IronNet, Inc. (NYSE:IRNT) Q3 2021 Results Earnings Conference Call December 16, 2021 5:00 PM ET
Nancy Fazioli - Vice President of Investor Relations
Keith Alexander - Founder, Chairman and Co-Chief Executive Officer
William Welch - Co-Chief Executive Officer
James Gerber - Chief Financial Officer
Conference Call Participants
Michael Cikos - Needham & Company
Joseph Gallo - Jefferies & Co.
Gray Powell - BTIG
Greetings. Welcome to the IronNet, Inc. Q3 Fiscal Year 2022 Earnings Call. At this time, all participants are in a listen-only mode. A question-and-answer session will follow the formal presentation. [Operator Instructions]. Please note this conference is being recorded.
I will now turn the conference over to your host, Nancy Fazioli. Investor Relations. Thank you. You may begin.
Thank you, operator. Hello, and thank you for joining us. Today's conference call will address IronNet's financial results for the third quarter ended October 31, 2021 that were announced this afternoon.
Before we begin, please note that some of the statements we will be making today are forward-looking. These matters involve risks and uncertainties that could cause our results to differ materially from those projected in these statements. We, therefore, refer you to the risk factors included in our latest SEC filings.
Our comments today also include non-GAAP financial measures. Additional details and reconciliation to the most directly comparable GAAP financial measures can be found in our third quarter earnings release, which is on the Investor Relations portion of our website at ir.ironnet.com.
And now, I'll turn the call over to our co-CEOs, Gen. Alexander and Bill Welch, who have some remarks. They will be joined by our CFO, Jamie Gerber, for the question-and-answer portion of the call. Gen. Alexander?
Good afternoon and thank you for joining us today. I'd like to address our disappointing third quarter results and revised fiscal year outlook right up front.
Our prior outlook for this fiscal year was supported by what we assessed as late stage multimillion dollar strategic customer opportunities. The majority of these customers are in the US public sector. We had previously expected to finalize these opportunities in the second half of this fiscal year. However, a number of them are now being impacted by delays in funding at the federal level.
Given the delayed timing, we have removed these strategic opportunities from our fiscal year ARR outlook. I want to be clear that these are not lost deals. They remain, almost without exception, in the pipeline as strong, viable opportunities.
Let me give you several examples that may help illuminate these delays. The first is a double digit, million dollar ARR opportunity with a branch of the military that is held up as part of the federal funding delays playing out in Washington. This contract continues to grow, but at a reduced pace.
The second is another multimillion dollar defense industrial base customer whose contract with us is making its way more slowly through government procurement than we anticipated.
We have several deals with states that are gaining momentum as the American Rescue Plan funds are arriving and being approved by state legislatures.
We also have a large multi-million dollar opportunity with an international government that was working through political turmoil and the impacts of the pandemic.
At our stage, large strategic opportunities remain an important driver of growth. These are also extremely important in developing the public-private partnership.
As you saw in our press release, we now expect revenue of approximately $26 million in fiscal year 2022, which would be down from 10% from the prior fiscal year. We reduced our outlook for exit ARR for the fiscal year to approximately $30 million, which, given timing uncertainty, now excludes large strategic opportunities.
We have missed our expectations, and we understand the criticality of being accountable and predictable as a public company. While we are not proud of our performance, we remain optimistic about our future.
I would like to underscore that our conviction about our technology and market opportunities is unchanged, and that we remain committed to our mission – transforming cybersecurity through collective defense.
Our proof of value pilot opportunities have doubled over the last year, and collective defense as a concept is gaining momentum in the marketplace. Let me give you a few examples.
A major state power authority in the Northeast asked to have additional electrical suppliers in its area added to its collective defense group. Malicious nation state activity was quickly identified and eradicated with the help of IronDome and IronDefense. This model of energy sector leadership is also now being considered for replication in major states in Midwest and south central United States.
Another example is a Midwest-based insurance customer. This past quarter, we displaced a competitor's network detection and response solution to expand our own footprint. We're expanding in the Midwest in both financial services and the healthcare industry.
A third example is a US Department of Defense organization with advanced cyber capabilities to asked IronNet to submit to a laboratory evaluation to validate IronNet's network detection and response capabilities. This focused on detecting advanced cyber threats using behavioral analytics and artificial intelligence. The rigorous test simulated and advanced low and slow attack against a representative commercial network. The scenario was specifically designed to evade common signature detection tools and endpoint detection technology.
IronNet was tested against 25 separate sophisticated attacks, representing nearly a dozen specific MITRE ATT&CK techniques. The evaluation concluded that the IronDefense capability identified all attacks within the environment. We are currently engaged with government contract representatives as a result of this positive outcome.
On the product development side, we have made important progress this quarter as well. First in expediting time to deployment, thanks to significant orchestration effort, IronDefense can now be provisioned and deployed in Amazon Web Services in minutes. We continue to build our virtual network sensor capabilities, which will allow the customer to leverage compute resources already existing in their data center.
Second, with regard to our user interface, we developed and are now implementing a comprehensive training curriculum to improve knowledge of the significant features included in our product and to facilitate increased product adoption. We have made strides in making the user interface more user friendly, facilitating greater collaboration among secure users of various levels of experience.
Third, and notably, we have developed a proprietary and further differentiating event correlation engine we call CoDA, or Correlation of Detection Analytics, which allows us to effectively chain events and entities together and provide the user a view of all related events and attack sequence. This evolution of the product provides incredible alert efficiency, while reducing overall alert fatigue of the users. We are in beta testing with key customers and anticipate that this will be a highly appreciated development for customers as we roll it out more broadly next year.
In a recent example of our product strength, the log4j vulnerability highlighted IronNet's detection and collaboration capabilities. We leveraged our cyber operations center and hunt diagnostics to understand the exposure of the vulnerability. We deployed more than 400 rules in nearly 30 new behavioral analytics to ensure our customers remain protected.
Our confidence in our underlying model is bolstered by the dynamics at play in security software in general. With digitization comes heightened cyber risks that continue to increase. We saw it this weekend with log4j.
The Department of Justice announced last month that a ransomware attack has targeted as many as 1,500 companies this past summer. The FBI issued a warning to US companies about the threat from Iranian hackers, and the Canadian healthcare system was subjected to a disruptive attack.
The escalation of malicious cyber activity is happening despite what has been reported as the highest level of investment in cybersecurity spending on infrastructure protection that software has ever seen, which according to Gartner is almost $25 billion this year and growing at nearly 17% worldwide.
Clearly, it's the significant investments that the private and public sectors have made in cyber defense and the manner in which they are being employed is still not working. The companies, states and nations that are the foundation of global economies remain vulnerable.
Collective defense is an important way to break the defend in isolation model that continues to show itself to be too slow, too inefficient and is, in fact, a hindrance to the public and private sector alike from enabling each of their significant investments as they become more than the sum of their parts.
IronNet is the sole cyber technology addressing this gap. Our network detection and response solution and our unique collective defense model has been evaluated and then recognized and lauded as a transformative technology that's absolutely critically needed.
Recently, Chris Inglis, US National Cyber Director, is quoted as having commented on IronNet's collective defense model, reading, that we need to make it such that if you are a transgressor in this space that you need to beat all of us to beat one of us. He acknowledged that we have not done that before and we have had the wrong model when we're attempting to do that in the past.
IronNet extended the concept of collective defense into cybersecurity, developed capabilities to make collective defense possible and we are uniquely positioned to develop this market further.
We missed our financial expectations for this year. We are working hard to rebuild your trust in us. I will now turn it over to Bill to address changes we are making and our plans to accelerate our business in important ways. Bill?
Thank you, General. We are very disappointed in our results. We did not meet our targets and we know that is our responsibility. We recognize the importance of becoming a more predictable business.
First, I'd like to highlight a few changes to the team. As disclosed in our Form 8-K filed today with our earnings release, we and Sean Foster, our Chief Revenue Officer, have mutually agreed that he will depart our company at the end of December to pursue other opportunities. I will provide increased oversight of the sales organization for as long as is needed. Sean and I are working closely together between now and his departure to appropriately transition our sales efforts. We greatly appreciate his commitments to our customers, we thank him and wish him well in his future endeavors.
We've also recently appointed a new chief marketing officer, Michael Donahue, who has moved quickly to support our marketing organization, and in particular, identify areas for improvement in our sales motion. Our behavioral analytics space network detection and response is significantly more robust than the solution being offered by our peers. We are now doing a better job of conveying that value.
Also joining us earlier this quarter to lead corporate development was John O'Hara. John is helping to support important initiatives that broaden the company's offerings, penetrate new markets, and facilitate enterprise transformation. John has fielded a number of inbounds from cyber experts and tacticians from leading companies who see potential synergies and recognize the tremendous value in IronNet and our mission.
We're also extremely pleased to welcome this month a new Head of Customer Success, Michelle Neisser, to our organization, Michelle brings a wealth of experience to this critical function where we have an opportunity to quickly make a tremendous difference for our customers to realize the value of IronNet. In addition to Michelle's expertise in the area of customer success, we are focused on cloud offering to facilitate ease of deployment.
We're also supported by the strength of our external partnerships. In our relationship with Mandiant, we're able to leverage Mandiant services for threat assessment and security validation with the threat detection and response and intelligence sharing capability of IronNet's Defense and Dome offerings.
The Dragos, we publicly announced an acceleration in the pace and depth of a new joint initiative designed to help ensure the security of the nation's critical infrastructure through an integrated IT/OT approach to cybersecurity.
And with our cloud partners, we are seeing leverage in a couple ways. With AWS, we jointly targeted and successfully closed on several opportunities in the public and private sector, leveraging the network threat detection and remediation capabilities of IronNet and their back-end hosting solution of AWS.
With Microsoft, we launched a deep technical integration with Azure Sentinel cloud-native SIM. The joint efforts have accelerated IronNet entry into the Microsoft Intelligence Security Association, MISA, an ecosystem of independent software vendors and managed security service providers that have integrated their solutions to better defend against a world of increasing threats. We remain encouraged by these relationships with partners and the advantages of our joint sales efforts.
A quick comment on results. We ended the third quarter with 74 customers, adding 23 new logos. Our ARR at the end of the third quarter was 30% higher than at the end of the third quarter last year. Our cloud subscription revenue grew 71% year-over-year, which is where the market is developing the fastest and which gives us the greatest benefit. We've made strides in accelerating our ability to be more predictable on the transactional side of the business and we will continue to merge in the strategic opportunities as they close.
Finally, before we turn to your questions, I wanted to anticipate a question and touch upon how we are thinking about our current cash position. We are being mindful about the investments we are making and in assessing strategic uses of cash.
Prior to becoming public, we have worked to become an efficient organization from a headcount perspective. We have a strong culture and a team inspired by our mission to transform cybersecurity through collective defense. This includes the best threat hunters, I would argue, in any company in the world. We understand that we need to remain nimble and highly efficient with our cash, but we also have strong conviction in our strategy, know that we have an exceptional team and see opportunities before us that has the potential to transform us quickly as a company.
To conclude, I would like to end by saying that we are disappointed by our results so far this year, but we remain highly encouraged by what we see as an opportunity still before us, and we are working hard to rebuild your trust and confidence in us as a team.
Operator, we are ready for our first question.
[Operator Instructions]. Our first question comes from the line of Mike Cikos with Needham & Company.
I had a question for you. Obviously, on the downtick we're seeing today with the guidance, as we look to calendar 2021 for revenue and ARR, maybe first for the General on the topic, I guess can you talk to these budgeting issues that you're seeing on your side? I'm interested in your thoughts specifically just because I know that you do have that sort of experience on your side, and I'm just interested in how these dynamics are different from maybe what you would have seen when you were still in the position? I'm just curious how that's moved since we last received an update.
I guess part two of the question would be more for Jamie. But last time we received an update, I believe it was in mid-August, and I'm curious if you can help us in any way think about calendar 2022 with this markdown we're seeing how, how numbers have changed, given the size of the magnitude we're seeing today?
I'll start off with answering the first part and then turn it over to Jamie. With respect to the strategic opportunities that we have and what we're seeing in the marketplace, first, the passage of the NDAA, or the National Defense Authorization Act, today means that we could start to see some of these move forward. We've seen a slowdown in public sector, especially in the ones we're dealing with based on the congressional lack of moving on the NDAA. That was pushed forward today, as you as you may know, and is now being pushed to the White House for signature.
Our confidence remains high in the strategic opportunities. We've revised our guidance for the year, and it reflects the fact that we aren't confident on what quarter they will actually come in, but we see these as viable opportunities for the future. We recognize that you want us to have a predictable business, and we can accomplish that with our transactional side, and we're going to do that, and these strategic deals will add momentum into our revenue as we move forward.
I'll push it over to Jamie for his side.
I think you were just asking about our guidance for this year of the $26 million for revenue. As we've noted, what we've significantly done here is to completely remove all of these larger strategic transactions that are still out there, but difficult to predict. So, we've reset the guidance at this point to not include them. Our guidance from August had included them. And so, we're setting ourselves up here, so that we can be sure that, as they come in and add materially to our number, that we get that information out. We'll update our guidance accordingly. Was that your question?
Yes. If I'm looking back to the last time we had received an update like this, I believe the comment was something along the lines of the commitment to – maybe it was fiscal 2023 or fiscal 2024 targets. And I guess one of the things I'm trying to determine is if we're backing out some of these larger opportunities, which still remain in the pipeline and are viable, is the expectation then that, as we look to next year, when you guys do provide guidance for that year, maybe some of these larger opportunities, which again are a little bit more difficult to predict, will be stripped away from that initial number that we received. I'm just trying to get a sense of how we're looking at guidance now, given some of the updates that we had tonight.
Let me answer the question. We are not proud of this year's projected performance. We obviously have to do better. But based on the foundation that we've set, our objective is to grow at the rate of a high growth SaaS company. We're going to provide guidance on next fiscal year on the Q4 and fiscal year-end earnings call, which most likely will be in early April. Where we expect, we will align with other high growth SaaS companies. We know this is a critical objective. Our revised guidance for FY 2022 is really that recognition that we have to be a more predictable business based on our transactional business, which we're accelerating, to be commensurate with these other high growth SaaS companies. And as the General mentioned, we have a number of pending strategic opportunities that could transform the company quickly. So, we're really managing those two realities. And when those strategic opportunities do come available, then we will notify the market.
Just two more if I could real quick. The first, with the passage of the NDAA and that being sent over to the White House, for those of us that might be less familiar with public sector movements in the budget, if, let's say, the White House signs that paperwork when it arrives at their desk, how quickly can some of these potential customers of yours turn around and start deploying that budget? Do we have a feel for timeline for when those dollars become immediately available to them?
And then, the second question, more towards Bill, but if I'm thinking about the announcement for the chief revenue officer departure at year-end, can you explain – I'm guessing you'll be commandeering the sales force in the interim. But is there a search on their way at this point how to transition the leadership of that team?
I'll handle the first part on that with respect to the NDAA. As you noted correctly, it'll go to the president, he will sign it. It then goes to OMB, the Office of Management and Budget. They take that and they push that out to the Defense Department, which then breaks it down and pushes it out to all the services and department agencies. Once they had that money and they know now what their full authorization levels are, they can apply that to these contracts and others.
I talked to some of our partners in the defense industrial base, some of the strategic partners, they face the same problem that we face here. They're having the same issue. And they believe that this will help. It won't change overnight. So, the President signs it, it doesn't happen overnight, but we think this is something that will happen in the next few months.
Mike, I'll address your question related to the chief revenue officer announcement today. As I said in my comments, I will be providing overwatch and oversight to the sales organization, as many of you on the call know that I have history of running sales organizations. And I will be helping the teams in the APJ, EMEA, Americas, our customer success, marketing, and those sales teams to drive the outcome and the transactional business that we've spoken about. So, that is something that we will not start a search. I will provide the overwatch for as long as it takes to drive this flywheel or this engine that's required for this type of software company.
And I wanted to add one thing that was part of what I think you intended to ask, and that is the American Rescue Plan dollars are being pushed out to the states and they do see that as an opportunity, and part of that includes security and cybersecurity. We are seeing momentum gain in those areas as well. And we think that's a future opportunity and why some of our strategic goals and objectives are increasing. That pipeline is growing.
Our next question comes from the line of Joseph Gallo with Jefferies.
Really appreciate the color on all the delayed deals. I guess when you look at the strategic deals, I assume you mean government deals, and are we to assume that the entire delta, so the $75 million of ARR going to $30 million, is those deals? Or were there any of the transactional deals you talked about also implied in that cut?
I'll start off. First, we had more than sufficient pipeline to cover the delta that we're talking about in our strategic deals. And that's growing, as I mentioned earlier. We also recognize that we have to drive predictability, as Bill mentioned, and we are working towards that, and that's getting the singles and doubles, or as we call them, as we've talked to you in the past on, in growing that out. I'll turn it over to Bill to add to that on what we're doing in the singles and doubles in the transactional area.
I just want to add a couple more commentaries. We recognize that we must drive the predictability. And that's really going to come from that development of the transactional side.
Our outlook for FY 2022 was primarily based on our ability to close these large strategic opportunities. We are gaining momentum in the transactional side, as you heard in the commentary the evidence of. We added 23 new logos this quarter, which is almost as many as we added all of last year. We had 30% year-on-year growth in our ARR. Again, good growth, but we want to drive more growth. We had great traction with several of our domes. As you know, we set up these cybersecurity domes with energy, space and financial services. All of those domes have doubled in participation year-to-date.
As I mentioned before, we are driving a disruptive paradigm shifting company. I've had the opportunity to be part of those types of companies, and I'm taking overwatch over the sales org. And what we're doing to really accelerate the transactional business, to drive the predictability that is required and expected is in marketing, our demand generation, you saw we announced a new leader, our brand awareness and our analyst coverage, doing much work there, in product.
You heard about what we're doing with the user experience and our CoDA, as it's called. We're also on the sales cycle. We're encouraged by early indicators of new hires, who have NDR, or network detection and response, sales experience where they're being able to open manage and close deals a lot faster. We also are encouraged by our customer success leadership around driving value and upsell.
And then, as you heard about our strategic partnerships, these are all pipeline drivers, including our cloud, relationships with AWS and Microsoft, the integrator community like Jacobs that you have heard, our public sector and then our technology alliances with the likes of Mandiant and Dragos. So, we believe those are the things that will help us drive our transactional business to a more visible, predictable and repeatable business.
Joe, let me just add in one final thing to hit in two sentences. The transactional model that we're talking about, we believe, will put us right in line with what a high growth SaaS company should be. And we're modeling our company on that, something that you can use to predict and forecast where we'll go. We see the strategic deals as accelerants that will add to that model. We're not taking them off the table. It's just hard to say which quarter they will come in. Does that make sense, Joe?
No, it makes sense. And then based off your comments, General, it sounds like – so the strategic deals were more than the $45 million, but the transactional business actually did pretty well and the pipeline is strong there.
As a follow up to that, Bill, great to hear you're doing a lot of steps to improve visibility. But how should we think about guidance methodology for F4Q, especially given you added about $4 million of ARR this quarter and your guidance implies about $2 million next quarter? And I would assume F4Q would be the seasonal strongest quarter. So anything to read into that?
Let me jump in on that one, Joe. The key part of our guidance, and I think it's important to the way you asked it, about methodology, is that we're really just going to focus on this transactional part of the business and we're going to hold off on identifying any of these much larger double-digit million dollar announcements till they come in. Methodologically, we're going to just tell you about those as they come.
We have not seen any, in the last quarter or even in the upcoming quarter, material losses on the retention. So, we feel good about that. We had some earlier in the year. But really, the trends here are not about slower ARR growth per se. It's really just not adding in the strategics.
If I can sneak one more in. Of the 23 customers you added, I guess, how should we think about the split between cornerstone customers and just add-on domes from existing customers already?
Joseph, good question. I will tell you that the majority of the customers that we added this quarter were focused on the lower end of the community. These were logos that we filled in at the energy, space, financial, those domes that I mentioned had doubled year-to-date.
Our next question comes from the line of Gray Powell with BTIG.
I appreciate you addressing the balance sheet in the prepared remarks. I did want to follow up there. So, just kind of looking at headline numbers, you have $74 million in cash in the balance sheet. Free cash flow year-to-date is negative $61 million, give or take? How should we think about your liquidity and ability to fund for future growth targets?
And then within that, do you have the headcount in place today to hit your growth targets?
Let me take that one on, Gray. Another excellent question. I think the starting point is really to talk about the raise that was done this summer that raised $138 million. So, that did give us a really great spot, got us completely cleaned off all debt on the balance sheet. So, we did end up the quarter with a little over $70 million, as you know, in cash.
Now, a couple things as we address the forward-looking part of your question. So, do keep in mind that these larger strategic opportunities have a lot of cash in them as well. So we're going to keep an eye on that, which means that we're going to stay agile. We do have all the resources that we need right now to fully scale into them. So, we're not at all constrained on that front.
The other thing that we're going to do, and I think Bill touched on this a little earlier, is that we really accentuated our commitment to the SaaS end of our business. And that brings itself a number of efficiencies and how you can structure and organize your organization. We're going to stay very thoughtful about where we make our investments and continue to add to our skill set, which we will, but we're going to keep a really close eye on that.
And at the end of the day, this is about, to that point, conserving our ability to have cash on the balance sheet all the way through the end of next year. That's our approach to how we're going to approach the business as public company. We retain opportunities to do raises in the markets, and we're going to keep our eye on that too. But without a raise, we're really focused on how to drive the correct balance here to navigate all the way through next year with the cash that we've got available, and we feel confident in being able to do that.
This next one's going to be a tough question, but I really do appreciate your candor here on the call in terms of how you're managing your cash position with investors. But customers do look at balance sheet too. How do you make your potential customers comfortable in your financial position?
One of the things that we're most encouraged by is the community organization that we've been able to establish with these domes within energy, space, financial, and some of the other ones you've heard about. And all of these anchor tenants are all very committed to the long-term mission of the company. They understand. They've been with us for many, many years. As you know, these contracts are long in term. We have some in five years plus, many of them have already been renewed. As a matter of fact, they're actually out there trying to help us drive additional community membership into these domes. So, it's all across the spectrum and including some of the stuff we're doing with the defense industrial base.
Ladies and gentlemen, we have reached the end of the question-and-answer session. I will now turn the call over to Gen. Alexander for closing remarks.
Thank you. We want you to know we are setting up the company as a SaaS-based disruptor in cybersecurity. This is a long-term endeavor and we are committed to making it a success. We believe and we are committed to our mission, transforming cybersecurity through collective defense. Thank you, and have a good evening.
This concludes today's conference and you may disconnect your lines at this time. Thank you for your participation. Have a wonderful day.