to everyone, including those with whom we do business, which includes resellers, agents and distributors as well as our customers. Corero provides training to all its employees on Anti-Bribery and Corruption. STRATEGIC REPORT SIGN-OFF In accordance with Section 414D(1) of The Companies Act 2006, The Strategic Report on pages 16 to 31 is signed by order of the Board. Phil Richards COMPANY SECRETARY 26 March 2024 uN SD Goals Good Health and well Being Quality education Decent work and economic Growth peace, Justice and Strong institutions How Corero contributes Ensuring healthy lives and promoting well-being at all ages is essential to sustainable development. We are committed to our people and their wellbeing and are proud of our supportive, collaborative culture and strong values. Obtaining a quality education is the foundation to improving people’s lives and sustainable development. Corero’s DDoS protection is favoured by many research and educational network customers as a secure way to deliver and promote their objectives. Sustained and inclusive economic growth can drive progress, create decent jobs for all and improve living standards. Corero’s DDoS protection protects the remote working practices, being a key feature of post-COVID-19 pandemic ways of working for most employers. Conflict, insecurity, weak institutions and limited access to justice remain a great threat to sustainable development. Corero’s solutions provide cyber protection against nefarious activities from individuals, crime and state-sponsored terrorist groups. Corero’s vision is an Internet connect world where every business, application and individual is protected from DDoS attacks. Corero Network Security plc Annual Report and Accounts 2023 31 BOARD OF DIRECTORS Jens Montanana EXECUTIVE CHAIRMAN Richard last INDEPENDENT NON-EXECUTIVE DIRECTOR* peter George INDEPENDENT NON-EXECUTIVE DIRECTOR Andrew Miller NON INDEPENDENT NON-EXECUTIVE DIRECTOR APPOINTED 6 August 2010 22 May 2008 3 January 2019 1 June 2020 1 January 2024 6 September 2013 21 September 2023 Richard has over 20 years’ senior experience in information technology having worked at board level for a number of publicly quoted and private companies in the technology sector. He is a Fellow of the Institute of Chartered Accountants in England and Wales (‘FCA’). * Richard Last is a Corero shareholder and has been a Non-executive Director of the Company for over 10 years, his independence has been considered by the Board. The Board is satisfied that Richard Last operates in an independent manner and is independent. BACKGROUND & EXPERIENCE Jens has spent the majority of his over 30-year career in the technology industry with considerable operational and commercial experience in the resale and distribution of information technology hardware and software solutions. He is the founder and CEO of Datatec Limited, established in 1986 which listed on the Johannesburg Stock Exchange in 1994. Between 1989 and 1993 Jens served as Managing Director and Vice-President of US Robotics (UK) Limited, a wholly owned subsidiary of US Robotics Inc., which was acquired by 3Com. In 1993, he co-founded US start-up Xedia Corporation in Boston, an early pioneer of network switching and IP bandwidth management, which was subsequently sold to Lucent Corporation in 1999 for $246 million. He has previously served on the boards and sub-committees of various public companies. CURRENT APPOINTMENTS CEO of Datatec Limited and Director of various Datatec Limited subsidiary companies. Chairman of Gresham Technologies plc, an LSE listed software and services company and Tribal Group plc, a technology company. Richard is also a Director of a number of private companies. Peter George is a US based executive with over 30 years’ experience in the IT networking and cybersecurity industry. He has a successful track record as CEO of leading IT network and security companies and provides sales and marketing leadership experience to the Board. Peter is the CEO of Evolv Technology, a US based leader in human security screening. Prior to that he was President and CEO of empow cybersecurity, a market innovator in AI, machine learning and advanced security analytics. Prior to empow, between 2008 to 2017, he was President and CEO of Fidelis Cybersecurity, a leading US-based Advanced Threat Defense business. Before joining Fidelis, Peter was President and CEO of Crossbeam Systems, a market leader in Unified Threat Management. Prior to that he was the President of Nortel Networks’ enterprise business where he was responsible for growing a $2 billion and 5,000 employee voice and data business in EMEA. Andrew Miller was until 31 May 2020 the CFO of the Company. He was until January 2022 the CFO and COO of C5 Capital Limited, an investment firm investing in the secure data ecosystem including cybersecurity, cloud infrastructure, data analytics and space, and CFO of the Haven Group, a private equity backed cyber security services provider. Prior to joining Corero Andrew was with the Datatec Limited group in a number of roles between 2000 and 2009 including the Logicalis Group Limited (‘Logicalis’) Operations Director and Corporate Finance and Strategy Director. Prior to this, Andrew gained considerable corporate finance experience in London with Standard Bank, West Deutsche Landesbank and Coopers & Lybrand. Andrew trained and qualified as a chartered accountant and has a bachelor’s degree in commerce from the University of Natal, South Africa. Andrew is a Chartered Accountant with over 20 years’ experience in the technology industry. Carl Herberger, CEO of Corero Ashley Stephenson (‘CTO’) first Phil joined Corero as CFO in Network Security, brings over joined Corero Network Security November 2022, bringing over 25 years of cybersecurity leadership as Executive Vice President of the 15 years of finance and operational experience. As an internationally Network Security division, with expertise to the Group. Phil joined recognized expert, he has held responsibility for product and Corero from Kambi Group plc, a executive roles at top security firms solution strategy in March 2012, Swedish-listed premium global including Radware, Evolve IP, Allied and was appointed Chief Executive sportsbook provider, working InfoSecurity, and most recently as Officer of Corero in January 2013. across the organisation for six Principal Security Consultant and An IT industry executive and years as SVP finance to oversee virtual CISO. Among his many achievements, Carl received the Technology Executive of the Year award in 2019 and helped establish the US Air Force’s first cyber warfare unit during his time as an intelligence officer. As CEO, he leverages his deep expertise across all facets of cybersecurity to lead Corero’s corporate strategy and help Corero’s customers manage risk and build resilient systems capable of withstanding today’s cyber threats. internet technology entrepreneur, their growth and international Ashley has operating experience expansion, including moving to in the United States, Europe and Philadelphia to oversee the setup Asia. His previous experience and delivery of their US facing includes: CEO of Reva Systems, service. Qualifying as an accountant which was acquired by ODIN, with KPMG UK, and having spent and CEO of Xedia Corporation, one year in the German and two which was acquired by Lucent. years in the Swedish respective He has provided strategic KPMG organisations, Phil then joined advisory services to a number Royal Dutch Shell as a financial of leading multinational IT controller where he spent two years companies including technology prior to joining Kambi Group plc. He is a fellow of the Institute of Chartered accountants. vendors, distributors and services companies. Ashley began his career at IBM Research & Development in the UK. He is a graduate of Imperial College, London with a degree in Physics and is an Associate of the Royal College of Science. Ashley has deep technology and software development skills and experience. CEO of Evolv Technology Inc. None. None. Director of Eyealike, Inc. and Director of Corero Network StepVest LLC. Security (UK) Ltd & Corero Group Services Ltd. 32 Corero Network Security plc Annual Report and Accounts 2023 Overview Strategic Report GOVERNANCE Financial Statements Corporate Directory Nomination Committee Remuneration Committee Audit, Risk and Compliance Committee Chair of Committee Carl Herberger CHIEF EXECUTIVE OFFICER Ashley Stephenson CHIEF TECHNOLOGY OFFICER phil Richards CHIEF FINANCIAL OFFICER/ COMPANY SECRETARY APPOINTED BACKGROUND & EXPERIENCE founder and CEO of Datatec Limited, established in 1986 which listed on the Johannesburg Stock Exchange in 1994. Between 1989 and 1993 Jens served as Managing Director and Vice-President of US Robotics (UK) Limited, a wholly owned subsidiary of US Robotics In 1993, he co-founded US start-up Xedia Corporation in Boston, an early pioneer of network switching and IP bandwidth management, which was subsequently sold to Lucent Corporation in 1999 for $246 million. He has previously served on the boards and sub-committees of various public companies. Jens has spent the majority of his over 30-year career in Richard has over 20 years’ senior Peter George is a US based experience in information technology executive with over 30 years’ Andrew Miller was until 31 May 2020 the CFO of the Company. the technology industry with having worked at board level for experience in the IT networking He was until January 2022 the CFO considerable operational and a number of publicly quoted and and cybersecurity industry. and COO of C5 Capital Limited, commercial experience in private companies in the technology the resale and distribution of sector. He is a Fellow of the Institute information technology hardware of Chartered Accountants in England and software solutions. He is the and Wales (‘FCA’). * Richard Last is a Corero shareholder Peter is the CEO of Evolv and has been a Non-executive Director of the Company for over 10 years, his independence has been considered by the Board. The Board is satisfied that Richard Last operates in an independent Inc., which was acquired by 3Com. manner and is independent. He has a successful track record as CEO of leading IT network and security companies and provides sales and marketing leadership experience to the Board. Technology, a US based leader in human security screening. Prior to that he was President and CEO of empow cybersecurity, a market innovator in AI, machine learning and advanced security analytics. Prior to empow, between 2008 to 2017, he was President and CEO of Fidelis Cybersecurity, a leading US-based Advanced Threat Defense business. Before joining Fidelis, Peter was President and CEO of Crossbeam Systems, a market leader in Unified Threat Management. Prior to that he was the President of Nortel Networks’ enterprise business where he was an investment firm investing in the secure data ecosystem including cybersecurity, cloud infrastructure, data analytics and space, and CFO of the Haven Group, a private equity backed cyber security services provider. Prior to joining Corero Andrew was with the Datatec Limited group in a number of roles between 2000 and 2009 including the Logicalis Group Limited (‘Logicalis’) Operations Director and Corporate Finance and Strategy Director. Prior to this, Andrew gained considerable corporate finance experience in London with Standard Bank, West Deutsche Landesbank and Coopers & Lybrand. Andrew trained and qualified as a chartered accountant and has a bachelor’s degree in commerce from the University of Natal, South Africa. Andrew is a Chartered Accountant with over responsible for growing a $2 billion and 5,000 employee voice and data 20 years’ experience in the technology industry. business in EMEA. CURRENT APPOINTMENTS Director of various Datatec Limited plc, an LSE listed software and subsidiary companies. services company and Tribal Group plc, a technology company. Richard is also a Director of a number of private companies. 6 August 2010 22 May 2008 3 January 2019 1 June 2020 1 January 2024 6 September 2013 21 September 2023 Carl Herberger, CEO of Corero Network Security, brings over 25 years of cybersecurity leadership experience. As an internationally recognized expert, he has held executive roles at top security firms including Radware, Evolve IP, Allied InfoSecurity, and most recently as Principal Security Consultant and virtual CISO. Among his many achievements, Carl received the Technology Executive of the Year award in 2019 and helped establish the US Air Force’s first cyber warfare unit during his time as an intelligence officer. As CEO, he leverages his deep expertise across all facets of cybersecurity to lead Corero’s corporate strategy and help Corero’s customers manage risk and build resilient systems capable of withstanding today’s cyber threats. Ashley Stephenson (‘CTO’) first joined Corero Network Security as Executive Vice President of the Network Security division, with responsibility for product and solution strategy in March 2012, and was appointed Chief Executive Officer of Corero in January 2013. An IT industry executive and internet technology entrepreneur, Ashley has operating experience in the United States, Europe and Asia. His previous experience includes: CEO of Reva Systems, which was acquired by ODIN, and CEO of Xedia Corporation, which was acquired by Lucent. He has provided strategic advisory services to a number of leading multinational IT companies including technology vendors, distributors and services companies. Ashley began his career at IBM Research & Development in the UK. He is a graduate of Imperial College, London with a degree in Physics and is an Associate of the Royal College of Science. Ashley has deep technology and software development skills and experience. Phil joined Corero as CFO in November 2022, bringing over 15 years of finance and operational expertise to the Group. Phil joined Corero from Kambi Group plc, a Swedish-listed premium global sportsbook provider, working across the organisation for six years as SVP finance to oversee their growth and international expansion, including moving to Philadelphia to oversee the setup and delivery of their US facing service. Qualifying as an accountant with KPMG UK, and having spent one year in the German and two years in the Swedish respective KPMG organisations, Phil then joined Royal Dutch Shell as a financial controller where he spent two years prior to joining Kambi Group plc. He is a fellow of the Institute of Chartered accountants. CEO of Datatec Limited and Chairman of Gresham Technologies CEO of Evolv Technology Inc. None. None. Director of Eyealike, Inc. and StepVest LLC. Director of Corero Network Security (UK) Ltd & Corero Group Services Ltd. Corero Network Security plc Annual Report and Accounts 2023 33 EXECUTIVE CHAIRMAN’S CORPORATE GOVERNANCE INTRODUCTION Jens Montanana EXECUTIVE CHAIRMAN THE BOARD IS COMMITTED TO CONTINUE TO UPHOLD HIGH STANDARDS OF CORPORATE GOVERNANCE, ENHANCING SHAREHOLDER VALUE, AND ENGAGING IN A FAIR AND TRANSPARENT MANNER WITH ALL OF THE GROUP’S STAKEHOLDERS.” BOARD COMMITMENT TO GOVERNANCE The Board is committed to continue to uphold high standards of corporate governance, enhancing shareholder value, and engaging in a fair and transparent manner with all of the Group’s stakeholders. The Board therefore supports and is committed to the principles of the QCA Corporate Governance Code. Details of our governance processes and procedures are set in out in the following pages. BOARD LEADERSHIP AND EFFECTIVENESS The Board recognises that to remain effective it must ensure that it has the right balance of skills, experience, knowledge and independence to enable it to discharge its duties and responsibilities. The Directors believe in the necessity for open debate in the boardroom and consider that existing Board dynamics and processes encourage honest, constructive and open debate with the Executive Directors. We conduct internal board evaluation reviews to monitor the Corero Board is operating effectively. OUR CULTURE AND VALUES We recognise the importance of our values and how we live them within our culture. The Board undertakes informal enquiries of employees to ensure our values are upheld and promoted to maintain a healthy corporate culture. In country Board meetings providing the Board with the opportunity to informally interact with employees based in the UK and US office locations. BOARD COMPOSITION The former Chief Executive Officer, Lionel Chmilewsky, resigned from the Board on 28 February 2023. I assumed the role of Executive Chairman with effect from 15 February 2023, and Andrew Miller was appointed Interim Chief Operating Officer with effect from 1 March 2023 until September 2023. Carl Herberger was appointed CEO and joined the Board of Directors on 1 January 2024. Following Carl’s appointment to the Board, I stepped back from the role as Executive Chairman of the Company and returned to my role as Non-Executive Chairman, effective 1 January 2024. STAKEHOLDER ENGAGEMENT We seek to maintain an open dialogue with all stakeholders including shareholders, customers, partners, suppliers and our employees. Details of our stakeholders along with details of the forms of engagement undertaken by the Board are set out on pages 26 to 27. In this context, I would like to give my continued thanks to our institutional and private investors for their continued support; to all wider stakeholders including our customers, strategic partners and suppliers; and thank all our employees for their determination, integrity and commitment to Corero. LOOKING FURTHER AHEAD Corero has delivered a very solid performance in 2023 across all metrics. The expectation of strong forecast growth in the DDoS market underpins the Board’s continued confidence, alongside Corero’s improved sales execution, and superior technological solution in the marketplace. To capitalise on this, we will continue to invest in the business in 2024 to deliver our strategic goals with the objective of creating long-term value for all our stakeholders. Jens Montanana EXECUTIVE CHAIRMAN 26 March 2024 34 Corero Network Security plc Annual Report and Accounts 2023 Overview Strategic Report GOVERNANCE Financial Statements Corporate Directory QCA CODE COMPLIANCE As an AIM-listed company, Corero adopts the principles of the Quoted Companies Alliance Corporate Governance Code (the ‘QCA Code’). The QCA Code identifies ten principles to be followed in order for companies to deliver growth in long-term shareholder value, encompassing an efficient, effective and dynamic management framework accompanied by good communication to promote confidence and trust. The following explains how Corero follows those QCA Code principles: 1 establish a strategy and business model to promote long-term value for shareholders 2 understand and meet shareholder needs and expectations 3 take into account wider stakeholder and social responsibilities and their implications for long-term success 4 embed effective risk management, considering both opportunities and threats, throughout the organisation 5 Maintain the Board as a well-functioning, balanced team led by the Chair Corero’s strategy is focused on being the leader in real- time, high performance DDoS protection and scaling the business for profitability though revenue growth. For more information please see pages 4 and 5. The CEO and CFO communicate regularly with shareholders, investors and analysts, including at our full year and half-yearly results roadshows. The full Board is available at the AGM to communicate with shareholders. Shareholders, our customers, partners and employees are our most important stakeholders. We engage with these communities via regular communications in our day-to-day activities, and via formal feedback requests. For more information please visit: http://www.corero.com/about/ investor-relations For more information please see page 26 and 27. Ultimate responsibility for risk management rests with the Board. Day-to-day management of risk is delivered through the way we do business and our culture. For more information please see pages 28 and 29. The Board has three established Committees: Audit, Risk and Compliance Committee; Nomination Committee; and Remuneration Committee. The composition and experience of the Board is reviewed primarily by the Nomination Committee. For more information please see pages 32, 33 and 35 – 39. 6 ensure that between them the Directors have the necessary up-to-date experience, skills and capabilities The Board is satisfied that its current composition includes an appropriate balance of skills, experience and capabilities, including experience of the cyber security market and international markets. For more information please see pages 32, 33 and 35 – 39. 7 evaluate Board performance based on clear and relevant objectives, seeking continuous improvement 8 promote a corporate culture that is based on ethical values and behaviours 9 Maintain governance structures and processes that are fit for purpose and support good decision making by the Board 10 Communicate how the Company is governed and is performing by maintaining a dialogue with shareholders and other relevant stakeholders The Board considers the effectiveness and relevance of its contributions, any learning and development needs and the level of scrutiny of the senior management team. An annual Board effectiveness review is undertaken to enable the Board to stand back and assess its strengths and areas for development. Corero recognises the importance of culture and values and in conjunction with employees defined the Company’s agreed values which are reinforced via training and performance management. The Board is responsible for the Group’s overall strategic direction and management, and for the establishment and maintenance of a framework of delegated authorities and controls to ensure the efficient and effective management of the Group’s operations. The Board is satisfied that the necessary controls and resources exist within the Company to enable these responsibilities to be met. For more information please see page 38. For more information please see pages 30 and 31. For more information please see pages 36 to 39. The investors section of our website includes our Annual Report, results, presentations, notice of AGM and results of the AGM and general meetings. For more information please visit: http://www.corero.com/about/ investor-relations Corero Network Security plc Annual Report and Accounts 2023 35 CORPORATE GOVERNANCE REPORT BOARD COMPOSITION AND RESPONSIBILITIES The Board sets Corero’s overall strategic direction, reviews management performance and ensures that the Company has the necessary financial and human resource in place to meet its objectives. Operational management of the Company is delegated to the Chief Executive Officer. The Chairman is responsible overall for adherence to the QCA code, and ensures this through effective chairing of Board meetings, and regular review of the Group’s governance processes and procedures. The Board comprises the Non-executive Chairman, two independent Non-executive Directors, one non-independent Non-executive Director and three Executive Directors whose Board and Committee responsibilities are set out below: Jens Montanana Peter George1 Richard Last Andrew Miller2 Ashley Stephenson Phil Richards3 Carl Herberger4 Non-executive / executive Director Non-executive Non-executive Non-executive Non-executive Executive Executive Executive 1 Resigned from Audit, Risk and Compliance Committee 30 January 2024 2 Appointed to Audit, Risk and Compliance Committee 30 January 2024 3 Appointed Director on 21 September 2023 4 Appointed Director on 1 January 2024 Board Compliance Committee Audit, Risk and Remuneration Committee Member Chairman Member Chairman Member Chairman Member Member Member Member Member Member Nomination Committee Chairman Member Member One third of all Directors are subject to annual reappointment by shareholders, as well as any Director appointed to the Board in the period since the last AGM, and any Non-executive Director whose tenure is more than nine years or whose independence is the subject of Board judgement. Richard Last, Phil Richards and Carl Herberger will be offering themselves for re-election at the forthcoming AGM. The Corero Board members’ biographies and their relevant experience, capabilities and skills and are set out on pages 32 and 33. BOARD BALANCE AND INDEPENDENCE The composition of the Board is reviewed regularly. Appropriate training, briefings, and inductions are available to all Directors on appointment and subsequently as necessary, taking into account existing qualifications and experience. The Board is satisfied that, between the Directors, it has an effective and appropriate balance of skills and experience, including operational, commercial and technology expertise and experience. All members of the Board have more than 20 years’ technology experience through investing in and working for a range of companies from start-ups to large established technology companies, with complementary financial, commercial, sales and marketing skills. The skills and experience of the Board are summarised in the table below: technology Cyber security Sales and marketing people international Governance Finance Jens Montanana Peter George Richard Last Andrew Miller Ashley Stephenson Phil Richards Carl Herberger 36 Corero Network Security plc Annual Report and Accounts 2023 Overview Strategic Report GOVERNANCE Financial Statements Corporate Directory The Board is cognisant of the lack of gender diversity and plans to address this as the Company grows through its recruitment policy. All Directors are able to take independent legal advice in relation to their duties, if necessary at the Company’s expense. In addition, the Directors have direct access to the advice and services of the Company Secretary. The Directors keep their skills up to date through a combination of their other roles (if applicable), attending appropriate training courses and seminars funded by the Company if appropriate, and by reading widely. There are no external advisers to the Board or any of its Committees, other than the Company’s broker (Canaccord Genuity). Corero’s Non-executive Chairman, Jens Montanana, is a material shareholder with an equity interest in Corero of 36.81% at 26 March 2024. His interests are strongly aligned with all shareholders. Richard Last is a Corero shareholder with a 0.88% equity interest in Corero at 26 March 2024 and has been a Non- executive Director of the Company for over 10 years. His independence has been considered by the Board. The Board is satisfied that Richard Last operates in an independent manner and is independent. EMPLOYMENT AND SERVICE AGREEMENTS The Director employment and service contracts are summarised below: • Ashley Stephenson, Carl Herberger and Phil Richards, all Executive Directors, have employment agreements which provides for the payment of six months’ base salary if the agreement is terminated by the Company without cause. • The Non-executive Directors’ letters of appointment are for 12-month terms and provide that the appointment may be terminated by either party giving to the other not less than three months’ notice. Non-executive Directors, per their letters of appointment, have a time commitment to the Company of not less than 12 days per annum including the attendance of Board meetings and the Company AGM. In addition, Non-executive Directors are expected to devote appropriate preparation time ahead of each meeting. BOARD RESPONSIBILITIES The Board meets, virtually or in person, on average once a quarter; additional meetings or conference calls are held as required. Each Director is provided with sufficient information to enable them to consider matters in good time for meetings and enable them to discharge their duties properly. The Board also ensures that the principal goal of the Company is to create shareholder value, while having regard to other stakeholder interests, and takes responsibility for setting the Company’s values and standards. The Board has a formal schedule of matters reserved to it for consideration and approval. These include: • Strategy and management. • Responsibility for the overall strategy and management of the Company. • Approval of strategic plans and budgets and any material changes to them. • Approval of the acquisition or disposal of subsidiaries and major investments, projects and contracts. • Changes relating to the Company’s capital structure. • Delegation of the Board’s powers and authorities. FINANCIAL MATTERS AND INTERNAL CONTROLS • Oversight of the Company’s operations ensuring competent and prudent management, sound planning and maintenance of adequate accounting and other records. • Approval of the annual and interim financial statements and accounting policies. • Approval of the dividend policy. • Ensuring an appropriate system of internal control and risk management is in place. CORPORATE GOVERNANCE • Review of the management structure and senior management responsibilities. • With the assistance of the Remuneration Committee, approval of remuneration policies. • Consideration of the independence of the Non-executive Directors. • Receiving reports and feedback from the Company’s shareholders. The Board receives regular briefings on the Company’s performance (including commentary and analysis), key issues and risks affecting the Company’s business. The Company maintains liability insurance for its Directors and Officers. The Company has also entered into indemnity agreements with the Directors, in terms of which the Company has indemnified its Directors, subject to the Companies Act limitations, against any liability arising out of the exercise of the Directors’ powers, duties and responsibilities as a Director or Officer. In the year ended 31 December 2023, the Board met, virtually or physically, on four scheduled occasions; further meetings and conference calls were held as and when necessary. Details of Directors’ attendance at scheduled meetings in the year to 31 December 2023 is shown in the table below: Jens Montanana Richard Last Peter George Andrew Miller Ashley Stephenson Phil Richards Meetings attended 4/4 4/4 4/4 4/4 4/4 2/2 DIRECTORS’ CONFLICT OF INTEREST The Company has effective procedures in place to monitor and deal with conflicts of interest. The Board is aware of the other commitments and interests of the Directors, and changes to these commitments and interests are reported to and, where appropriate, agreed with the rest of the Board. EVOLUTION OF THE COMPANY’S GOVERNANCE FRAMEWORK The Board will, on an on-going basis, and as the Company’s business develops and grows, review the appropriateness of the governance framework, including the composition of the Board and the need for an internal audit function, to ensure the Company delivers on its strategy and goals whilst maintaining appropriate governance structures. Corero Network Security plc Annual Report and Accounts 2023 37 BOARD PERFORMANCE AND REMUNERATION POLICY CONFLICTS OF INTEREST The members of the RC do not have any conflicts from cross-directorships that relate to the business of the Committee. The members of the RC do not have any day-to-day involvement in the running of the Group. BOARD CHANGES Given Corero’s size, the Company does not have internal succession candidates for the Executive Directors. In the event an Executive Director replacement is required, the Company would seek to recruit a replacement through a recruitment search process. The Board is satisfied that the Company’s middle management will ensure the Company’s business is not adversely impacted in the period between an Executive Director leaving and a replacement being recruited. INTRODUCTION An annual Board effectiveness review is undertaken to enable the Board to stand back and assess its strengths and areas for development. This review is conducted internally. The Board may refresh the performance assessment process based on external advice and if appropriate engage a third- party facilitator to assist in the performance of such effectiveness reviews every three years. The Remuneration Committee’s (‘RC’) remit is to measure the performance of and determine the remuneration policy relating to Directors and senior employees. To support this responsibility, it has access to professional and other advice external to the Group. Taking the performance factors into account, it then makes recommendations to the Board. To assist the work of the RC, the views of the CEO and CFO are also invited where appropriate. However, they do not participate in any decision related to their own remuneration. The Nomination Committee reviews and recommends nominees as new Directors to the Board. Senior management appointments are required to be approved by the RC. The Group is committed to the governing objective of maximising shareholder value over time. Each year the remuneration framework and the packages of the Directors are reviewed to ensure they continue to achieve this objective. The Group operates in the cyber security market which is a market with significant growth potential. It is also a competitive market with a number of companies who are significantly larger than Corero. The Group’s Executive Director remuneration policy is designed to attract and retain Directors of the calibre required to maintain the Group’s position in its marketplace. This is maintained through the use of bonus and share option schemes, as follows. BONUS A cash bonus designed to incentivise specific short-term financial goals. Goals and objectives are set for the Executive Directors based on key financial performance metrics. The Chief Executive Officer on-target bonus is set at 100% of base salary, the Chief Technology Officer on-target bonus is set at two-thirds of base salary and the Chief Financial Officer is set at one half of base salary. SHARE OPTIONS Share options are granted to encourage and reward delivery of the Company’s long-term strategic objectives and provide alignment with shareholders through the use of share- based incentives. All share-based incentives offered to Directors have a three-year vesting schedule, with one-third vesting on the first anniversary of the grant/start date, a further third on the second anniversary of the grant/start date and the final third the third anniversary of the grant/start date. Share options are granted with an exercise price set at the higher of market price or such other price as determined by the RC. 38 Corero Network Security plc Annual Report and Accounts 2023 Overview Strategic Report GOVERNANCE Financial Statements Corporate Directory BOARD COMMITTEE REPORTS The Board has three established Committees: • Audit, Risk and Compliance Committee: responsible for reviewing the Group’s interim and year end results announcements, and the Annual Report and Accounts; determining the application of the financial reporting and internal control and risk management procedures and assessing the scope, quality and results of the external audit. • Remuneration Committee: responsible for the policy for the remuneration of the Executive Directors and senior management; setting the remuneration of the Executive Directors, determining the payment of bonuses to Executive Directors; and approving the Company’s bonus and incentive arrangements for employees. • Nomination Committee: responsible for reviewing the composition, structure and size of the Board; assessing the leadership needs of the Group; and recommending nominees as new Directors to the Board. AUDIT, RISK AND COMPLIANCE COMMITTEE (‘ARCC’) REPORT The ARCC members comprise Richard Last, who is the Committee Chairman, and member Peter George, and meets at least twice a year. The Company’s Chief Financial Officer and Group Financial Controller, and the Company’s external auditors attend the meetings. In the year ended 31 December 2023, the ARCC met on two occasions. The attendance of individual Committee members at ARCC meetings in the year to 31 December 2023 is shown in the table below: risks of the Company and ensured these risks are properly assessed, monitored and reported on and the appropriate policies and procedures are in place. • Receive internal assurance as to the control framework through review and discussion with the internal finance function. • Consideration as to the effectiveness of the risk and control framework and that the processes are operating properly. The key financial reporting judgements relating to the financial statements for the year ended 31 December 2023 which the ARCC have considered and discussed with the auditors, include: Going concern basis for financial statements Revenue recognition Financial Statements note 2.2 2.4 Carrying value of goodwill and intangible assets 2.12 and 9 The ARCC is satisfied with the treatment in the financial statements and the disclosure in the notes. During the year, and in line with good governance practice, the ARCC led a competitive audit tender process for the 2023 Group audit. This included an assessment of skillset, audit approach, competitive pricing and team composition. As a result of this, the incumbent auditors BDO stood down following the completion of the 2022 year-end audit and MHA, the UK independent member firm of Baker Tilly International, were appointed on 20 June 2023. Richard Last (Committee Chairman) Peter George* Meetings attended 2/2 1/2 REMUNERATION COMMITTEE (‘RC’) REPORT The RC comprises Peter George, and members Jens Montanana and Richard Last. The RC meets at least twice a year. *resigned from ARCC 30 January 2024 The ARCC’s activities during the year, based on its terms of reference, are set out below: • Reviewed the scope and results of the external audit, its cost effectiveness and the objectivity of the auditors. • Reviewed, prior to publication, the interim financial statements, preliminary results announcement, the annual financial statements and the other information included in the Annual Report. Considered the regulatory, technical and operational In the year ended 31 December 2023, the RC met on two scheduled occasions; further meetings and conference calls were held as and when necessary. The attendance of individual Committee members at scheduled RC meetings in the year to 31 December 2023 is shown in the table top right: Peter George (Committee Chairman) Richard Last Jens Montanana Meetings attended 2/2 2/2 2/2 The RC’s activities during the year, which are based on its terms of reference, are set out below: • Reviewed the performance of the Executive Directors and set the remuneration of the Executive Directors. • Determined the payment of bonuses to Executive Directors and approved the Company’s bonus and incentive arrangements for employees. • Ensured the Company’s share option schemes were operated properly and approved the share option grants to Executive Directors and employees. The remuneration of the Chairman and Non-executive Directors is decided upon by the Board. Details of Directors’ remuneration for the year ended 31 December 2023 is set out in note 22 of the financial statements. NOMINATION COMMITTEE (‘NC’) REPORT The NC comprises Jens Montanana (Chairman), Richard Last and Peter George. The NC meets as required. In the year ended 31 December 2023, the NC met on four scheduled occasions. The attendance of individual Committee members at NC meetings in the year to 31 December 2023 is shown in the table below: Jens Montanana (Committee Chairman) Richard Last Peter George Meetings attended 4/4 4/4 4/4 The NC’s activities during the year, which are based on its terms of reference, are set out below: • Reviewed the composition, structure, and size of the Board. • Reviewed the leadership needs of the Group. Corero Network Security plc Annual Report and Accounts 2023 39 DIRECTORS’ REPORT GROUP RESULTS The Group’s Income Statement on page 49 shows a loss for the year of $0.2 million (2022: profit of $0.6 million). GOING CONCERN The financial position and cash flows are described in the Financial Review on page 22. An indication of likely future developments affecting the Company is included in the Strategic Report on pages 20 to 31. The Directors have prepared detailed income statement, balance sheet and cash flow projections for the period to 31 December 2025 (‘going concern assessment period’). The cash flow projections have been subjected to sensitivity analysis of the revenue, cost and combined revenue and cost levels which demonstrate that the Group and Company will maintain a positive cash balance through the going concern assessment period. As part of the sensitivity analysis, the Directors have noted that should the forecasted revenues not be achieved, mitigating actions can be taken to address any cash flow concerns. These actions include the deferral of capital expenditure, reduction in marketing and other variable expenditure alongside a hiring freeze. The Directors have also considered the geo- political environment, including inflationary fluctuations in some of our key markets and the conflicts in Ukraine and Gaza, and whilst the impact on the Group is currently deemed minimal, the Directors remain vigilant and ready to implement mitigation action in the event of a downturn in demand or an impact on operations. On this basis, the Directors have therefore concluded that it is appropriate to prepare the financial statements on a going concern basis. DIVIDENDS The Directors have not recommended a dividend (2022: $nil). SHARE CAPITAL The issued share capital of the Company, together with details of movements in the Company’s issued share capital during the financial period are shown in note 20 to the financial statements. As at the date of this report, 508,828,468 ordinary shares of 1p each (‘ordinary shares’) were in issue and fully paid with an aggregate nominal value of $6.3 million. The market price of the ordinary shares at 31 December 2023 was 8.25p and the shares traded in the range 5.75p to 10.25p during the year (as at 31 December 2022 was 9.3p and the shares traded in the range 9.3p to 14.5p during the year ended 31 December 2022). ISSUE OF SHARES POWERS AT THE AGM At the AGM held on 20 June 2023, shareholders granted authority to the Board under the Articles and section 551 of the Companies Act 2006 (the ‘Act’) to exercise all powers of the Company to allot relevant securities up to an aggregate nominal amount of £1,666,513.24. Also at the AGM held on 20 June 2023, shareholders granted authority to the Board under the Articles and section 570(1) of the Act to exercise all powers of the Company to allot equity securities wholly for cash up to an aggregate nominal amount of £499,953.97 without application of the statutory pre-emption rights contained in section 561(1) of the Act. SUBSTANTIAL SHAREHOLDINGS The Company has been notified of the following holdings that are 3% or more of the Group’s ordinary share capital as at 22 March 2024: SUBSTANTIAL SHAREHOLDINGS The Company has been notified of the following holdings that are 3% or more of the Group’s ordinary share capital as at 27 March 2024: Ordinary shares of 1 pence each Jens Montanana* Caraway Group Inc Sabvest Capital Holdings Ltd Juniper Networks Inc Herald Investment Management Ltd Richard Koch Peter Kennedy Gain** Number 187,300,406 53,586,016 50,000,000 49,179,772 44,692,121 29,701,500 16,378,246 % 36.81 10.53 9.83 9.67 8.78 5.84 3.22 * of which 33,674,846 are held in the name of JPM International Limited, which is wholly owned by Jens Montanana, and 125,871,751 are held in the name of The New Millennium Technology Trust of which Jens Montanana is a beneficiary. ** of which 4,900,000 shares are held in the name of Draper Gain Investments Ltd. 40 Corero Network Security plc Annual Report and Accounts 2023 Overview Strategic Report GOVERNANCE Financial Statements Corporate Directory DIRECTORS’ SHAREHOLDINGS* Jens Montanana Peter George Richard Last Andrew Miller Phil Richards Ashley Stephenson Carl Herberger 26 March 2024 31 December 2023 31 December 2022 Number % Number % Number 187,300,406 36.81 187,300,406 37.35 187,300,406 – 4,500,000 1,091,437 – 38,000 1,344,497 – 0.88 0.21 – 0.01 0.26 – 2,500,000 1,091,437 – 38,000 1,344,497 – 0.50 0.22 – 0.01 0.27 – 2,500,000 1,091,437 – 38,000 – % 37.46 – 0.50 0.22 – 0.01 – *Lionel Chmilewsky resigned during 2023 and therefore is not included in this table. For reference he held nil shares in the Company during this period. DIRECTORS’ INDEMNITIES The Company has qualifying third-party indemnity provisions in place for the benefit of its Directors. These remain in force at the date of this report. DIRECTORS AND DIRECTORS’ INTERESTS The Directors who served in office during the year and up to the date of this report and their interests in the Company’s shares were as above. The biographical details of the current Directors of the Company are set out on pages 32 and 33. Details of the share options held by Directors are shown in note 24 to the financial statements. FINANCIAL RISK MANAGEMENT OBJECTIVES AND POLICIES The Group’s business activities expose it to a variety of financial risks. The policies for managing these risks are described below: • Liquidity risk – arises from the Group’s management of working capital and finance charges. It is a risk that the Group will encounter difficulty in meeting its financial obligations, details of which are set out in note 16, as they fall due. Liquidity risk is managed by the Finance function. Annual budgets are agreed by the Board, enabling the Group’s cash flow requirements to be anticipated. • Credit risk – arises from cash and cash equivalents and from credit exposures to the Group’s customers including outstanding receivables and committed transactions. Credit risk is managed with regular reports of exposures reviewed by management. The Group does not set individual credit limits but seeks to ensure that customers enter into legally enforceable contracts that include settlement terms that demonstrate the customers’ commitment to the transaction and minimise this risk exposure. The amounts of trade receivables presented in the Statement of Financial Position are shown net of allowances for doubtful accounts estimated by management based on prior experience and their assessment of the current economic environment (note 14). The Group has no significant concentration of credit risk, with exposure spread over a number of customers. The credit risk on liquid funds and financial instruments is limited because the counterparties are banks with acceptable credit ratings assigned by international credit rating agencies. • Currency risk – there was no material impact from trading currency risk on the Group’s profit or loss for the year from exchange rate movements, as foreign currency transactions are entered into by Group companies whose functional currency is aligned with the currencies in which it transacts. Exchange rate risks do arise in relation to (i) the bank loan which is GBP denominated and equity fund raises which are in GBP, given the Company’s AIM listing, to the extent such funds are required to support US dollar denominated funding requirements, and (ii) GBP denominated obligations of the Group given the invoicing currency of the Group is US dollar denominated. The Group has not hedged such GBP debt and equity fund raises or GBP denominated expenses in the past as US denominated funds received by the Group’s UK subsidiary have been used to fund the Group’s US subsidiary to the extent such funding has been required, with the GBP funding requirements satisfied from the GBP denominated funds generated from GBP debt and equity fund raises. The Group keeps this policy under review based on the expected timing of US dollar and GBP operational funding requirements. The principal risk which applies to the Parent Company’s financial statements is the risk that the returns generated by the subsidiaries might not support the carrying value of the cost of the investments in subsidiaries. The carrying value is tested at least annually for impairment and, if necessary, impaired as appropriate. CAPITAL MANAGEMENT The Group monitors its available capital, which it considers to be all components of equity against its expected requirements. The Group’s objectives when maintaining capital are to safeguard the entity’s ability to continue as a going concern, so that it can continue to provide returns for shareholders and benefits for other stakeholders, and to ensure that sufficient funds can be raised for investing activities. In order to maintain or adjust the capital structure, the Company may return capital to shareholders, issue new shares, or sell assets. The Group does not review its capital requirements according to any specified targets or ratios. Corero Network Security plc Annual Report and Accounts 2023 41 DIRECTORS’ REPORT CONTINUED TREASURY MANAGEMENT The objectives of Group treasury policies are to ensure that adequate financial resources are available for development of the business while at the same time managing financial risks. Financial instruments may be used to reduce financial risk exposures arising from the Group’s business activities and not for speculative purposes. The Group’s treasury activities are managed by the Group Financial Controller who reports to the Board on the implementation of the Group treasury policy. ENVIRONMENT The Group’s activities are primarily office- based and as such the Directors believe that there is no significant environmental impact arising from the Group’s activities. The Group complies with local WEEE regulations. No environmental performance indicators are therefore included within this report. The Group’s environmental policy states: ‘We endeavour to recycle appropriate materials where possible and to efficiently use natural resources and energy supplies so as to minimise our environmental impact. We will comply with the relevant statutes and legislation. Furthermore, employees are encouraged to be environmentally aware. Company cars are not provided.’ RESEARCH AND DEVELOPMENT The development of computer software is an integral part of the Group’s business and the Group continues to develop its software in response to user demand, and particularly the changing IT security threat landscape. During the year the Group enhanced the features and functionality of its existing products. A capital investment of $1.8 million (2022: $1.7 million) was made during the year. Amortisation of $1.5 million (2022: $1.7 million) and costs not capitalised of $1.8 million (2022: £1.7 million) were charged to the Group Income Statement during the year. EMPLOYEES The quality and commitment of the Group’s employees has played a major role in the Company’s continued progress. This has been demonstrated in many ways, including strong customer satisfaction, the development of new product offerings and the flexibility employees have shown in adapting to changing business requirements. The Group operates sales commission, incentive bonus plans and share option plans to provide incentives for achievements which add value to the business. ANNUAL GENERAL MEETING Notice of the AGM together with details of the business to be considered will be sent to shareholders in due course. AUDITORS In so far as each Director is aware: • there is no relevant audit information of which the Company’s auditors are unaware; and • the Directors have taken all the steps that they ought to have taken to make themselves aware of any relevant audit information and to establish that the Company’s auditors are aware of that information. During the year, and in line with good governance practice, the ARCC led a competitive audit tender process for the 2023 Group audit. As a result of this, incumbent auditors BDO stood down following the completion of the 2022 year- end audit and MHA, the UK independent member firm of Baker Tilly International, were appointed on 20 June 2023. APPOINTMENT OF CEO POST YEAR END Carl Herberger was appointed CEO of the Group, effective 1 January 2024. By order of the Board Phil Richards COMPANY SECRETARY 26 March 2024 42 Corero Network Security plc Annual Report and Accounts 2023 Overview Strategic Report GOVERNANCE Financial Statements Corporate Directory STATEMENT OF DIRECTORS’ RESPONSIBILITIES The Directors are responsible for keeping adequate accounting records that are sufficient to show and explain the Group’s transactions and disclose with reasonable accuracy at any time the financial position of the Group and enable them to ensure that the financial statements comply with the Companies Act 2006. They are also responsible for safeguarding the assets of the Group and hence for taking reasonable steps for the prevention and detection of fraud and other irregularities. the Directors are responsible for preparing the Annual Report and Financial Statements in accordance with applicable law and regulations. Company law requires the Directors to prepare financial statements for each financial year. Under that law the Directors have elected to prepare the Group financial statements in accordance with UK adopted international accounting standards. The Directors have chosen to prepare the Company financial statements in accordance with applicable United Kingdom accounting standards, including FRS 101 Reduced Disclosure Framework (‘FRS 101’). Under company law the Directors must not approve the financial statements unless they give a true and fair view of the state of affairs of the Group and Parent Company and of the profit or loss of the Group for that period. The Directors are also required to prepare financial statements in accordance with the rules of the London Stock Exchange for companies trading securities on the AIM. In preparing these financial statements, the Directors are required to: The Directors are responsible for ensuring the Annual Report and the financial statements are made available on a website. Financial statements are published on the Company’s website in accordance with legislation in the United Kingdom governing the preparation and dissemination of financial statements, which may vary from legislation in other jurisdictions. The maintenance and integrity of the Company’s website is the responsibility of the Directors. The Directors’ responsibility also extends to the on-going integrity of the financial statements contained therein. • select suitable accounting policies and then apply them consistently; • make judgements and estimates that are reasonable and prudent; • state whether they have been prepared in accordance with UK adopted international accounting standards in conformity with the requirements of the Companies Act 2006, subject to any material departures disclosed and explained in the financial statements; and • prepare the financial statements on the going concern basis unless it is inappropriate to presume that the Group will continue in business. Corero Network Security plc Annual Report and Accounts 2023 43 • Evaluating the Directors’ assessment of the group’s ability to continue as a going concern, including an examination of cash flow forecasts, challenging the underlying data and key assumptions in those forecasts, being the level of sales, operating expenses and planned funding for software development, used to make the assessment and comparing these to historical performance and post period- end information. • Examining management’s budgets and forecasts and their basis of preparation, including review and assessment of the model’s appropriateness, mechanical accuracy and sensitivity analysis on key cash changes from movements in key assumptions. • Consideration of availability of funds required to settle obligations, as they fall due, during the going concern review period. Assessing the reasonableness and practicality of the mitigation measures identified by management in their conservative case scenario and considered by them in arriving at their conclusions about the existence of any uncertainties in respect of going concern. • Consideration of post-balance sheet events which may impact going concern. Based on the work we have performed, we have not identified any material uncertainties relating to events or conditions that, individually or collectively, may cast significant doubt on the Group’s and Parent Company’s ability to continue as a going concern for a period of at least twelve months from when the financial statements are authorised for issue. Our responsibilities and the responsibilities of the Directors with respect to going concern are described in the relevant sections of this report. INDEPENDENT AUDITOR’S REPORT For the purpose of this report, the terms ‘we’ and ‘our’ denote MHA in relation to UK legal, professional and regulatory responsibilities and reporting obligations to the members of Corero Network Security plc. For the purposes of the table on page 45 that sets out the key audit matters and how our audit addressed these key audit matters, the terms ‘we’ and ‘our’ refer to MHA. The Group financial statements, as defined below, consolidate the accounts of Corero Network Security plc and its subsidiaries (the ‘Group’). The ‘Parent Company’ is defined as Corero Network Security plc, as an individual entity. The relevant legislation governing the Parent Company is the United Kingdom Companies Act 2006 (‘Companies Act 2006’). OPINION We have audited the financial statements of Corero Network Security plc for the period ended 31 December 2023. The financial statements that we have audited comprise: • the Consolidated Statement of Comprehensive Income • the Consolidated Statement of Financial Position • the Consolidated Statement of Cash Flows • the Consolidated Statement of Changes in Equity • Notes to the consolidated financial statements, including material accounting policies • the Company Statement of Financial Position • the Company Statement of Changes in Equity and • Notes to the Company financial statements, including material accounting policies. The financial reporting framework that has been applied in the preparation of the Group financial statements is applicable law and UK adopted International Accounting Standards. The financial reporting framework that has been applied in the preparation of the Parent Company financial statements is applicable law and United Kingdom Accounting Standards, including Financial Reporting Standard 101 Reduced Disclosure Framework (United Kingdom Generally Accepted Accounting Practice). In our opinion: • the financial statements give a true and fair view of the state of the Group’s and of the Parent Company’s affairs as at 31 December 2023 and of the Group’s loss for the year then ended; • the Group financial statements have been properly prepared in accordance with UK adopted International Accounting Standards; • the Parent Company financial statements have been properly prepared in accordance with United Kingdom Generally Accepted Accounting Practice; and • the financial statements have been prepared in accordance with the requirements of the Companies Act 2006. Our opinion is consistent with our reporting to the Audit Committee. BASIS FOR OPINION We conducted our audit in accordance with International Standards on Auditing (UK) (ISAs (UK)) and applicable law. Our responsibilities under those standards are further described in the Auditor’s Responsibilities for the Audit of the Financial Statements section of our report. We are independent of the Group in accordance with the ethical requirements that are relevant to our audit of the financial statements in the UK, including the FRC’s Ethical Standard as applied to listed entities, and we have fulfilled our ethical responsibilities in accordance with those requirements. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our opinion. CONCLUSIONS RELATING TO GOING CONCERN In auditing the financial statements, we have concluded that the Directors’ use of the going basis of accounting in the preparation of the financial statements is appropriate. Our evaluation of the Directors’ assessment of the Group’s and the Parent Company’s ability to continue to adopt the going concern basis of accounting included: • The consideration of inherent risks to the Group and Parent Company’s operations and specifically its business model and the evaluation of how those risks might impact on the Group and Parent Company’s available financial resources. 44 Corero Network Security plc Annual Report and Accounts 2023 Overview Strategic Report GOVERNANCE Financial Statements Corporate Directory OVERVIEW OF OUR AUDIT APPROACH Scope Our audit was scoped by obtaining an understanding of the Group, including the Parent Company, and its environment, including the Group’s system of internal control, and assessing the risks of material misstatement in the financial statements. We also addressed the risk of management override of internal controls, including assessing whether there was evidence of bias by the Directors that may have represented a risk of material misstatement. Materiality Group 2023 $400k parent Company $300k 2022 $400k $245k key audit matters • Revenue recognition • Capitalisation of development costs 1.8% of revenue (2022: 2% of revenue). 1% of net assets capped at 75% of Group materiality (2022: 0.5% of net assets capped at 61% of Group materiality). KEY AUDIT MATTERS Key Audit Matters are those matters that, in our professional judgement, were of most significance in our audit of the financial statements of the current period and include the most significant assessed risks of material misstatement (whether or not due to fraud) that we identified. These matters included those matters which had the greatest effect on: the overall audit strategy; the allocation of resources in the audit; and directing the efforts of the engagement team. These matters were addressed in the context of our audit of the financial statements as a whole, and in forming our opinion thereon, and we do not provide a separate opinion on these matters. key audit matter Description How the scope of our audit responded to the key audit matter Revenue recognition The Group generates revenue through the sale of hardware, licences and related maintenance and support for associated software. We considered there to be a significant audit risk associated with identifying the recognition and measurement of multiple revenue streams in accordance with IFRS 15. Due to the material impact of these transactions we considered this a key audit matter. Our audit work included, but was not restricted to the following: • We reviewed the group’s revenue recognition policy for each revenue stream through discussions with management and examined of the Group’s documentation; • We assessed whether the policies comply with international accounting standards; • We obtained an understanding of the process, systems, and controls in place surrounding revenue recognition; • We tested the design and implementation of controls in respect of revenue recognition; • We substantively tested revenue recognised in the period, and corroborated revenue recognised with supporting evidence; • We tested balance sheet items related to revenue, including cut off for the deferred and accrued revenue balances and valuation and amortisation of the sales commission contract asset; and • We reviewed financial statement disclosures in respect of revenue. key observations communicated to the Group’s Audit Committee: Based on our audit work detailed above, we are satisfied that the group’s revenue recognition accounting policy is in line with the requirements of IFRS 15, and that revenue has been recognised in accordance with the group’s revenue recognition policy. Corero Network Security plc Annual Report and Accounts 2023 45 INDEPENDENT AUDITOR’S REPORT CONTINUED key audit matter Description How the scope of our audit responded to the key audit matter Capitalisation of development costs The Group undertakes significant amounts of research and development which is capitalised as intangible assets. Judgement is required in distinguishing between research and development and in determining if development costs meet the recognition criteria of IAS 38. Due to required judgment and material nature of these costs we determined this to be a key audit matter. Our audit work included, but was not restricted to the following: • We held discussions and met with Senior management personnel in Engineering, Product development and Finance to understand the key projects/releases during the year, the systems, processes and controls around the recording of capitalised development costs and the key areas of judgement; • We recorded our assessment of controls and tested the design and implementation of those controls; • We assessed management’s accounting policy in respect of capitalised development costs and ensured it aligns with IAS 38; • We substantively tested the capitalised development expenditure to ensure the definition and recognition criteria were met; • We compared the recorded activity of development teams to the tasks allocated in the product development management system; • We held discussions with key team members to confirm the reasonableness of project time and allocation; • We analytically considered the completeness of recorded non-chargeable time of the development teams; • We challenged management’s assumptions in their valuation of intangible assets including the need for impairment; • Evaluated the reasonableness of the useful lives of intangible assets; and • Reviewed financial statement disclosures in respect of capitalised development costs. key observations communicated to the Group’s Audit Committee: Based on our audit work detailed above, we are satisfied that the group’s accounting policy in respect of capitalised development costs is in line with the requirements of IAS 38 and that costs have been capitalised in accordance with the policy. OUR APPLICATION OF MATERIALITY Our definition of materiality considers the value of error or omission on the financial statements that, individually or in aggregate, would change or influence the economic decision of a reasonably knowledgeable user of those financial statements. Misstatements below these levels will not necessarily be evaluated as immaterial as we also take account of the nature of identified misstatements, and the particular circumstances of their occurrence, when evaluating their effect on the financial statements as a whole. Materiality is used in planning the scope of our work, executing that work and evaluating the results. Materiality in respect of the Group was set at $400,000 (2022: $400,000) which was determined on the basis of 1.75% of the Group’s forecast revenues at the planning stage of the audit, the percentage based on final revenues was 1.8%. Group’s total revenue was deemed to be the appropriate benchmark for the calculation of Group materiality as this is the main measure by which the users of the financial statements assess the financial performance and success of the Group and is a Key Performance Indicator identified by management. Materiality in respect of the Parent Company was set at $300,000 (2022: $245,000), determined on the basis of 1% of the Company’s net assets capped at 75% of the Group materiality (2022: 0.5% of the Company’s net assets, capped at 61% of the Group materiality). Net assets were deemed to be the most appropriate benchmark to set materiality as the parent primarily holds investments in the Group’s subsidiaries. The materiality applied to the Parent Company was capped to 75% of Group materiality (2022: 61%) to mitigate the aggregated risk of material error on consolidation. Performance materiality is the application of materiality at the individual account or balance level, set at an amount to reduce, to an appropriately low level, the probability that the aggregate of uncorrected and undetected misstatements exceeds materiality for the financial statements as a whole. Performance materiality for the Group was set at $280,000 (2022: $300,000) and at $210,000 (2022: $184,000) for the Parent Company which represents 70% (2022: 75%) of the above materiality levels. The determination of performance materiality reflects our assessment of the risk of undetected errors existing, the nature of the systems and controls and the level of misstatements arising in previous audits. We agreed to report any corrected or uncorrected adjustments exceeding $20,000 (2022: $20,000) and $15,000 in respect of the Group and Parent Company respectively to the Audit Committee as well as differences below this threshold that in our view warranted reporting on qualitative grounds. 46 Corero Network Security plc Annual Report and Accounts 2023 Overview Strategic Report GOVERNANCE Financial Statements Corporate Directory Overview of the scope of the Group and Parent Company audits Our assessment of audit risk, evaluation of materiality and our determination of performance materiality sets our audit scope for each Company within the Group. Taken together, this enables us to form an opinion on the consolidated financial statements. This assessment takes into account the size, risk profile, organisation / distribution and effectiveness of Group-wide controls, changes in the business environment and other factors such as recent internal audit results when assessing the level of work to be performed at each component. In assessing the risk of material misstatement to the consolidated financial statements, and to ensure we had adequate quantitative and qualitative coverage of significant accounts in the consolidated financial statements we identified the UK and USA trading subsidiaries as principal business units within the Group. Full scope audits – Audits of the complete financial information of Corero Network Security Plc, Corero Network Security (UK) Ltd and Corero Network Security Inc were undertaken, these entities were selected based upon their size or risk characteristics. Specified procedures – The final reporting component, Corero Group Services Ltd, was not considered to be a significant component of the Group and thus specified procedures on all balances in excess of Group materiality were undertaken. Coverage – The Group audit approach provides 100% audit coverage of the Group’s revenues, operating loss before tax and total assets. The control environment We evaluated the design and implementation of those internal controls of the Group, including the Parent Company, which are relevant to our audit, such as those relating to the financial reporting cycle. REPORTING ON OTHER INFORMATION The other information comprises the information included in the annual report other than the financial statements and our auditor’s report thereon. The directors are responsible for the other information contained within the annual report. Our opinion on the financial statements does not cover the other information and, except to the extent otherwise explicitly stated in our report, we do not express any form of assurance conclusion thereon. Our responsibility is to read the other information and, in doing so, consider whether the other information is materially inconsistent with the financial statements or our knowledge obtained in the course of the audit, or otherwise appears to be materially misstated. If we identify such material inconsistencies or apparent material misstatements, we are required to determine whether this gives rise to a material misstatement in the financial statements themselves. If, based on the work we have performed, we conclude that there is a material misstatement of this other information, we are required to report that fact. We have nothing to report in this regard. STRATEGIC REPORT AND DIRECTORS’ REPORT In our opinion, based on the work undertaken in the course of the audit: • the information given in the strategic report and the Directors’ report for the financial period for which the financial statements are prepared is consistent with the financial statements; and • the strategic report and the Directors’ report have been prepared in accordance with applicable legal requirements. In the light of the knowledge and understanding of the Group and the Parent Company and their environment obtained in the course of the audit, we have not identified material misstatements in the strategic report or the Directors’ report. MATTERS ON WHICH WE ARE REQUIRED TO REPORT BY EXCEPTION We have nothing to report in respect of the following matters in relation to which the Companies Act 2006 requires us to report to you if, in our opinion: • adequate accounting records have not been kept by the Parent Company, or returns adequate for our audit have not been received by branches not visited by us; or • the Parent Company financial statements are not in agreement with the accounting records and returns; or • certain disclosures of Directors’ remuneration specified by law are not made; or • we have not received all the information and explanations we require for our audit. In the light of the knowledge and understanding of the Group and the Parent Company and their environment obtained in the course of the audit, we have not identified material misstatements in the strategic report or the Directors’ report. RESPONSIBILITIES OF DIRECTORS As explained more fully in the Directors’ responsibilities statement, the Directors are responsible for the preparation of the financial statements and for being satisfied that they give a true and fair view, and for such internal control as the directors determine is necessary to enable the preparation of financial statements that are free from material misstatement, whether due to fraud or error. In preparing the financial statements, the directors are responsible for assessing the Group’s and the Parent Company’s ability to continue as a going concern, disclosing, as applicable, matters related to going concern and using the going concern basis of accounting unless the Directors either intend to liquidate the Group or Parent Company or to cease operations, or have no realistic alternative but to do so. AUDITOR RESPONSIBILITIES FOR THE AUDIT OF THE FINANCIAL STATEMENTS Our objectives are to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditor’s report that includes our opinion. Reasonable assurance is a high level of assurance but is not a guarantee that an audit conducted in accordance with ISAs (UK) will always detect a material misstatement when it exists. Misstatements can arise from fraud or error and are considered material if, individually or in aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these financial statements. A further description of our responsibilities for the financial statements is located on the FRC’s website at: www.frc.org.uk/ auditorsresponsibilities. This description forms part of our auditor’s report. Corero Network Security plc Annual Report and Accounts 2023 47 INDEPENDENT AUDITOR’S REPORT CONTINUED Extent to which the audit was considered capable of detecting irregularities, including fraud Irregularities, including fraud, are instances of non-compliance with laws and regulations. We design procedures in line with our responsibilities, outlined above, to detect material misstatements in respect of irregularities, including fraud. These audit procedures were designed to provide reasonable assurance that the financial statements were free from fraud or error. The risk of not detecting a material misstatement due to fraud is higher than the risk of not detecting one resulting from error and detecting irregularities that result from fraud is inherently more difficult than detecting those that result from error, as fraud may involve collusion, deliberate concealment, forgery or intentional misrepresentations. Also, the further removed non-compliance with laws and regulations is from events and transactions reflected in the financial statements, the less likely we would become aware of it. Identifying and assessing potential risks arising from irregularities, including fraud The extent of the procedures undertaken to identify and assess the risks of material misstatement in respect of irregularities, including fraud, included the following: • We considered the nature of the industry and sector, the control environment, business performance including remuneration policies and the Group’s, including the Parent Company’s, own risk assessment that irregularities might occur as a result of fraud or error. From our sector experience and through discussion with the directors, we obtained an understanding of the legal and regulatory frameworks applicable to the Group focusing on laws and regulations that could reasonably be expected to have a direct material effect on the financial statements, such as provisions of the Companies Act 2006, AIM listing rules and tax legislation. • We enquired of the Directors and management concerning the Group’s and the Parent Company’s policies and procedures relating to: – identifying, evaluating and complying with the laws and regulations and whether they were aware of any instances of non-compliance; – detecting and responding to the risks of fraud and whether they had any knowledge of actual or suspected fraud; and – the internal controls established to mitigate risks related to fraud or non- compliance with laws and regulations. • We assessed the susceptibility of the financial statements to material misstatement, including how fraud might occur by evaluating management’s incentives and opportunities for manipulation of the financial statements. This included utilising the spectrum of inherent risk and an evaluation of the risk of management override of controls. We determined that the principal risks related to revenue recognition and the inappropriate capitalisation of development costs. Audit response to risks identified In respect of the above procedures: • we corroborated the results of our enquiries through our review of the minutes of the Group’s and the Parent Company’s audit committee meetings; • audit procedures performed by the • the Senior Statutory Auditor considered the experience and expertise of the engagement team to ensure that the team had the appropriate competence and capabilities; and • we communicated relevant laws and regulations and potential fraud risks to all engagement team members, and remained alert to any indications of fraud or non-compliance with laws and regulations throughout the audit. USE OF OUR REPORT This report is made solely to the Parent Company’s members, as a body, in accordance with Chapter 3 of Part 16 of the Companies Act 2006. Our audit work has been undertaken so that we might state to the Parent Company’s members those matters we are required to state to them in an auditor’s report and for no other purpose. To the fullest extent permitted by law, we do not accept or assume responsibility to anyone other than the Parent Company and the Parent Company’s members as a body, for our audit work, for this report, or for the opinions we have formed. engagement team in connection with the risks identified included: Andrew Gandell FCA (SENIOR STATUTORY AUDITOR) for and on behalf of MHA, Statutory Auditor London, United Kingdom 26 March 2024 MHA is the trading name of MacIntyre Hudson LLP, a limited liability partnership in England and Wales (registered number OC312313) – reviewing financial statement disclosures and testing to supporting documentation to assess compliance with applicable laws and regulations expected to have a direct impact on the financial statements. – testing journal entries, including those processed late for financial statements preparation, those posted by infrequent or unexpected users, those posted to unusual account combinations; – evaluating the business rationale of significant transactions outside the normal course of business, and reviewing accounting estimates for bias; – enquiry of management around actual and potential litigation and claims. – challenging the assumptions and judgements made by management in its significant accounting estimates, in particular those relating to capitalisation of development costs; and – performed substantive procedures on the recognition and existence of revenues and the capitalisation of development costs in the period. 48 Corero Network Security plc Annual Report and Accounts 2023 Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory CONSOLIDATED INCOME STATEMENT FOR THE YEAR ENDED 31 DECEMBER 2023 Continuing operations Revenue Cost of sales Gross profit Operating expenses Consisting of: Note 4 year ended 31 December 2023 $’000 year ended 31 December 2022 $’000 22,349 (2,164) 20,185 20,121 (2,576) 17,545 (20,201) (16,869) Operating expenses before depreciation and amortisation Depreciation and amortisation of intangible assets (18,428) (14,926) 10,11,12 (1,773) (1,943) Operating (loss)/profit Finance income Finance costs (loss)/profit before taxation Taxation (charge)/credit (loss)/profit after taxation (loss)/profit after taxation attributable to equity owners of the parent Basic and diluted earnings/(loss) per share Basic earnings per share Diluted earnings per share EBITDA Adjusted EBITDA – for unrealised foreign exchange differences on intercompany loan The notes on pages 54 to 82 form part of these financial statements. 5 5 6 7 7 8 8 (16) 44 (181) (153) (17) (170) (170) 676 7 (279) 404 150 554 554 Cents Cents 0.0 0.0 1,757 2,186 0.1 0.1 2,619 1,658 Corero Network Security plc Annual Report and Accounts 2023 49 CONSOLIDATED STATEMENT OF COMPREHENSIVE INCOME FOR THE YEAR ENDED 31 DECEMBER 2023 (loss)/profit for the year Other comprehensive income/(expense): Items reclassified subsequently to profit or loss upon derecognition: Foreign exchange differences Other comprehensive income/(expense) for the year net of taxation attributable to the equity owners of the parent total comprehensive income/(expense) for the year attributable to the equity owners of the parent year ended 31 December 2023 $’000 year ended 31 December 2022 $’000 (170) 554 628 458 458 (1,087) (1,087) (533) 50 Corero Network Security plc Annual Report and Accounts 2023 Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory CONSOLIDATED STATEMENT OF FINANCIAL POSITION AS AT 31 DECEMBER 2023 Assets Non-current assets Goodwill Intangible assets Property, plant and equipment – owned assets Leased right of use assets Current assets Inventories Trade and other receivables Cash and cash equivalents total assets liabilities Current liabilities Trade and other payables Lease liabilities Deferred income Borrowings Net current assets Non-current liabilities Trade and other payables Lease liabilities Deferred income Borrowings Net assets Capital and reserves attributable to the equity owners of the parent Share capital Share premium Capital redemption reserve Share options reserve Foreign exchange translation reserve Accumulated profit and loss reserve total shareholders’ equity As at 31 December 2023 $’000 As at 31 December 2022 $’000 Note 9 10 11 12 13 14 15 12 18 16 15 12 18 16 20 21 8,991 4,820 633 309 8,991 4,502 604 62 14,753 14,159 96 8,427 5,160 13,683 28,436 (3,902) (164) (4,992) – (9,058) 4,625 – (151) (2,491) – (2,642) 16,737 6,999 82,430 7,051 2,007 (1,965) (79,785) 16,737 164 6,865 5,646 12,675 26,834 (3,956) (78) (3,323) (971) (8,328) 2,776 (100) – (2,285) (237) (2,622) 15,884 6,980 82,284 7,051 1,777 (2,593) (79,615) 15,884 These financial statements were approved and authorised for issue by the Board of Directors on 26 March 2024 and signed on their behalf. Carl Herberger DIRECTOR The notes on pages 54 to 82 form part of these financial statements. Corero Network Security plc Annual Report and Accounts 2023 51 CONSOLIDATED STATEMENT OF CASH FLOWS FOR THE YEAR ENDED 31 DECEMBER 2023 Operating activities (Loss)/Profit before taxation for the year Adjustments for movements: Amortisation of acquired intangible assets Amortisation of capitalised development expenditure Depreciation – owned assets Depreciation – leased assets Assets redesignated from PPE to Cost of Sales Finance income Finance expense Finance lease interest costs Share based payments expense year ended 31 December 2023 $’000 year ended 31 December 2022 $’000 (153) 404 2 1,504 423 116 30 (44) 164 17 233 2 1,732 497 82 – (7) 268 11 386 Cash generated from operating activities before movement in working capital 2,292 3,375 Movement in working capital: Decrease/(increase) in inventories (Increase)/decrease in trade and other receivables Increase/(decrease) in trade and other payables Net movement in working capital Cash generated from/(used in) operating activities Taxation (paid) / received Net cash generated from/(used in) operating activities Cash flows from investing activities Investment in development expenditure Purchase of property, plant and equipment Finance income Net cash used in investing activities Cash flows from financing activities Net proceeds from issue of ordinary share capital Lease liability payments Finance expense Repayments of borrowings Net cash (used in)/generated from financing activities (Decrease)/increase in cash and cash equivalents Effects of exchange rates on cash and cash equivalents Cash and cash equivalents at 1 January Cash and cash equivalents at 31 December The notes on pages 54 to 82 form part of these financial statements. 52 Corero Network Security plc Annual Report and Accounts 2023 68 (1,248) 2,035 855 3,147 (17) 3,130 (1,824) (812) 44 (26) (3,867) (1,361) (5,254) (1,879) 150 (1,729) (1,704) (420) 7 (2,592) (2,117) 165 (143) (78) (1,317) (1,373) (835) 349 5,646 5,160 228 (104) (158) (1,364) (1,398) (5,244) (311) 11,201 5,646 Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory CONSOLIDATED STATEMENT OF CHANGES IN EQUITY FOR THE YEAR ENDED 31 DECEMBER 2023 Share capital $’000 6,914 Share premium account $’000 Capital redemption reserve $’000 82,122 7,051 Share options reserve $’000 1,490 Foreign exchange translation reserve $’000 Accumulated profit and loss reserve $’000 total attributable to equity owners of the parent $’000 (1,506) (80,268) 15,803 1 January 2022 Profit for the year Other comprehensive income total comprehensive expense for the year Contributions by and distributions to owners Issue of share capital – exercise of options Fully exercised share options Share based payments total contributions by and distributions to owners – – – 66 – – 66 – – – 162 – – 162 – – – – – – – 31 December 2022 and 1 January 2023 6,980 82,284 7,051 (Loss)/Profit for the year Other comprehensive income total comprehensive income for the year Contributions by and distributions to owners Issue of share capital – exercise of options Fully exercised share options Share based payments total contributions by and distributions to owners – – – 19 – – 19 – – – 146 – – 146 – – – – – – – 31 December 2023 6,999 82,430 7,051 The share capital comprises the nominal values of all shares issued. – – – – (99) 386 287 1,777 – – – – (3) 233 230 2,007 – (1,087) (1,087) – – – – 554 – 554 – 99 – 99 554 (1,087) (533) 228 – 386 614 (2,593) (79,615) 15,884 – 628 628 – – – – (170) – (170) – – – – (170) 628 458 165 (3) 233 395 (1,965) (79,785) 16,737 The share premium account comprises the amounts subscribed for share capital in excess of the nominal value, net of issuance costs. The capital redemption reserve comprises the amount transferred from deferred shares on redemption of the deferred shares. The share options reserve represents the cost to the Group of share options. The foreign exchange translation reserve arises on retranslating the net assets of UK operations into US dollars. The retained earnings are all other net gains and losses and transactions with owners not recognised elsewhere. The notes on pages 54 to 82 form part of these financial statements. Corero Network Security plc Annual Report and Accounts 2023 53 NOTES TO THE FINANCIAL STATEMENTS 1. GENERAL INFORMATION Corero Network Security plc (Company number 02662978) is a public company limited by shares, incorporated in the United Kingdom under the Companies Act 2006 and registered in England and Wales. The functional currency of the Company entity is GBP. Presentation currency These consolidated financial statements are presented in US dollars (‘$’) rounded to the nearest $’000 unless otherwise stated. US dollars represents the presentational currency of the Group as all commercial activity is denominated in US dollars as per industry standards. The average $-GBP sterling (‘GBP’) exchange rates used for the conversion of the Consolidated Monthly Income Statements for the year ended 31 December 2023 was between 1.21-1.29 (2022: between 1.20-1.36). The closing $-GBP exchange rate used for the conversion of the Group’s assets and liabilities at 31 December 2023 was 1.27 (2022: 1.21). 2. MATERIAL ACCOUNTING POLICIES 2.1 Basis of preparation The Group financial statements have been prepared in accordance with UK adopted International Accounting Standards (‘UK adopted IFRS’) and those parts of the Companies Act 2006 relevant to companies which report in accordance with UK adopted IFRS. 2.2 Going Concern The financial statements have been prepared on a going concern basis. The Directors have prepared detailed income statement, balance sheet and cash flow projections for the period to 30 June 2025 (‘going concern assessment period’). The cash flow projections have been subjected to sensitivity analysis of the revenue, cost and combined revenue and cost levels which demonstrate that the Group and Company will maintain a positive cash balance through the going concern assessment period. As part of the sensitivity analysis, the Directors have noted that should the forecasted revenues not be achieved, mitigating actions can be taken to address any cash flow concerns. 2.3 Basis of consolidation The consolidated financial statements incorporate the results, assets, liabilities, and cash flows of the Company and each of its subsidiaries for the financial year ended 31 December 2023. Subsidiaries are entities controlled by the Group. Control is deemed to exist when the Group has all of the following elements: a) power over the subsidiary, b) exposure or rights to variable returns from that subsidiary, and c) ability to use its power to affect the amount of the return from the subsidiary. The results, assets, liabilities and cash flows of subsidiaries are included in the consolidated financial statements from the date control commences until the date that control ceases. These actions include deferral of capital expenditure, reduction in marketing and other variable expenditure alongside a hiring freeze. Where necessary, adjustments are made to the financial statements of subsidiaries to bring the accounting policies used into line with those used by the Group. The Directors are also not aware of any significant matters in the remainder of calendar 2025 that occur outside the going concern period that could reasonably possibly impact the going concern conclusion. The Directors have also considered the geo-political environment, including rising inflation in some of our key markets and the conflict in Ukraine and Palestine, and whilst the impact on the Group is currently deemed minimal, the Directors remain vigilant and ready to implement mitigation action in the event of a downturn in demand or an impact on operations. On this basis, the Directors have therefore concluded that it is appropriate to prepare the financial statements on a going concern basis. Intra-group balances and transactions are eliminated on consolidation. 2.4 Revenue The Group’s revenue is derived from the following products and services: • appliance and perpetual software licenses; • software subscription licenses for a defined term; • support services for a defined term; • installation and training services; • DDoS Protection as-a-Service (‘DDPaaS’) for a defined term; and • SecureWatch Managed Service (enhanced security monitoring services) for a defined term. The element of DDPaaS revenues pertaining to as-a-service assets is included in reported revenues and is recognised on a straight– line basis over the term of the contract. 54 Corero Network Security plc Annual Report and Accounts 2023 Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory Performance obligations, timing of revenue recognition and revenue recognition Revenue is recognised when performance obligations are completed and control of the goods (appliances and software) transfer to the customer and services are delivered. Goods are shipped free on board (‘FOB’) from Corero, or Corero’s contract manufacturer, to the customer. The point at which the performance obligation of delivery of goods is fulfilled is at the point of FOB shipment to the customer and for software at the point of electronic transfer to the customer. Revenue recognised on transfer of control of appliance and software products (point in time) Appliance, perpetual software licenses and software subscription licenses Revenue recognised over-time (over the term of the contract) Support, DDPaaS and SecureWatch Managed services Revenue recognised once the service has been delivered Installation and training services Determining the transaction price The contract price is determined by reference to the Corero Sales Quotation or DDPaaS Agreement and is a fixed price. Certain DDPaaS contracts have an element of the transaction value or all of the transaction value determined by reference to a share of the customers’ revenue generated from the Corero solution (‘Revenue Share’). This Revenue Share revenue is recognised when the Revenue Share is determined. Corero does not have any other variable consideration payable by the customer and does not pay any consideration to the customer. There is no provision for purchase price adjustments, right of return or price concessions. Allocating amounts to performance obligations For contracts containing only a single performance obligation (annual support services, DDPaaS and SecureWatch Managed Service) there is no requirement to make an allocation of the contract price. For contracts containing multiple products, the transaction price is allocated to the separate performance obligations based on relative stand–alone selling prices (‘SSP’). The SSP is determined using defined price lists and historic customer discount rates. Contract assets and liabilities Contract assets arise when goods and services have been delivered and invoiced but payment is not yet due. Contract liabilities arise for future delivery of services which have been invoiced and payment is due. Contract liabilities are shown as deferred income in the Statement of Financial Position. 2.5 Interest income Interest income, including income arising from finance leases and other financial instruments, is recognised using the effective interest method. 2.6 Government grants Government grants are recognised at fair value when there is reasonable assurance that the Group will comply with the conditions attaching to them and the grant will be received. Grants related to purchase of assets are treated as deferred income and allocated to the Consolidated Income Statement over the useful lives of the related assets while grants related to expenses are netted off against the related item of expenditure in the Consolidated Income Statement. 2.7 Cost of sales Cost of sales includes all direct costs associated with revenue generation, including goods directly related to revenue, services delivery, operation costs, DDoS as- a-service depreciation and amounts charged by external third parties for services. Examples of such costs would include third-party appliance costs and third-party software license costs. Incremental costs of obtaining a contract Deferred sales commission relating to the support and DDPaaS revenue from a new sales contract is recorded in prepayments and amortised over five years. Corero follows the requirements of the IFRS 15 standard with regards to the amortisation period which requires amortisation on a systematic basis that is consistent with the transfer to the customer of the goods or services to which the asset relates. The expectation, supported by historic evidence, is that customers will generally renew their support contracts for more than three years with the additional expectation of follow- on hardware and software (and associated services) business from a significant number of existing customers. Based on this, and consistent with previous treatment, Corero has assessed that a reasonable period for capitalised sales commission to be amortised is five years. Periodic customer reviews will be undertaken to ascertain if there is any evidence that the value of the customer relationship has been negatively impacted, in which case the prepayment will be appropriately written down. Applying the practical expedient, Corero recognises the incremental costs of obtaining contracts as an expense when incurred if the amortisation period of the prepayment that Corero otherwise would have recognised is one year or less. Fulfilment costs Corero’s principal fulfilment costs relate to the costs of the Corero customer support team which delivers the customer support services, DDPaaS services and the SecureWatch Managed services. These costs are not separately allocated or identifiable against specific customers. Therefore, these costs are recognised in the period in which they are incurred in the Consolidated Income Statement. Corero Network Security plc Annual Report and Accounts 2023 55 Expenditure not meeting these criteria, such as expenditure incurred on research, is expensed in the Consolidated Income Statement when it is incurred. After initial recognition, internally generated intangible assets are carried at cost less accumulated amortisation and any impairment losses. Amortisation is charged once the asset is capable of generating economic benefits. Acquired intangible assets Identifiable intangible assets acquired as part of a business combination are initially recognised separately from goodwill, irrespective of whether the assets have been recognised by the acquiree before the business combination. An intangible asset is considered identifiable only if it is separable or if it arises from contractual or other legal rights, regardless of whether those rights are transferable or separable from the entity or from other rights and obligations. Intangible assets acquired as part of a business combination and recognised by the Group are computer software and customer relationships. Purchased computer software is carried at cost less accumulated amortisation and any impairment losses. Customer contracts and the related customer relationships are carried at cost less accumulated amortisation and any impairment losses. Amortisation Intangible assets are amortised on a straight–line basis to reduce their carrying value to zero over their estimated useful lives. The following useful lives were applied during the year: • Computer software acquired – three years straight line. • Capitalised development expenditure – five years straight line. Amortisation costs are included within operating expenses in the Consolidated Income Statement. Methods of amortisation and useful lives are reviewed, and if necessary adjusted, at each reporting date. 2.10 Property, plant and equipment Depreciation commences when an asset is available for use. Depreciation is calculated so as to write off the cost or value of an asset, net of anticipated disposal proceeds, over the useful life of that asset as follows: • Leasehold improvements – period of the lease (straight-line basis). • Right-of-use assets – period of the lease (straight-line basis). • Computer equipment, evaluation assets and DDoS Protection as-a-Service assets – three years (straight-line basis). • Fixtures and fittings – five years (straight-line basis). Property, plant and equipment is stated at cost less accumulated depreciation and any impairment losses. Cost comprises the purchase cost of property, plant and equipment together with any directly attributable costs. Evaluation assets are used by customers during proof-of-concept trials. Evaluation assets are stated at cost less accumulated depreciation. When an evaluation asset is retained by a customer as part of a sale, the net book value of the evaluation asset is charged to cost of sales. Depreciation of DDoS Protection as-a- Service assets is charged to cost of sales. Subsequent costs are included in an asset carrying value or are recognised as a separate asset when it is probable that future economic benefits associated with the additional expenditure will flow to the Group and the cost of the item can be measured reliably. All other costs are charged to the Consolidated Income Statement as incurred. Methods of depreciation, residual values and useful lives are reviewed, and if necessary adjusted, at each balance sheet date. The gain or loss arising from the disposal or retirement of an item of property, plant and equipment is determined as the difference between the net disposal proceeds and the carrying amount of the item and included in the Consolidated Income Statement. 2. SIGNIFICANT ACCOUNTING POLICIES CONTINUED 2.8 Foreign currencies Transactions in foreign currencies are translated at the exchange rate ruling at the date of each transaction. Foreign currency monetary assets and liabilities are retranslated using the exchange rates at the reporting date. Gains and losses arising from changes in exchange rates after the date of the transaction are recognised in profit or loss in the Consolidated Income Statement. Non-monetary assets and liabilities that are measured in terms of historical cost in a foreign currency are translated at the exchange rate at the date of the original transaction. In the consolidated financial statements, the net assets of the Group’s UK operations are translated from GBP into US dollars at the exchange rate at the reporting date. Income and expense items are translated into US dollars at the average exchange rates for the period. The resulting exchange differences are recognised in the foreign exchange translation reserve and in Other Comprehensive Income. 2.9 Intangible assets Internally generated intangible assets The Group’s internally generated intangible asset relates to its development expenditure. Development expenditure is capitalised only when it is probable that future economic benefit will result from the project and the following criteria are met: • the technical feasibility of the product and its availability for use or sale has been ascertained; • adequate technical, financial and other resources are available to complete the development and sell or use the intangible asset; • the Group can demonstrate the existence of a market for the output of the intangible asset or the intangible asset itself or, if it is to be used internally, the usefulness of the intangible asset; • it is the intention of management to complete the intangible asset and use it or sell it; and • the development costs can be measured reliably. 56 Corero Network Security plc Annual Report and Accounts 2023 NOTES TO THE FINANCIAL STATEMENTS CONTINUED Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory 2.11 Inventory Inventory is stated at the lower of cost or net realisable value. Cost is computed using standard cost, which approximates to actual cost, on a first-in, first-out basis. Rapid technological change and new product introductions and enhancements could result in excess or obsolete inventory, the value of which may not be recoverable. To minimise this risk, the Group evaluates inventory levels and expected usage on a periodic basis and records valuation allowances as required. 2.12 Impairment At each reporting date, the Group assesses whether there is any indication that its assets have been impaired. If any such indication exists, the recoverable amount of the asset is estimated in order to determine the extent of any impairment. If it is not possible to estimate the recoverable amount of the individual asset, the recoverable amount of the cash-generating unit (‘CGU’) to which the asset belongs is determined. The recoverable amount of an asset or a CGU is the higher of its fair value less costs to sell and its value in use. The recoverable amount is calculated using the present value of the future cash flows expected to be derived from an asset or CGU. This present value is derived using a cost of capital rate that reflects current market assessments of the time value of money and of the risks specific to the asset for which future cash flow estimates have not been adjusted. If the recoverable amount of an asset is less than its carrying amount, the carrying amount of the asset or CGU is reduced to its recoverable amount. That reduction is recognised as an impairment loss. An impairment loss relating to assets carried at cost less any accumulated depreciation or amortisation is recognised immediately in the Consolidated Income Statement. Goodwill acquired in a business combination is, from the acquisition date, allocated to each of the CGU’s or groups of CGU’s that are expected to benefit from the synergies of the combination. Goodwill is tested for impairment at least annually, and whenever there is an indication that the asset may be impaired. An impairment loss is recognised for CGU’s if the recoverable amount of the CGU is less than the carrying amount of the CGU. The impairment loss is allocated to reduce the carrying amount of the assets of the CGU by first reducing the carrying amount of any goodwill allocated to the CGU, and then reducing the carrying amounts of the other assets of the CGU pro rata. If an impairment loss subsequently reverses, the carrying amount of the asset or CGU is increased to the revised estimate of its recoverable amount but limited to the carrying amount that would have been determined had no impairment loss been recognised in prior years. A reversal of an impairment loss is recognised in the Consolidated Income Statement. Impairment losses on goodwill are not subsequently reversed. 2.13 Leases All leases are accounted for by recognising a right-of-use asset and a lease liability except for: • leases with a duration of 12 months or less; and • leases of low value assets. Lease liabilities are measured at the present value of the contractual payments due to the lessor over the lease term, with the discount rate determined by reference to the rate implicit in the lease unless this is not readily determinable, in which case the Group’s incremental borrowing rate on commencement of the lease is used. To determine the incremental borrowing rate, the Group, where possible, uses recent third-party financing received by the individual lessee as a starting point, adjusted to reflect changes in financing conditions since third-party financing was received. The Group uses a build-up approach that starts with a risk-free interest rate adjusted for credit risk for leases held by the Group, which does not have recent third-party financing, and makes adjustments specific to the lease, e.g. term, country, currency and security. If a readily observable amortising loan rate is available to the individual lessee (through recent financing or market data) which has a similar payment profile to the lease, then the Group uses that rate as a starting point to determine the incremental borrowing rate. On initial recognition, the carrying value of the lease liability also includes: • the exercise price of any purchase option granted in favour of the Group if it is reasonably certain to assess that option; and • any penalties payable for terminating the lease, if the term of the lease has been estimated on the basis of termination option being exercised. Right-of-use assets are initially measured at the amount of the lease liability, reduced for any lease incentives received, and increased for: • lease payments made at or before commencement of the lease; • initial direct costs incurred; and • the amount of any provision recognised where the Group is contractually required to dismantle, remove, or restore the lease. Subsequent to initial measurement, lease liabilities increase as a result of interest charged at a constant rate on the balance outstanding and are reduced for lease payments made. Lease payments are analysed between capital and interest. The interest element is charged to the Consolidated Income Statement over the period of the lease. The capital element reduces the balance owed to the lessor. Right-of-use assets are amortised on a straight-line basis over the remaining term of the lease or over the remaining economic life of the asset. The total rentals payable under leases which are not recognised as a right-of-use asset and a lease liability (an ‘operating lease’) are charged to the Consolidated Income Statement on a straight-line basis over the lease term. 2.14 Taxation The tax expense represents the sum of current tax and deferred tax. Current tax Current tax is based on taxable profit for the year and is calculated using tax rates and laws enacted or substantively enacted at the reporting date. Taxable profit differs from accounting profit either because items are taxable or deductible in periods different to those in which they are recognised in the financial statements (temporary differences), or because they are never taxable or • amounts expected to be payable under deductible (permanent differences). any residual value guarantee; Corero Network Security plc Annual Report and Accounts 2023 57 2. SIGNIFICANT ACCOUNTING POLICIES CONTINUED Deferred tax Deferred tax on temporary differences at the reporting date between the tax bases of assets and liabilities and their carrying amounts for financial reporting purposes is accounted for using the balance sheet liability method. Using the balance sheet liability method, deferred tax liabilities are recognised in full for all taxable temporary differences and deferred tax assets are recognised to the extent that it is probable that taxable profits will be available against which deductible temporary differences can be utilised. However, if the temporary difference arises from the initial recognition of goodwill or the initial recognition of an asset or liability in a transaction other than a business combination, that at the time of the transaction affects neither accounting nor taxable profit, it is not recognised as a deferred tax asset or liability. Deferred taxation is measured at the tax rates and laws that are expected to apply when the asset is realised, or the liability settled, based on tax rates and laws enacted or substantively enacted at the reporting date 2.15 Post-retirement benefits The Group makes contributions in respect of certain employees to defined contribution pension plans under which it is required to pay fixed contributions to Group and personal pension funds. Trade and other receivables Trade and other receivables are stated at their fair value at time of initial recognition, reflecting, where material, the time value of money. A provision for impairment of trade receivables is established when there is evidence that the Group has an expected credit loss over the lifetime of the assets based on historical trends. The simplified approach is used for assessing the expected credit loss on trade receivables, requiring the lifetime expected credit loss to be recorded as the provision for impairment. An impairment provision is recorded against the intercompany loan note instrument between the Company and Corero Network Security, Inc. based on calculating the risk adjusted carrying value of the loan to take account of the credit loss which is expected to arise over the period until the cash is realised. The amount of the provision is based on whether there has been a significant increase in credit risk since the initial recognition of the loan. In situations where the credit risk has not increased significantly and the loan amount is expected to be recovered, the expected credit loss is limited to the effect of discounting the intercompany loan over the period until repayment is realised at the effective interest rate. Cash and cash equivalents Cash and cash equivalents include cash on hand and short-term deposits with an original maturity of three months or less that are readily convertible to known amounts of cash. Contributions to the schemes are based on a proportion of the employees’ earnings and are charged to the Consolidated Income Statement. The Group has no obligation beyond these contributions. Trade and other payables Trade and other payables are not interest bearing and are stated at their fair value at time of initial recognition. Thereafter they are accounted for at amortised cost. 2.16 Financial instruments The Group classifies financial instruments, or their component parts, on initial recognition as a financial asset, a financial liability, or an equity instrument in accordance with the substance of the contractual arrangement. Debt obligations Debt obligations include interest bearing bank borrowings which are stated at their fair value less transaction costs at time of initial recognition. Debt obligations are subsequently measured at amortised cost. Financial assets and financial liabilities are recognised in the Group’s Statement of Financial Position when the Group becomes party to the contractual provisions of the instrument. The particular recognition and measurement methods adopted for the Group’s financial instruments are disclosed below: 2.17 Equity instruments An equity instrument is any contract that evidences a residual interest in the assets of the Company after deducting all its liabilities. Equity instruments issued by the Company are recorded at the proceeds received, net of directly attributable issue costs. 58 Corero Network Security plc Annual Report and Accounts 2023 2.18 Employee share option schemes The Group operates an equity-settled share- based compensation plan. The fair value of the employees’ services received in exchange for the grant of share options is measured at grant date and recognised as an expense on a straight-line basis over the vesting period, based on the Group’s estimate of shares that will eventually vest. Fair value is determined by reference to the Black-Scholes option pricing model. If a granted option is cancelled and regranted the increase in fair value of the granted option measured immediately before and after the cancellation and regrant is added to the value of the employee’s service received in exchange for the grant. If an option grant is cancelled the previously recorded expense is credited to the Consolidated Income Statement. At each reporting date, the Group revises its estimate of the number of options that are expected to become exercisable. When share options are exercised, the proceeds received, net of any transaction costs, are credited to share capital (nominal value) and share premium. 2.19 Standards and Interpretations not yet effective The Group has applied the following standards and amendments for the first time for its annual reporting period commencing 1 January 2023: • IFRS 17 Insurance Contracts; • Definition of Accounting Estimates – amendments to IAS 8; • International Tax Reform – Pillar Tow Model Rules – amendments to IAS 12; • Deferred Tax related to Assets and Liabilities arising from a Single Transaction – amendments to IAS 12; and • Disclosure of Accounting Policies – Amendments to IAS 1 and IFRS Practice Statement 2. The amendments listed above did not have any impact on the amounts recognised in prior periods and are not expected to significantly affect the current or future periods. There are a number of standards, amendments to standards, and interpretations which have been issued that are effective in future accounting periods that the Group has decided not to adopt early as they will not have a significant impact on the presentation of the Group financial statements. NOTES TO THE FINANCIAL STATEMENTS CONTINUED Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory 3. CRITICAL ACCOUNTING JUDGEMENTS AND KEY SOURCES OF ESTIMATION UNCERTAINTY 3.1 Critical judgements in applying the Group’s accounting policies In the process of applying the Group accounting policies, the following judgements have had a significant effect on the amounts recognised in the financial statements: Internally generated research and development costs Management monitors progress of internal research and development projects. Judgement is required in distinguishing the research phase from the development phase. Development costs are recognised as an asset when all criteria are met and a project has passed the feasibility phase, whereas research costs are expensed as incurred. Management monitors whether the recognition requirements for development costs continue to be met. This is necessary as the economic success of any product development is uncertain. Going concern The Directors have reviewed the future profit and cash flow projections in conjunction with the current economic climate in order to express an opinion on the adequacy of working capital and the ability to continue as a going concern for the foreseeable future. The methodology contained in the projections is detailed in the note 2.2. 3.2 Key accounting estimates and assumptions Key assumptions concerning the future and other key sources of estimation uncertainty that have a significant risk of causing a material adjustment to the carrying amounts of assets and liabilities within the next financial year are as follows: Impairment of intangible assets and property, plant and equipment The Group tests goodwill at least annually for impairment, and whenever there is an indication that the asset may be impaired. All other intangible assets and property, plant and equipment are tested for impairment when indicators of impairment exist. Impairment is determined with reference to the higher of fair value less costs to sell and value in use. Fair value less costs to sell is estimated using discounted future cash flows. Significant assumptions are made in estimating future cash flows about future events including future market conditions, future growth rates and appropriate discount rates. Changes in these assumptions could affect the outcome of impairment reviews. Details of the main assumptions used in the assessment of the carrying value of the Group’s CGU are set out in note 9. Impairment of investments (applies to the Company financial statements only) The Directors have reviewed the cost of investments in subsidiaries of the Company with reference to current and future trading conditions. The investment in subsidiaries has been reviewed with reference to a valuation based on a discounted free cash flow, in conjunction with the goodwill impairment review, which the Directors consider to be an appropriate valuation methodology. Standalone Selling Price – Revenue recognition On a quarterly basis the Group analyses the selling prices for each deal compared to the current Standalone Selling Price (‘SSP’). This analysis includes grouping similar deals based on qualitative factors such as customer profile, size, and region, together with a quantitative comparison to the then current SSP. SSP fair value prices are adjusted for future quarters if management identifies a pattern of variances of greater than 10% between actual selling prices and the then current SSP. 4. SEGMENT REPORTING Operating segments The Group is managed according to one business unit, Corero Network Security, which makes up the Group’s reportable operating segment. This business unit forms the basis on which the Group reports its operating segment information to the Board, which management consider to be the Chief Operating Decision maker for the purposes of IFRS 8 Operating Segments. The Group’s revenues from external customers for the country of the Group’s domiciles and each individually material country (those over 10% of Group revenues) are as follows: 2023 $’000 2022 $’000 United States 15,855 13,527 United Kingdom 2,122 2,307 Others total 4,372 4,286 22,349 20,121 Revenues from external customers are identified on the basis of invoicing systems and adjusted to take into account the difference between invoiced amounts and deferred revenue adjustments as required by IFRS. In 2023, no individual customer accounted for over 10% of revenue. The Group’s largest customer accounted for 9.3% of 2023 revenue (2022: largest customer accounted for 13% of revenue). The revenue is analysed as follows for each revenue category: Software license and appliance revenue DDoS Protection as-a- Service revenue Maintenance and support services revenue total 2023 $’000 2022 $’000 8,186 8,107 5,599 4,854 8,564 7,160 22,349 20,121 The revenue is analysed by timing of delivery of goods or services as: 2023 $’000 2022 $’000 Point in time delivery 8,186 8,107 Over time total 14,163 12,014 22,349 20,121 No unsatisfied performance obligations arise except from those revenues which are recognised over time. See note 18 for further details. Corero Network Security plc Annual Report and Accounts 2023 59 4. SEGMENT REPORTING CONTINUED Non-current assets The group’s non-current assets located in countries of domicile and in each material country are as follows: United States United Kingdom total Contract balances 2023 $’000 9,698 5,055 2022 $’000 9,428 4,731 14,753 14,159 Contract assets Contract liabilities At 1 January Transfers in the period to/from trade receivables from/to contract assets Amounts included in contract liabilities that were recognised as revenue in the period from the opening balance Amounts included in contract liabilities that were recognised as revenue from amounts invoiced in the period Amounts invoiced in the period and not recognised as revenue in the period 2023 $’000 2,793 (10) – – – 2022 $’000 1,276 1,517 – – – At 31 December 2,783 2,793 5. (LOSS)/PROFIT FOR THE YEAR The following items have been included in arriving at the Group’s (loss)/profit for the year before taxation: Unrealised (gain)/loss on intercompany loan Finance expense – Clydesdale loan interest and fees Finance expense – lease liability Research and development expenditure not capitalised Inventory recognised as an expense in cost of sales Lease expenses for short term leases Amortisation of acquired intangible assets (note 10) Amortisation of capitalised development expenditure (note 10) Depreciation of property, plant and equipment (note 11) DDoS Protection as-a-Service asset depreciation (note 11) Auditor’s remuneration Remuneration received by the Company’s auditor for the audit of these Financial Statements The audit of the financial statements of other Group companies Fees payable to the Company’s auditor for taxation compliance services Fees payable to the Company’s auditor for taxation advisory services 60 Corero Network Security plc Annual Report and Accounts 2023 2023 $’000 5,608 – 2022 $’000 6,824 – (4,085) (4,629) (9,892) (5,880) 15,852 7,483 9,293 5,608 2023 $’000 429 164 17 1,981 1,354 58 2 1,504 267 272 2023 $’000 127 47 – – 174 2022 $’000 (961) 268 11 1,743 1,654 64 2 1,732 209 370 2022 $’000 137 44 33 46 260 NOTES TO THE FINANCIAL STATEMENTS CONTINUED Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory 6. TAX ON (LOSS)/PROFIT ON ORDINARY ACTIVITIES Current tax (charge) / credit total 2023 $’000 (17) (17) 2022 $’000 150 150 The tax assessed on the profit on ordinary activities for the year differs from the weighted average UK corporate rate of tax of 25% per the 2023/2024 2023 governmental budgets (2022: 19.0%). The differences are reconciled below: Total tax reconciliation (Loss)/profit before taxation Theoretical tax charge at UK Corporation tax rate 23.5% (2022: 19.0%) Effect of: – expenditure that is not tax deductible – accelerated capital allowances – other timing differences – losses utilised taxation charge R&D tax credits 2023 $’000 (153) (36) 103 – (50) – 17 – 2022 $’000 404 77 79 (28) 6 (134) – 150 In the year ending 31 December 2023, treatment of R&D tax credits has been updated to reflect these amounts in Operating expenses. In the previous financial year, R&D tax credits were recognised within the current tax charge/credit. The Directors believe this better aligns with the requirements of the financial standards. The amounts are not material. Factors affecting future tax charges As at 31 December 2023, the Group’s cumulative fixed asset timing differences were $131,000 (2022: $12,000) and no deferred tax asset has been recognised in respect of these items. Tax losses at 31 December 2023 amounted to $88.3 million (2022: $89.7 million). This comprised UK tax losses of $14.6 million and US tax losses of $73.7 million. The utilisation of US tax losses which are all attributable to Corero Network Security, Inc. is subject to the provisions of Section 382 of the United States Treasury Internal Revenue Code of 1986, as amended. Corero Network Security, Inc did not undergo an ownership change within the meaning of section 382 for the period 1 February 2017 to 31 December 2021, and thus $12.8 million of the US tax losses are available at full value to set-off against future taxable profits. The utilisation of the remaining US tax losses of $61.2 million will be subject to meeting the change of ownership test for the period prior to 1 February 2017. This test will be undertaken as and when these tax losses are required to offset against taxable profits of Corero Network Security, Inc. US tax losses expire 20 years from the end of the accounting period in which the loss arose. UK tax losses arising in the period prior to 1 April 2017 can only used against taxable profits of the same trade, after 1 April 2017 the losses can be used against total Company profits. Deferred tax assets of $3.65 million (2022: $3.4 million) relating to the UK tax losses (applying a tax rate of 25.0% to tax losses expected to unwind after 1 April 2023, the rate substantively enacted on 10 June 2021) and the deferred tax assets of $15.5 million (2022: $16.0 million) relating to the US tax losses and taxable temporary fixed asset differences (applying a tax rate of 21.0%) have not been recognised due to uncertainties as to the extent and timing of their future recovery. Corero Network Security plc Annual Report and Accounts 2023 61 7. EARNINGS PER SHARE Earnings per share is calculated by dividing the earnings attributable to ordinary shareholders of the Company by the weighted average number of ordinary shares in issue during the year. Diluted earnings per share is calculated by dividing the earnings attributable to ordinary shareholders of the Company by the weighted average number of ordinary shares in issue during the year plus the number of ordinary shares to be issued from the exercise of attributable share options. Basic earnings per share From loss/profit for the year Diluted earnings per share From loss/profit for the year Basic earnings/(loss) per share From (loss)/profit for the year Diluted earnings/(loss) per share Basic earnings per share Dilutive effect of share options Diluted earnings per share 2023 $’000 2022 $’000 0.0 0.0 2022 weighted average number of 1p shares thousand 495,900 495,900 15,248 511,148 0.1 0.1 profit per share Cents 0.1 0.1 – 0.1 2023 weighted average number of 1p shares thousand loss $’000 loss per share Cents (170) 500,221 0.0 (170) 500,221 – – (170) 500,221 0.0 – 0.0 profit $’000 554 554 – 554 8. KEY PERFORMANCE MEASURES EBITDA and Adjusted EBITDA Earnings before interest, tax, depreciation, and amortisation (‘EBITDA’) is defined as earnings from operations before interest, tax, depreciation, and amortisation charges. The following is a reconciliation of EBITDA and Adjusted EBITDA for the periods presented: (loss)/profit before taxation Adjustments for: Finance income Finance expense Finance lease interest costs Depreciation – owned assets Depreciation – right of use assets Amortisation of acquired intangible assets Amortisation of capitalised development expenditure eBitDA Unrealised foreign exchange differences on intercompany loan Adjusted eBitDA – for unrealised foreign exchange differences on intercompany loan 62 Corero Network Security plc Annual Report and Accounts 2023 year ended 31 December 2023 $’000 year ended 31 December 2022 $’000 (153) 404 (44) 164 17 151 116 2 1,504 1,757 429 2,186 (7) 268 11 127 82 2 1,732 2,619 (961) 1,658 NOTES TO THE FINANCIAL STATEMENTS CONTINUED Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory 9. GOODWILL Group Cost At 1 January 2022 At 31 December 2022 At 31 December 2023 impairment At 1 January 2022 At 31 December 2022 At 31 December 2023 Carrying amount At 1 January 2022 At 31 December 2022 At 31 December 2023 $’000 17,983 17,983 17,983 (8,992) (8,992) (8,992) 8,991 8,991 8,991 Goodwill is tested at least annually for impairment and when there are indications that goodwill might be impaired. Goodwill is allocated to the Group’s single CGU, Corero Network Security (‘CNS’). The recoverable amount for the CNS CGU was determined based on a discounted cash flow calculation to calculate fair values less costs to sell using cash flow projections over a 10 year period (2022: 10 year period). The discounted cash flow approach is a level 3 fair value calculation in the IFRS 13 fair value hierarchy. The key assumptions for the discounted cash flow calculation are those regarding revenue growth and discount rates as summarised in the table below and commented on below: Forecast cash flow period Extrapolated cash flow period 2023 2022 Years 1-2 Years 1-2 Years 3-10 Years 3-10 Cumulative annual growth rate (‘CAGR’) for revenue used for the forecast/extrapolated periods 9.5% 10.9% Growth rates (‘CAGR’) used for the forecast/extrapolated periods: Year 1–2 (forecast period) Years 3–5 (extrapolated period) Years 6–10 (extrapolated period) Revenue growth rate used beyond the extrapolated period Discount rate 9.0% 15.0% 6.5% 2.5% 18.5% 16.3% 15.0% 6.5% 2.5% 17.3% The pre-tax cash flows for the forecast period are derived from the most recent financial budget for the year ending 31 December 2024 (‘2024 Budget’) and the plan for the year ending 31 December 2025 (‘2025 Plan’) approved by the Board, with a sensitivity reflecting prior year experience and progress made in 2023 (10% applied to the 2024 Budget revenue and 15% to the 2025 Plan revenue). The extrapolation for the period 2026 to 2033 is based on management estimates (with the key assumptions set out below). The future pre-tax cash flows are discounted by a WACC of 18.5% (2022: 17.3%). The key assumptions underlying the cash flow projections and which the recoverable amount is most sensitive to are (i) the revenue growth rates forecast and extrapolated for the period 2026 to 2033 (ii) and the discount rate. The cash flow forecasts assume a CAGR revenue growth of 15% in the period 2025 to 2029 (15.5% for the period 2024 to 2028) and 6.5% for the period 2029 to 2033 (a ‘CAGR’ of 9.5% for 10-year forecast period; 2023: 10%). The cashflow forecasts reflect a sensitivity of 10% applied to the CNS 2024 Budget revenues and a sensitivity of 15% applied to the 2025 Plan revenues (and a sensitivity of 5% to 2024 operating costs and capital expenditure, and a sensitivity of 7.5% to 2025 operating costs and capital expenditure) reflecting prior year experience. The management of the Group believe these growth rates are appropriate for the forecasts given the significant progress the business made in 2021 and 2023, the strategy for 2024 which is focused on scaling the business for profitability through leveraging the Group’s expanded routes to market and the on-going investment in sales and marketing. This strategy is expected to deliver further increases in revenue in the forecast period. Corero Network Security plc Annual Report and Accounts 2023 63 9. GOODWILL CONTINUED The assumed growth rates are supported by the fact that the IT security market is forecast to grow strongly for the foreseeable future. The DDoS market is expected to reach $9.1 billion by 2030 (Source: Verified Market Research DDoS Protection and Mitigation Market Size and Forecast, 2024) – a CAGR of 14% during this period. The above market growth rates used in the future cash flow assumptions reflect that CNS is in the relatively early stages of the commercial exploitation of its intellectual property. In addition, the business’s strategy, aside from greater sales growth penetration, is to continue to develop its product and solution offerings to remain its market leadership technological credentials in its chosen markets thereby providing the opportunity to generate above market average growth rates. The growth rate assumed in the period beyond the 10-year extrapolation period of 2.5% is considered reasonable as historically IT spend has exceeded GDP growth. The discount rate is based on a cost of equity using the Capital Asset Pricing Model with the key inputs being a risk-free interest rate estimate of 4.0% (based on 10-year US government bonds) (2022: 3.88%), comparable company betas, an equity risk premium of 6.2% (2022: 6.2%), and small company risk premium of 4.5% (2022: 4.5%). The WACC has been assessed based on that fact that the Company had no debt at 31 December 2023 (debt at 31 December 2022: $1.2 million). The WACC used in the valuation reflects current market assessments of the time value of money and the risks specific to CNS. As stated above, the valuation to support the value in use of the CNS CGU is sensitive to changes in the cash flow forecasts and the discount rate assumptions, and there is no absolute guarantee that the expected growth will be achieved. If the discount rate is increased from 18.5% to 53.0%, this would mathematically result in an impairment of the carrying value of goodwill of $9 million meaning the goodwill would be fully impaired. If the sensitivity of 10% applied to the CNS 2024 Budget and 15% to the 2025 Plan revenues (and sensitivity of 5% to CNS 2024 Budget operating costs and capital expenditure, and 7.5% to the 2025 Plan operating costs and capital expenditure) was increased to 45% for the CNS 2024 Budget and 35% to the 2025 Plan revenues (and sensitivity of 22.5% to CNS 2024 Budget operating costs and capital expenditure, and 17.5% to the 2025 Plan operating costs and capital expenditure), this would mathematically result in an impairment of the carrying value of goodwill of $9 million meaning the goodwill would be fully impaired. Apart from the considerations in determining the value in use of the CNS CGU extensively described above, the management of the Group is not currently aware of any other reasonably possible changes that would necessitate changes in its key estimates. 10. INTANGIBLE ASSETS Cost At 1 January 2022 Additions At 31 December 2022 and at 1 January 2023 Additions At 31 December 2023 Amortisation At 1 January 2022 Charge for year At 31 December 2022 and at 1 January 2023 Charge for year At 31 December 2023 Net book value At 31 December 2023 At 31 December 2022 At 1 January 2022 64 Corero Network Security plc Annual Report and Accounts 2023 Capitalised development expenditure $’000 Computer software $’000 Customer relationships $’000 24,064 1,704 25,768 1,824 27,592 (19,536) (1,732) (21,268) (1,504) (22,772) 4,820 4,500 4,528 6,017 – 6,017 – 6,017 (6,013) (2) (6,015) (2) (6,017) – 2 4 total $’000 30,278 1,704 31,982 1,824 33,806 197 – 197 – 197 (197) (25,746) – (1,734) (197) (27,480) – (1,506) (197) (28,986) – – – 4,820 4,502 4,532 NOTES TO THE FINANCIAL STATEMENTS CONTINUED Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory 11. PROPERTY, PLANT AND EQUIPMENT Group Cost 1 January 2022 Additions Transfers Disposals Foreign currency translation At 31 December 2022 and 1 January 2023 Additions Transfers Disposals Foreign currency translation At 31 December 2023 Depreciation At 1 January 2022 Charge for year Transfers Disposals Foreign currency translation At 31 December 2022 and at 1 January 2023 Charge for year Transfers Disposals Foreign currency translation At 31 December 2023 Net book value At 31 December 2023 At 31 December 2022 At 1 January 2022 Computer equipment $’000 Sales evaluation assets $’000 DDoS protection as-a-service assets $’000 Fixtures and Fittings $’000 leasehold improvements $’000 Right-of-use assets $’000 total $’000 997 114 – – (20) 1,091 131 – (403) 8 827 (939) (65) – – 20 (984) (66) – 403 (6) (653) 174 107 58 186 137 (57) (69) (10) 187 136 (8) (105) 22 232 (84) (38) 9 18 (1) (96) (62) 3 75 – 1,648 104 106 344 3,385 169 57 (64) (62) 1,748 182 8 – 37 – – – (1) – – – (2) 103 104 – – – – – – – 1 – – – – 344 363 – – – 1,975 103 105 707 (1,062) (370) (9) 31 41 (1,369) (272) (3) – (28) (87) (7) – – 2 (92) (7) – – – (73) (17) – – 2 (88) (16) – – (1) (199) (82) – – (1) (282) (116) – – – 420 – (133) (95) 3,577 812 – (508) 68 3,949 (2,444) (579) – 49 63 (2,911) (539) – 478 (35) (80) (1,672) (99) (105) (398) (3,007) 152 91 102 303 379 586 4 11 17 – 16 33 309 62 145 942 666 941 DDoS Protection as-a-Service assets’ depreciation is charged to cost of sales. Corero Network Security plc Annual Report and Accounts 2023 65 12. LEASES Right of use assets Right of use asset Accumulated depreciation total carrying amount of Right of use assets 2023 $’000 707 (398) 309 2022 $’000 344 (282) 62 Reconciliation of the carrying amount of lease assets at the beginning and end of the current and previous financial years are set out below: Opening carrying amount Additions Depreciation Closing carrying amount 2023 $’000 62 363 (116) 309 2022 $’000 145 – (83) 62 The Group leases buildings for its offices under agreements of two to four years with, in some cases, options to extend. Options to extend current leases have not been included in lease calculations as the Group did not have sufficient certainty at the time of commencement of the lease as to whether such options would be taken up. On renewal, the terms of the leases will be renegotiated. During the year the Group exercised its option to extend the US office in Marlborough, Massachusetts. The original lease expired 1 September 2023, with the exercised option continuing the lease agreement for a further 42 months ending 31 March 2025. This option extension was recognised as a Right of Use Asset addition of $145,000 in the year as it has not been previously recognised on commencement of the lease. Carrying amount of the Right of Use Asset at 31 December 2023 is $122,000. Also during the year, the Group entered into a lease agreement with Keysight Technologies for lease of equipment by the Corero Engineering department. This lease was recognised as a Right of Use Asset addition of $218,000 in the year, with a corresponding lease liability recognised. The lease runs for 36 months ending 31 July 2026. Carrying amount of the Right of Use Asset at 31 December 2023 is $187,000. Lease liabilities At 1 January Additions Payments Interest cost At 31 December Within 1 year Between 2 and 5 years At 31 December 2023 $’000 78 363 (143) 17 315 2023 $’000 164 151 315 2022 $’000 172 – (105) 11 78 2022 $’000 78 – 78 The Directors consider that the carrying amount of lease liabilities approximates to their fair value. All lease liabilities are held in US dollars within the Group. 66 Corero Network Security plc Annual Report and Accounts 2023 NOTES TO THE FINANCIAL STATEMENTS CONTINUED Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory 13. INVENTORIES Gross inventory Less: provision for impairment Net inventory 2023 $’000 160 (64) 96 2022 $’000 217 (53) 164 Net inventory comprises finished goods and raw materials. The value of inventory recognised as an expense in cost of sales was $1.4 million (2022: $1.7 million). 14. TRADE AND OTHER RECEIVABLES Trade receivables Contract assets (note 4) Less: provision for impairment of trade receivables Net trade receivables Other debtors Prepayments Deferred commissions 2023 $’000 2,306 2,783 (25) 5,064 179 1,827 1,357 8,427 2022 $’000 1,092 2,793 (25) 3,860 160 1,735 1,110 6,865 None of the Company’s trade and other receivables are secured by collateral or credit enhancements (2022: None). The Group applies the simplified approach to measuring expected credit losses using a lifetime expected credit loss for trade receivables and contract assets. To measure expected credit losses on a collective basis, trade receivables and contract assets are grouped based on a similar credit risk and aging. The expected loss rates are based on the Group’s historical credit losses experienced over a two-year period prior to the period end. The historical loss rates are then adjusted for current and forward-looking information on macroeconomic factors affecting the Group’s customers. The Group has identified gross domestic product growth rates, unemployment rates and inflation rates as the key macroeconomic factors in the countries in which the Group operates. The Directors consider that the carrying amount of trade and other receivables approximates their fair value. The Group assesses the credit risk and credit worthiness of potential customers on a case by case basis. The maturity profile of trade and other receivables is set out in the table below: In one year or less, or on demand In more than one year, but not more than five years 2023 $’000 6,914 1,513 8,427 2022 $’000 5,294 1,571 6,865 At 31 December 2023, presentation of Trade and other receivables in the Balance sheet has been changed in accordance with IAS 1. Trade and other receivables due to mature in over one year were previous presented as non current assets in the Balance sheet but are now disclosed within this note in accordance with IAS 1. The nature of the assets have not changed. The analysis of trade and other receivables by foreign currency is set out in the table below: US dollars UK pound 2023 $’000 6,200 2,227 8,427 2022 $’000 5,727 1,138 6,865 The Group’s foreign currency receivables are denominated in the functional currency of the subsidiaries in which they arise. There is no impact on the result for the year from exchange rate movements on such financial instruments. Corero Network Security plc Annual Report and Accounts 2023 67 15. TRADE AND OTHER PAYABLES Trade payables Other payables Accruals 2023 $’000 1,399 619 1,884 3,902 2022 $’000 1,619 159 2,278 4,056 None of the Group or Company’s trade and other payables are secured by collateral or credit enhancements. The Directors consider that the carrying amount of trade and other payables approximates their fair value. 74% (2022: 74%) of the trade and other payables are due in less than three months. The amounts due to subsidiaries are repayable on demand. The analysis of trade and other payables by foreign currency is set out in the table below: US dollars UK pound 2023 $’000 2,123 1,779 3,902 2022 $’000 2,161 1,895 4,056 The Group’s foreign currency payables are denominated in the functional currency of the subsidiaries in which they arise. There is no impact on the result for the year from exchange rate movements on such financial instruments. 16. BORROWINGS The Group borrowings: Bank loans 2023 $’000 – 2022 $’000 1,208 On 27 June 2023, the Group repaid all outstanding external borrowings from the £2.0 million term loan facility. There is no interest payable at 31 December 2023, and no contractual future cash flows in relation to the term loan facility. At 31 December 2023, the Group continues to have access to an undrawn £1.0 million Revolving Credit Facility (‘RCF’) which was due to expire in March 2024. At 31 December 2023, the remaining contractual future cash flows relating to the RCF amount to $88,982 payable in March 2024 in relation to the close out of the facility. The RCF was closed early in February 2024 with all fees due paid at that time. The bank loan was secured by debentures over the business assets of all Group companies and by Group company guarantees including a guarantee from the Company. The bank loan terms included typical covenants for such a loan, as well as revenue and cash consumption covenants, which were tested quarterly and monthly respectively. These covenants were met for each covenant reporting period in the reporting period ended 31 December 2023 and 31 December 2022. 68 Corero Network Security plc Annual Report and Accounts 2023 NOTES TO THE FINANCIAL STATEMENTS CONTINUED Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory 17. FINANCIAL INSTRUMENTS The Group’s financial instruments are categorised as shown below: Financial assets Trade and other receivables Cash Financial liabilities Trade and other payables Lease liabilities Borrowings Book Value 2023 $’000 Book Value 2022 $’000 5,243 5,160 10,403 4,020 5,646 9,666 Book Value 2023 $’000 Book Value 2022 $’000 3,902 315 – 4,217 4,134 78 1,208 5,420 For the purpose of this note financial assets – trade and other receivables exclude prepayments. The Group manages liquidity and credit risk in line with the financial risk management objectives and policies as set out on page 28. At the present time the Group does not have significant exposure interest rate risk. There are no differences between the fair values and book values held by the Group. 18. CONTRACT LIABILITIES Current More than one year but less than five years 2023 $’000 4,992 2,491 7,483 2022 $’000 3,323 2,285 5,608 The Group’s contract liability balance will be recognised as revenue evenly over the remaining term of the service and support agreements in place. The service and support agreements expire at various times throughout the year with no particular seasonality. 19. PENSIONS The Group’s pension arrangements are operated through defined contribution schemes. Defined contribution schemes Defined contribution pension costs 2023 $’000 245 2022 $’000 192 Corero Network Security plc Annual Report and Accounts 2023 69 20. SHARE CAPITAL Authorised share capital The authorised share capital comprises 745,821,970 (2022: 745,821,970) ordinary shares of 1 penny (‘p’) (1.4 cents (‘c’)) each. Issued ordinary share capital 1 January 2022 494,852,304 ordinary shares of 1p each Issued by way of option exercises 66,667 ordinary shares of 1p each (1.32c) 20,000 ordinary shares of 1p each (1.23c) 1,000,000 ordinary shares of 1p each (1.21c) 2,126,667 ordinary shares of 1p each (1.42c) 400,000 ordinary shares of 1p each (1.13c) 155,000 ordinary shares of 1p each (1.13c) 1,333,333 ordinary shares of 1p each (1.23c) 31 December 2022 499,953,971 ordinary shares of 1p each 230,000 ordinary shares of 1p each 1,344,497 ordinary shares of 1p each 31 December 2023 501,528,468 ordinary shares of 1p each 21. SHARE PREMIUM 1 January 2022 Issued by way of option exercises 66,667 ordinary shares of 4.25p each (5.61c) 20,000 ordinary shares of 15p each (18.45c) 1,000,000 ordinary shares of 15p each (18.15c) 2,126,667 ordinary shares of 15p each (21.3c) 400,000 ordinary shares of 4.25p each (4.80c) 155,000 ordinary shares of 4.25p each (4.80c) 1,333,333 ordinary shares of 4.25p each (5.23c) 31 December 2022 Issued by way of option exercises 230,000 ordinary shares of 4.25p each (5.37c) Issued by way of new shares allotted to CEO 1,344,497 ordinary shares of 8p each (9.9c) 31 December 2023 $’000 6,914 – – 12 30 5 2 17 6,980 3 16 6,999 $’000 82,122 1 1 18 45 19 8 70 82,284 13 133 82,430 Consideration received in excess of the nominal value is included in share premium, less registration, commission, and professional fees. 70 Corero Network Security plc Annual Report and Accounts 2023 NOTES TO THE FINANCIAL STATEMENTS CONTINUED Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory total 2023 $’000 12,694 1,355 336 245 total 2022 $’000 11,087 1,229 386 192 14,630 12,894 2023 Number 2022 Number 25 43 8 76 Company National insurance Contributions $’000 21 38 6 65 total 2023 $’000 571 266 41 737 36 38 116 1,805 22. EMPLOYEES AND DIRECTORS Employee expenses, including Directors, during the period Wages and salaries Social security costs Share based payments Other pension costs Average monthly numbers of employees (including Directors) employed Sales and marketing Technical, support and services Management, operations and administration Directors, being the Key Management personnel 2023 Directors Ashley Stephenson Andrew Miller2 Jens Montanana Lionel Chmilewsky Peter George Richard Last Phil Richards1 Salary & fees $’000 369 234 41 587 36 35 63 1,013 Bonus $’000 Benefits $’000 pension $’000 Subtotal $’000 Options $’000 186 – – – – – 31 217 6 – – 3 – – 3 12 – – – – – – 4 4 561 234 41 590 36 35 101 1,598 – – – – – – – – 10 32 – 147 – 3 15 207 1 Phil Richards was appointed to the Board effective 21 September 2023 and his remuneration has been pro rated accordingly 2 Andrew Miller held the position of interim COO for the period from 1 March to 31 August 2023 and interim CFO for the period 1 September 2022 to 31 December 2022 2022 Directors Ashley Stephenson Andrew Miller2 Jens Montanana Lionel Chmilewsky Peter George Richard Last Salary & fees $’000 346 140 40 365 36 34 961 Bonus $’000 Benefits $’000 pension $’000 Subtotal $’000 Options $’000 161 – – 167 – – 328 23 1 – 11 – – 35 – – – 53 – – 53 530 141 40 596 36 34 1,377 – – – – – – – Company National insurance Contributions $’000 9 18 – 127 – 3 total 2022 $’000 539 159 40 723 36 37 157 1,534 Corero Network Security plc Annual Report and Accounts 2023 71 22. EMPLOYEES AND DIRECTORS CONTINUED Bonus payments of $267,000 were awarded to Directors in respect of the year to 31 December 2023 (2022: $328,000). Lionel Chmilewsky had an employment agreement with a wholly owned subsidiary of the Company which provides for the payment of six months’ base salary if the agreement is terminated by the Company without cause. Lionel Chmilewsky resigned as a Director of the Company on 28 February 2023. Ashley Stephenson and Phil Richards both have employment agreements with a wholly owned subsidiary of the Company which provides for the payment of six months’ base salary if the agreement is terminated by the Company without cause. Phil Richards joined the Company on 21 November 2022 and was appointed to the Board as a Director effective 21 September 2023. This remuneration has been included in the above table from date of appointment to the Board. Andrew Miller has a non-interest bearing Director’s Loan of $72,000 (2022: $72,000) which is repayable in August 2030. Andrew Miller was appointed Interim Chief Operating Officer on 1st March 2023 until 1 October 2023. 23. CONTINGENT LIABILITIES Corero Network Security (UK) Limited was in December 2015 awarded a grant of £600,000 for a development project over three years from Scottish Enterprise. Any monies becoming repayable by Corero Network Security (UK) Limited under the grant terms for breaches of the grant conditions are guaranteed by the Company. These conditions which are typical for a grant of this nature, and which apply for a period of five years from the final grant payment date (being 14 March 2019), include maintaining minimum headcount in Scotland and no change of control. 24. SHARE OPTIONS The Company has the following share option schemes: • Enterprise Management Incentive Scheme for its employees, which has been approved by HMRC. • Executive Enterprise Management Incentive Scheme, which has been approved by HMRC. • Unapproved Share Option Scheme. • Deferred Payment Share Plan. Options granted have a three-year vesting period, vesting one third on the first anniversary of grant, one third on the second anniversary of grant and one third on the third anniversary of grant. Shares acquired on the exercise of an option may not be sold until the expiry of the second anniversary following the date of option grant. With the exception of options granted in April 2017 to Directors which include a revenue growth performance vesting condition, there are no vesting conditions for options granted. If an option holder ceases to be in employment or hold office within the Group, options granted shall immediately lapse unless such cessation is because of the option holder’s death; the option holder’s ill health or disability; the Company that employs the option holder ceasing to be under the control of the Company or such company ceasing to be within the Group; the transfer of sale of the undertaking or part-undertaking in which the option holder is employed to a person who is neither under the control of the Company nor within the Group; or any other reason that the Board in its absolute discretion shall determine. On a cessation of employment or office as set out above, options shall be exercisable to the extent they have vested according to the terms of the option agreement and the provisions of the relevant share option scheme and must be exercised within 30 days following such cessation unless otherwise determined by the Board or if such cessation is by reason of death in which case the option holder’s personal representatives must exercise the option within 12 months following the date of the option holder’s death. For option agreements granted post June 2020 and subject to the approval of the Board, where an option holder has, as at the date of the grant, been employed by a Group Company for a period of at least three years and whose employment is terminated either: (a) by the Company other than for cause; or (b) by resignation on the part of the option holder, such option holder shall be entitled to retain the options granted under the option agreement following the effective date of the termination and such retained options shall continue to vest and be exercisable by the option holder in accordance with the vesting terms set out in the agreement. Share options granted at 31 December 2023 were as follows: Option holders Date granted expiry date enterprise Management incentive Scheme exercise price – pence (cents) At 1 January 2023 Granted exercised Forfeit/ cancelled At 31 December 2023 Other Holders April 2019 April 2029 8.4p (10c) 10,000 September 2019 September 2029 2.5p (3c) 5,000 April 2020 April 2030 4.2p (5c) 357,500 – – – – – – – 10,000 (5,000) – (10,000) 347,500 72 Corero Network Security plc Annual Report and Accounts 2023 NOTES TO THE FINANCIAL STATEMENTS CONTINUED Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory Option holders Date granted expiry date exercise price – pence (cents) At 1 January 2023 Granted exercised Forfeit/ cancelled At 31 December 2023 (230,000) – 5,990,500 June 2020 June 2030 5.3p (7c) 6,220,500 September 2020 September 2030 7.8p (10c) 10,000 October 2020 October 2030 9.0p (12c) 12,500 January 2021 January 2031 13.0p (18c) 535,000 September 2022 September 2032 10.8p (12c) 410,000 – – – – – April 2023 April 2033 6.8p (8c) 410,000 155,000 executive enterprise Management incentive Scheme Andrew Lloyd Phil Richards April 2017 April 2023 April 2027 8p (10c) 2,083,333 – April 2033 6.8p (8c) September 2023 September 2033 7.1p (9c) unapproved French Share Option Scheme – 1,500,000 – 500,000 Lionel Chmilewsky June 2020 June 2030 5.3p (7c) 7,000,000 January 2021 January 2031 13.0p (18c) 500,000 unapproved Share Option Scheme Jens Montanana Richard Last Andrew Lloyd April 2017 May 2018 April 2027 8p (10c) 994,000 May 2028 13.6p (18c) 425,000 October 2018 October 2028 11.0p (14c) 400,000 January 2021 January 2031 13.0p (18c) 350,000 April 2017 June 2017 April 2027 8p (10c) 450,000 June 2027 13.6 (18c) 180,000 October 2018 October 2028 11.0p (14c) 200,000 January 2021 January 2031 13.0p (18c) 350,000 April 2017 June 2017 April 2027 8p (10c) 580,001 June 2027 13.6 (18c) 200,000 Ashley Stephenson June 2020 June 2030 5.3p (7c) 7,919,000 January 2021 January 2031 13.0p (18c) 350,000 Andrew Miller June 2020 June 2030 5.3p (7c) 5,775,000 Peter George January 2019 January 2029 11.3p (15c) 750,000 January 2021 January 2031 13.0p (18c) 350,000 – – – – – – – – – – – – – – – – – Carl Herberger November 2023 November 2033 9.0p (11c) – 11,533,492 unapproved Share Option Scheme continued Other holders April 2013 May 2014 April 2023 25p (38c) 100,000 May 2024 25p (42c) 670,666 September 2016 September 2026 22.5p (33c) 5,000 October 2018 October 2028 11.0p (14c) 50,000 September 2019 September 2029 2.5p (3c) 100,000 April 2020 April 2020 June 2020 April 2030 4.2p (5c) 405,000 April 2030 4.2p (5c) 50,000 June 2030 5.3p (7c) 4,423,500 September 2020 September 2030 7.8p (10c) 0 – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – (5,000) – 5,000 12,500 (25,000) 510,000 (20,000) 390,000 – – – – – 155,000 2,083,333 1,500,000 500,000 7,000,000 (166,667) 333,333 – – – 994,000 425,000 400,000 (350,000) – – – – – – – – – – – – – 450,000 180,000 200,000 350,000 580,001 200,000 7,919,000 350,000 5,775,000 750,000 350,000 11,533,492 (100,000) – – – – – 670,666 5,000 50,000 100,000 (200,000) 205,000 – – – 50,000 4,423,500 – 73 Corero Network Security plc Annual Report and Accounts 2023 24. SHARE OPTIONS CONTINUED Option holders Date granted expiry date exercise price – pence (cents) At 1 January 2023 Granted exercised January 2021 January 2031 13.0p (18c) 485,000 November 2021 November 2031 9.25p (12c) 25,000 January 2022 January 2032 13.0p(18c) 4,260,000 September 2022 September 2032 10.8p (12c) 910,000 – – – – April 2023 April 2033 6.8p (8c) – 245,000 – – – – – Forfeit/ cancelled At 31 December 2023 (75,000) 410,000 (25,000) – – 4,260,000 (510,000) 400,000 – 245,000 47,901,000 13,933,492 (230,000) (1,491,667) 60,112,825 The closing mid-market price for the Company’s shares at 31 December 2023 was 8.25p (10.5c) and the low and high for the year was 5.5p (7.0c) and 10.6p (13.5c). In the 12 months to 31 December 2023, 230,000 options were exercised (2022: 5,081,667) and 1,491,667 options were forfeited (2022: 2,117,500). The weighted average share price at date of exercise was 6.25p (8.0c). Share options granted at 31 December 2022 were as follows: Option holders Date granted expiry date enterprise Management incentive Scheme exercise price – pence (cents) At 1 January 2022 Granted exercised Forfeit/ cancelled At 31 December 2022 Other Holders April 2019 April 2029 8.4p (11c) 10,000 September 2019 September 2029 2.5p (3c) 5,000 April 2020 June 2020 April 2030 4.2p (5c) 357,500 June 2030 5.3p (7c) 8,975,500 September 2020 September 2030 7.8p (10c) 10,000 October 2020 October 2030 9.0p (12c) 12,500 January 2021 January 2031 13.0p (18c) 685,000 November 2021 November 2031 9.25p (12c) 27,500 – – – – – – – – September 2022 September 2032 10.8p (12c) – 410,000 executive enterprise Management incentive Scheme Andrew Lloyd April 2017 April 2027 8p (10c) 2,083,333 unapproved French Share Option Scheme Lionel Chmilewsky June 2020 June 2030 5.3p (7c) 7,000,000 January 2021 January 2031 13.0p (18c) 500,000 unapproved Share Option Scheme Jens Montanana Richard Last Andrew Lloyd April 2017 May 2018 April 2027 8p (10c) 994,000 May 2028 13.6p (18c) 425,000 October 2018 October 2028 11.0p (14c) 400,000 January 2021 January 2031 13.0p (18c) 350,000 April 2017 June 2017 April 2027 8p (10c) 450,000 June 2027 13.6 (18c) 180,000 October 2018 October 2028 11.0p (14c) 200,000 January 2021 January 2031 13.0p (18c) 350,000 April 2017 June 2017 April 2027 8p (10c) 580,001 June 2027 13.6 (18c) 200,000 74 Corero Network Security plc Annual Report and Accounts 2023 – – – – – – – – – – – – – – – – – – – 10,000 5,000 357,500 (1,888,333) (866,667) 6,220,500 – – – – – – – – – – – – – – – – – – – – 10,000 12,500 (150,000) 535,000 (27,500) – – – – – – – – – – – – – – – 410,000 2,083,333 7,000,000 500,000 994,000 425,000 400,000 350,000 450,000 180,000 200,000 350,000 580,001 200,000 NOTES TO THE FINANCIAL STATEMENTS CONTINUED Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory Option holders Date granted expiry date exercise price – pence (cents) At 1 January 2022 Granted exercised Forfeit/ cancelled At 31 December 2022 Ashley Stephenson June 2020 June 2030 5.3p (7c) 7,919,000 Andrew Miller Peter George January 2021 January 2031 13.0p (18c) 350,000 June 2020 June 2030 5.3p (7c) 5,775,000 January 2019 January 2029 11.3p (15c) 750,000 January 2021 January 2031 13.0p (18c) 350,000 unapproved Share Option Scheme continued Other holders September 2011 September 2021 37.5p (61c) 40,000 March 2012 March 2022 54.5p (89c) 140,000 April 2013 May 2014 April 2023 25p (38c) 100,000 May 2024 25p (42c) 670,666 September 2016 September 2026 22.5p (33c) 5,000 October 2018 October 2028 11.0p (14c) 50,000 September 2019 September 2029 2.5p (3c) 3,531,667 April 2020 April 2020 June 2020 April 2030 4.2p (5c) 455,000 April 2030 4.2p (5c) 50,000 June 2030 5.3p (7c) 4,603,500 September 2020 September 2030 7.8p (10c) 300,000 January 2021 January 2031 13.0p (18c) 610,000 November 2021 November 2031 9.25p (12c) 25,000 – – – – – – – – – – – – – – – – – – January 2022 January 2032 13.0p(18c) September 2022 September 2032 10.8p (12c) – 4,260,000 – 910,000 – – – – – – – – – – – – – – – – 7,919,000 350,000 5,775,000 750,000 350,000 (40,000) (140,000) – – – – – – 100,000 670,666 5,000 50,000 (3,193,334) (238,333) 100,000 – – – – – – – – (50,000) 405,000 – 50,000 (180,000) 4,423,500 (300,000) – (125,000) 485,000 – – – 25,000 4,260,000 910,000 49,520,167 5,580,000 (5,081,667) (2,117,500) 47,901,000 The closing mid-market price for the Company’s shares at 31 December 2022 was 9.25p (11.2c) and the low and high for the year was 9.25p (11.2c) and 14.5p (19.0c). In the 12 months to 31 December 2022, 5,081,667 options were exercised (2021: nil) and 2,117,500 options were forfeited (2021: 1,805,833). Total number of options granted to Directors 31 December 2023 Options granted 31 December 2022 Options granted Relevant Share Option scheme Ashley Stephenson Andrew Miller Jens Montanana Lionel Chmilewsky Peter George Richard Last Phil Richards 8,269,000 5,915,000 1,819,000 – 1,100,000 1,180,000 2,000,000 20,283,000 8,269,000 5,915,000 2,169,000 7,500,000 1,100,000 1,180,000 – 26,133,000 Unapproved Share Option Scheme Executive Enterprise Management Scheme and Unapproved Share Option Scheme Unapproved Share Option Scheme Unapproved Share Option Scheme Unapproved Share Option Scheme Unapproved Share Option Scheme Executive Enterprise Management Incentive Scheme None of the Directors holding office at the balance sheet date exercised options during the year (2022: none). Andrew Miller has a contractual right (granted in March 2011) to purchase 140,000 ordinary shares in the Company from the Employee Share Ownership Trust at 40p per share pursuant to a grant made to him under the Deferred Payment Share Plan. Corero Network Security plc Annual Report and Accounts 2023 75 NOTES TO THE FINANCIAL STATEMENTS CONTINUED 24. SHARE OPTIONS CONTINUED Share-based payments The Remuneration Committee (‘RC’) approves the grant of share options to employees of the Group under the Group’s share option schemes. Share options are granted with a fixed exercise price which is equal to the market price at the date of the grant or higher price determined by the RC. The share options granted are required to be exercised within 10 years from the date of grant. Share options are valued using the Black-Scholes option-pricing model. The weighted average fair value of the options granted in the year was 4.1p (4.6c). The value of share options granted during the year was calculated using the Black-Scholes option pricing model. The following variables and ranges were used: Share price at date of grants Exercise price Expected volatility Estimated years to exercise Risk free interest rate The table below provides information on all options outstanding at the end of the year: Weighted average remaining contractual life Average remaining contractual life Options exercisable Exercise price range Weighted average share price Weighted average exercise price Expected volatility Risk free rate – 5 year gilt rate Expected dividend yield 2023 2022 6.8p–9.0p (9c–11c) 10.8p–13.0p (12c–18c) 6.8p–9.0p (9c–11c) 10.8p–13.0p (12c–18c) 44.7%–49.5% 54.7%–65.0% 4.0–5.0 3.7%–4.2% 4.0–4.8 1.0%–3.0% 7.0 years 6.6 years 42,044,889 2.5p–25p (3c–32c) 7.4p (8.3c) 7.6p (8.5c) 0.2%–75.6% -0.08%–4.2% Nil Volatility is calculated as the standard deviation of the closing daily share price over a period of 24 months prior to the grant date. Operating expenses in the Group Income Statement included a charge of $230,000 (2022: $386,000) relating to employee share-based payments. 25. RELATED PARTIES AND TRANSACTIONS There have been no equity placings or offers in the year ended 31 December 2023 or 2022. The Directors consider the Group’s key management personnel to be the Board of Directors of the Company whose compensation is detailed in note 22. 26. EVENTS AFTER THE BALANCE SHEET DATE There have been no events that have occurred after the balance sheet date which require disclosure. 76 Corero Network Security plc Annual Report and Accounts 2023 Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory COMPANY STATEMENT OF FINANCIAL POSITION AS AT 31 DECEMBER 2023 Assets Non-current assets Investments in subsidiaries Current assets Trade and other receivables Cash and cash equivalents liabilities Current liabilities Trade and other payables Borrowings Net current assets/(liabilities) Non-current liabilities Trade and other payables Borrowings Net assets total equity attributable to owners of the parent Share capital Share premium Capital redemption reserve Share options reserve Foreign exchange translation reserve Accumulated profit and loss reserve total equity As at 31 December 2023 $’000 As at 31 December 2022 $’000 Note 3 4 5 6 5 6 50,124 50,124 4,952 2,544 7,496 114 – 114 7,382 – – – 70,209 70,209 3,304 5,070 8,302 (8,427) (971) (9,398) (1,096) (100) (237) (337) 57,506 68,848 6,999 82,430 7,051 1,659 (14,764) (25,869) 6,980 82,284 7,051 1,465 (18,354) (10,578) 57,506 68,848 The Company made a loss for the year 31 December 2023 of $15,291,000 (2022: Profit of $1,697,000). These financial statements were approved and authorised for issue by the Board of Directors on 26 March 2024 and signed on their behalf. Carl Herberger DIRECTOR The notes on pages 79 to 82 form part of these financial statements. Corero Network Security plc Annual Report and Accounts 2023 77 COMPANY STATEMENT OF CHANGES IN EQUITY FOR THE YEAR ENDED 31 DECEMBER 2023 1 January 2022 Profit for the year Other comprehensive income total comprehensive income for the year Contributions by and distributions to owners Issue of share capital – exercise of options Fully exercised share options Share based payments total contributions by and distributions to owners 31 December 2022 and 1 January 2023 Loss for the year Other comprehensive income total comprehensive income for the year Contributions by and distributions to owners Issue of share capital – exercise of options Fully exercised share options Share based payments total contributions by and distributions to owners Share capital $’000 6,914 Share premium account $’000 82,122 – – – 66 – – 66 – – – 162 – – 162 Capital redemption reserve $’000 Share options reserve $’000 Foreign exchange translation reserve $’000 Accumulated profit and loss reserve $’000 total attributable to equity owners of the parent $’000 7,051 1,212 (10,532) (12,275) – – – – – – – – – – – (94) 347 253 – (7,822) 1,697 – 74,492 1,697 (7,822) (7,882) 1,697 (6,125) – – – – – – – – 228 (94) 347 481 6,980 82,284 7,051 1,465 (18,354) (10,578) 68,848 – – – 19 – – 19 – – – 146 – – 146 – – – – – – – – – – – (3) 197 194 – (15,291) (15,291) 3,590 – 3,590 3,590 (15,291) (11,701) – – – – – – – – 165 (3) 197 359 31 December 2023 6,999 82,430 7,051 1,659 (14,764) (25,869) 57,506 78 Corero Network Security plc Annual Report and Accounts 2023 Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory An impairment provision is recorded against the intercompany loan note instrument between the Company and Corero Network Security, Inc. based on calculating the risk adjusted carrying value of the loan to take account of the credit loss which is expected to arise over the period until the cash is realised. The amount of the provision is based on whether there has been a significant increase in credit risk since the initial recognition of the loan. In situations where the credit risk has not increased significantly and the loan amount is expected to be recovered, the expected credit loss is limited to the effect of discounting the intercompany loan over the period until repayment is realised at the effective interest rate. Cash and cash equivalents Cash and cash equivalents include cash on hand and short-term deposits with an original maturity of three months or less that are readily convertible to known amounts of cash. Other payables Other payables are not interest bearing and are stated at their fair value at time of initial recognition. Thereafter they are accounted for at amortised cost. Debt obligations Debt obligations include interest bearing bank borrowings which are stated at their fair value less transaction costs at time of initial recognition. Debt obligations are subsequently measured at amortised cost. NOTES TO THE FINANCIAL STATEMENTS 1. GENERAL INFORMATION Corero Network Security plc (Company number 02662978) is a public limited company incorporated in the United Kingdom under the Companies Act 2006 and registered in England and Wales. The functional currency of the Company entity is GBP. Presentation currency These Company financial statements are presented in US dollars (‘$’) rounded to the nearest $’000 unless otherwise stated which represents the presentational currency of the Company. The average $-GBP sterling (‘GBP’) exchange rates used for the conversion of the Monthly Income Statements for the year ended 31 December 2023 was between 1.21-1.29 (2022: between 1.20-1.36). The closing $-GBP exchange rate used for the conversion of the Company’s assets and liabilities at 31 December 2023 was 1.27 (2022: 1.21). 2. MATERIAL ACCOUNTING POLICIES 2.1 Basis of preparation The Company financial statements were prepared in accordance with Financial Reporting Standard 101 Reduced Disclosure Framework. The Company has taken advantage of the following disclosure exemptions: The requirements of IAS 7 Statement of Cash Flows, IFRS 7 Financial Instruments: Disclosures and IAS 24 Related Party Disclosures. The Company has taken advantage of section 408 of the Companies Act 2006 and has not included an income statement in these financial statements. The Parent Company’s loss for the year was $10.9 million (2022: $1.7 million profit). 2.2 Going concern The financial statements have been prepared on a going concern basis. The Directors have prepared detailed income statement, balance sheet and cash flow projections for the period to 30 June 2025 (‘going concern assessment period’). The cash flow projections have been subjected to sensitivity analysis of the revenue, cost and combined revenue and cost levels which demonstrate that the Company will maintain a positive cash balance through the going concern assessment period. As part of the sensitivity analysis, the Directors have noted that should the forecasted revenues not be achieved, mitigating actions can be taken to address any cash flow concerns. These actions include deferral of capital expenditure, reduction in marketing and other variable expenditure alongside a hiring freeze. The Directors are also not aware of any significant matters in the remainder of calendar 2025 that occur outside the going concern period that could reasonably possibly impact the going concern conclusion. The Directors have also considered the geo-political environment, including rising inflation in some of our key markets and the conflict in Ukraine and Palestine, and whilst the impact on the Group is currently deemed minimal, the Directors remain vigilant and ready to implement mitigation action in the event of a downturn in demand or an impact on operations. On this basis, the Directors have therefore concluded that it is appropriate to prepare the financial statements on a going concern basis. 2.2 Investments in subsidiaries In the Company’s separate financial statements, investments in subsidiaries are carried at cost less any impairment provisions. 2.3 Financial instruments The Company classifies financial instruments, or their component parts, on initial recognition as a financial asset, a financial liability, or an equity instrument in accordance with the substance of the contractual arrangement. Financial assets and financial liabilities are recognised in the Company’s Statement of Financial Position when the Company becomes party to the contractual provisions of the instrument. The particular recognition and measurement methods adopted for the Company’s financial instruments are disclosed below: Other receivables Other receivables are stated at their fair value at time of initial recognition, reflecting, where material, the time value of money. Corero Network Security plc Annual Report and Accounts 2023 79 NOTES TO THE FINANCIAL STATEMENTS CONTINUED 3. INVESTMENT IN SUBSIDIARIES Cost At 1 January 2022 Additions Foreign currency translation At 31 December 2022 and at 1 January 2023 Additions Repayment of Loan note Foreign currency translation At 31 December 2023 impairment At 1 January 2022 Impairment credit/(charge) Foreign currency translation At 31 December 2022 and at 1 January 2023 Impairment charge Foreign currency translation At 31 December 2023 Net book value At 31 December 2023 At 31 December 2022 At 1 January 2022 investment in Corero Network Security, inc. and Corero Network Security (uk) limited $’000 investment in Corero Group Services limited $’000 loan note $’000 total $’000 73,065 10,777 8,984 92,826 – (7,740) 65,325 – – – (1,142) 9,635 – – 3,374 502 68,698 10,137 (11,735) (5,020) 1,134 1,243 (9,358) (10,859) (87) (20,304) 48,395 55,967 61,330 652 532 (3,836) (4,069) (503) (8,408) 1,729 5,799 5,757 420 (961) 8,443 224 (9,089) 422 – – – – – – – – – 8,443 8,984 420 (9,843) 83,403 224 – 4,315 78,836 (16,755) 1,786 1,775 (13,194) (14,928) (590) (28,712) 50,124 70,209 76,071 The Directors have reviewed the carrying value of the cost of investments in subsidiaries of the Company with reference to the Company market capitalisation at 31 December 2023 or on a discounted free cash flow valuation whichever is the higher value, which the Directors consider to be an appropriate valuation methodology. Based on the Company market capital valuation as at 31 December 2023, the provision against the investment in subsidiaries was $28.7 million (at 31 December 2022: $13.2 million), comprising a provision against the investment in Corero Network Security, Inc. and Corero Network Security (UK) Limited (together “CNS”) of $3.2 million and a provision against the investment in Corero Group Services Limited of $4.1 million. The Company’s investment in Corero Network Security, Inc. includes a loan note instrument. These loan notes bear interest at 5.0% per annum which at the election of Corero Network Security, Inc. is payable quarterly or added to the principal amount due on 31 October 2026. As at 31 December 2023, the expected credit loss provision was $nil (2022: $nil). The loan note was effectively repaid in June 2023 when the balance was netted off the intercompany account between the Company and Corero Network Security, Inc. The Company owns: • 100% of the issued share capital of Corero Network Security, Inc. a company incorporated in Delaware, USA. The Company’s business address is 293 Boston Post Road, Marlborough, MA 01752, USA. The principal business of the Company consists of the development and sale of appliance and software security products and solutions. • 100% of the issued share capital of Corero Group Services Limited, a company incorporated and registered in England and Wales. The Company’s business address is Salisbury House, 29 Finsbury Circus, London, EC2M 5QQ, England, United Kingdom. The principal business of the Company consists of providing administration services to the Group. • 100% of the issued share capital of Corero Network Security (UK) Limited, a company incorporated and registered in England and Wales. The Company’s business address is 3rd Floor, 53 Hanover Street, Edinburgh, EH2 2PJ and registered address is Salisbury House, 29 Finsbury Circus, London, EC2M 5QQ, England, United Kingdom. The principal business of the Company consists of sale of appliances and software security products and solutions, providing development and marketing services on behalf of Corero Network Security, Inc. 80 Corero Network Security plc Annual Report and Accounts 2023 Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory 4. OTHER RECEIVABLES Other debtors Prepayments Trading amounts due from subsidiaries None of the Company’s trade and other receivables are secured by collateral or credit enhancements (2022: None). The maturity profile of trade and other receivables is set out in the table below: In one year or less, or on demand In more than one year, but not more than five years 2023 $’000 82 4 4,866 4,952 2023 $’000 4,952 – 4,952 2022 $’000 68 19 3,217 3,304 2022 $’000 3,232 72 3,304 At 31 December 2023, presentation of Other receivables in the Company Balance sheet has been changed in accordance with IAS 1. Other receivables due to mature in over one year were previously presented as non current assets in the Company Balance sheet but are now disclosed within this note in accordance with IAS 1. The nature of the assets have not changed. The analysis of trade and other receivables by foreign currency is set out in the table below: US dollars UK pound 5. OTHER PAYABLES Trading amounts due to subsidiaries Other payables Accruals 2023 $’000 – 4,952 4,952 2023 $’000 – 1 113 114 2022 $’000 – 3,304 3,304 2022 $’000 8,427 – 100 8,527 None of the Company’s trade and other payables are secured by collateral or credit enhancements. The Directors consider that the carrying amount of trade and other payables approximates their fair value. 100% (2022: 74%) of the trade and other payables are due in less than three months. The amounts due to subsidiaries are repayable on demand. The analysis of trade and other payables by foreign currency is set out in the table below: US dollars UK pound 2023 $’000 – 114 114 2022 $’000 – 8,527 8,527 Corero Network Security plc Annual Report and Accounts 2023 81 6. BORROWINGS The Company borrowings: Bank loan 2023 $’000 – 2022 $’000 1,208 On 27 June 2023, the Group repaid all outstanding external borrowings from the £2.0 million term loan facility. There is no interest payable at 31 December 2023, and no contractual future cash flows in relation to the term loan facility. At 31 December 2023, the Group continued to have access to an undrawn £1.0 million Revolving Credit Facility (‘RCF’) which was due to expire in March 2024. The facility terms include: no early repayment penalties or redemption premium; a reduced interest rate (payable quarterly) at 6.5% per annum over the Bank of England base rate before any potential downward EBITDA margin ratchet adjustment; 2.6% interest per annum on the RCF; arrangement fee of 3.75%; and standard security and loan covenants in line with the existing lending arrangements including the payment of a fee equal to 1.0% of the disposal proceeds on a sale or a change of control of the Company above a threshold amount of £100.0 million if such disposal or change of control occurs before April 2025. The remaining contractual future cash flows relating to the RCF amount to $88,982 payable in March 2024 in relation to the close out of the facility. The bank loan was secured by debentures over the business assets of all Group companies and by Group Company guarantees including a guarantee from the Company. The bank loan terms included typical covenants for such a loan, as well as revenue and cash consumption covenants, which were tested quarterly and monthly respectively. These covenants were met for each covenant reporting period in the reporting period ended 31 December 2023 and 31 December 2022. 7. RELATED PARTIES AND TRANSACTIONS Company key management compensation was $nil (2022: $nil) as the key management are employed by subsidiaries. 8. SHARE CAPITAL Refer to Group disclosure note 20 for movements in share capital of the Company. 9. SHARE PREMIUM Refer to Group disclosure note 21 for movements in share premium of the Company. 10. EVENTS AFTER THE BALANCE SHEET DATE There have been no events that have occurred after the balance sheet date which require disclosure. 82 Corero Network Security plc Annual Report and Accounts 2023 NOTES TO THE FINANCIAL STATEMENTS CONTINUED Overview Strategic Report Governance FINANCIAL STATEMENTS Corporate Directory GLOSSARY 5G Ai AiM ARR CAGR CGu CNS Cpu CSps DDoS DDpaaS DpDk Dpi eBitDA eu FCA FRC FRS iAS iFRS iot iSA MSSp NiCs pOps pppl RCF R&D ROi SOC SSp tCO tDC tDD tDS Fifth Generation Cellular Network Technology Artificial Intelligence Alternative Investment Market Annualised Recurring Revenues Compound Annual Growth Rate Cash-Generating Unit Corero Network Security Central Processing Unit Communication Service Providers Distributed Denial of Service DDoS Protection as-a-Service Data Plane Development Kit Deep Packet Inspection Earnings Before Interest, Tax, Depreciation, and Amortisation European Union Financial Conduct Authority Financial Reporting Council Financial Reporting Standard International Accounting Standards International Financial Reporting Standards Internet of Things International Standard on Auditing Managed Security Service Provider Network Interface Cards Points of Presence Paycheck Protection Program Loan Revolving Credit Facility Research and Development Return On Investment Security Operations Center Stand–alone Selling Prices Total Cost of Ownership SmartWall® Threat Defense Cloud SmartWall® Threat Defense Director SmartWall® Threat Defense System Corero Network Security plc Annual Report and Accounts 2023 83 CORPORATE DIRECTORY DIRECTORS Jens Montanana (Executive Chairman) Richard Last (Non-executive Director) Peter George (Non-executive Director) Andrew Miller (Interim Chief Operating Officer) Ashley Stephenson (Chief Technology Officer) Phil Richards (Chief Financial Officer) SECRETARY AND REGISTERED OFFICE phil Richards Salisbury House 29 Finsbury Circus London EC2M 5QQ UK NOMINATED ADVISER AND BROKER Canaccord Genuity ltd 88 Wood Street London EC2V 7QR UK FINANCIAL PUBLIC RELATIONS Vigo Communications Sackville House 40 Piccadilly London W1J 0DR AUDITOR Macintyre Hudson llp 2 London Wall Place, London EC2Y 5AU UK SOLICITORS Dorsey and whitney llp 199 Bishopsgate London EC2M 3UT UK BANKERS Santander 2 The Forbury Reading RG1 3EU UK wells Fargo 420 Montgomery Street San Francisco, CA 94104 USA REGISTRARS link Group 10th Floor Central Square 29 Wellington Street Leeds LS1 4DL UK WEBSITE ADDRESS www.corero.com Printed by a Carbon Neutral Operation (certified: CarbonQuota) under the PAS2060 standard. Printed on material from well-managed, FSC™ certified forests and other controlled sources. This publication was printed by an FSC™ certified printer that holds an ISO 14001 certification. 100% of the inks used are HP Indigo ElectroInk which complies with RoHS legislation and meets the chemical requirements of the Nordic Ecolabel (Nordic Swan) for printing companies, 95% of press chemicals are recycled for further use and, on average 99% of any waste associated with this production will be recycled and the remaining 1% used to generate energy. The paper is Carbon Balanced with World Land Trust, an international conservation charity, who offset carbon emissions through the purchase and preservation of high conservation value land. Through protecting standing forests, under threat of clearance, carbon is locked-in, that would otherwise be released. 84 Corero Network Security plc Annual Report and Accounts 2023 C o r e r o N e t w o r k S e c u r i t y p l c A n n u a l R e p o r t a n d A c c o u n t s 2 0 2 3 COReRO NetwORk SeCuRity plC Registered Office Salisbury House 29 Finsbury Circus London EC2M 5QQ UK

Continue reading text version or see original annual report in PDF format above