IMPORTANT INFORMATION: Please note the disclaimer/risk notice as well as the disclosure of potential conflicts of interest according to Section 85 of the German Securities Trading Act (WpHG) and Art. 20 MAR from page 32 Research report (initial coverage) “Cyber security growth market offers enormous potential for growth” Target price: 35.80 € Rating: BUY Completion: 18/04/2018 First published: 18/04/2018 Note on research as a “minor non-monetary benefit” according to the MiFID II regulation: This research meets the require- ments for being classified as a “minor non-monetary benefit”. For more information, see the disclosure under “I. Research under MiFID II”
36
Embed
Research report (initial coverage) - equitystory.com · CYAN AG Research report (initial coverage) 3 (T-Mobile). Since Q3/2017, the described MVNO and banking products have also been
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
IMPORTANT INFORMATION:
Please note the disclaimer/risk notice
as well as the disclosure of potential conflicts of interest according to Section 85 of the German Securities Trading Act
(WpHG) and Art. 20 MAR from page 32
Research report (initial coverage)
“Cyber security growth market offers enormous potential for
growth”
Target price: 35.80 €
Rating: BUY
Completion: 18/04/2018 First published: 18/04/2018
Note on research as a “minor non-monetary benefit” according to the MiFID II regulation: This research meets the require-
ments for being classified as a “minor non-monetary benefit”. For more information, see the disclosure under “I. Research
under MiFID II”
CYAN AG Research report (initial coverage)
1
Corporate profil
Sector: Software
Focus: IT security solutions
Employees: 27 (April 2018)
Founded: 2006
Registered Office: München
Executive Board: Peter Arnoth, Markus Cserna, Michael Sieghart
CYAN AG is a leading European provider of intelligent white-label IT security solutions with more than 15
years’ experience in the field of IT security with headquarters in Munich. The company’s core businesses
are mobile security solutions for mobile and fixed line (MNO, ISP) end users, virtual mobile operators
(MVNOs), insurance and finance companies, and government institutions. CYAN’s solutions can be easily
integrated into existing business partner infrastructure and introduced to the market through a revenue
share model. Full integration with the customer’s environment will also allow for data protection. CYAN AG
operates its own Research & Development Centre and maintains close links with universities, international
research institutes, security organisations, financial institutions and social organisations. The intensive
cooperation ensures early recognition of trends and technical developments for integration into CYAN
products.
P&L in m€ 31/12/17* 31/12/18e 31/12/19e 31/12/20e 31/12/21e
Sales 4.90 10.66 24.72 38.43 52.11
EBITDA 2.56 5.96 15.77 26.03 37.31
EBIT 2.36 5.76 15.57 25.83 37.11
Net profit 2.01 4.61 11.68 19.37 27.83
Per Share Figures in €
Earnings per Share 0.29 0.55 1.39 2.31 3.32
Dividend per Share 0,00 0.00 0.00 0.00 0.00
*GBC’s estimated pro forma financial statement of CYAN AG (incl. CYAN Security Group)
Key Figures
EV/Sales 41.95 19.28 8.32 5.35 3.94
EV/EBITDA 80.30 34.49 13.04 7.90 5.51
EV/EBIT 87.10 35.69 13.20 7.96 5.54
P/E 102.33 44.62 17.61 10.62 7.39
P/B 4.47
**last research published by GBC:
Date: publication/price target in €/Rating
** the research reports can be found on our website
CYAN AG was able to place 180,000 new shares at EUR 23.00 with investors as part of
the IPO (first listing of the share: 28/03/2018) on 23/03/2018. As a result, the company
received gross issuing proceeds of EUR 31.7 million.
The IT company primarily used the funds to exercise Call Option 2 from the option
agreement dated 11 December 2017 for the purpose of acquiring another 49.0% of the
shares in the CYAN Security Group GmbH. According to the securities prospectus, the
investment amounts to approximately EUR 26.0 million.
Furthermore, the remaining financial resources will be used to achieve organic and inor-
ganic growth potential to improve the competitive position of the CYAN Group on the
European market. On the one hand, the expansion of business activities in existing
countries and the development of further European markets should be driven forward.
On the other hand, the inflow of funds is intended to develop and improve the company’s
range of IT services further. The desired product expansion should take place primarily
by means of an acquisition strategy in the field of anti-virus protection. This is to ensure
that the IT company controls the entire supply chain.
Corporate structure as at 31/12/2017
CYAN AG (Munich, Germany) is the parent company of the business group. As a strate-
gic management and financial holding company, its services include the central man-
agement function and the financing and management of its investments. It mainly focus-
es on accounting and controlling, human resources, strategy, public relations and brand
development, IT and security of the entire CYAN Group.
The operating business is formed by its investment company, CYAN Security Group
GmbH (Vienna, Austria) and its subsidiaries, CYAN Research & Development s.r.o.
(Brno, Czech Republic), CYAN International Solutions GmbH (Vienna, Austria), CYAN
Mobile Security GmbH (Vienna, Austria), CYAN Networks Software Gesellschaft mbH
(Vienna, Austria), CYAN Licencing GmbH (Austria) and CYAN Mobile Security Poland
GmbH (Warsaw, Poland). The share in the CYAN Security Group has since been in-
creased to 100%, as part of the successful capital increase.
CYAN AG Research report (initial coverage)
6
Source: CYAN AG; GBC AG
The CYAN Security Group GmbH is the operating holding company that has taken over
classical central functions, such as bookkeeping and accounting, marketing, the legal
department and controlling, prior to the purchase by CYAN AG (see corporate action and
use of funds). These services are now increasingly being carried out by CYAN AG, so
that the CYAN Security Group GmbH can concentrate more on the operational activities.
CYAN Mobile Security Poland GmbH, Poland
CYAN AG, Germany
CYAN Security Group GmbH, Austria
CYAN Research &
Develop-ment s.r.o., Czech Rep.
CYAN Licencing
GmbH, Austria
CYAN Internatio-nal Soluti-
ons GmbH, Austria
CYAN Mobile
Security GmbH, Austria
CYAN Networks Software
Gesellschaft mbH,
Austria
51 % (since March 2018 100%)
100 % 100 % 100 % 100 % 100 %
100 %
CYAN AG Research report (initial coverage)
7
Historical events
Date Event
July 2006 • Founding of CYAN Networks Software GmbH • Start of B2B security business for corporate networks • First B2B contracts, for example with the Federal Ministry for European
and International Affairs (Ministry of Foreign Affairs) and the KBS - Knappschaft Bahn See (German Pension Insurance)
November 2011 • Founding of CYAN Mobile Security GmbH • Start of B2B2C contracts: Development of network-integrated security
solutions for mobile and telecommunications network operators for re-sale to their end customers
July 2013 • First B2B2C contract with T-Mobile Austria • Introduction of CYAN’s “parental control” solution and therefore an ex-
pansion of the product range to child protection solutions November 2013 • Subsequent B2B2C contract with T-Mobile Austria
• Introduction of the internet security solution for private customers
June 2014 • Founding of CYAN Security Group GmbH
August 2014 • Founding of CYAN Research & Development s.r.o.
January 2015 • Signing of a group contract with Deutsche Telekom AG, which defines commercial and contractual details for potential country contracts in the T-Mobile environment
August 2015 • Subsequent B2B2C contract with T-Mobile Poland
December 2015 • Founding of CYAN International Solutions GmbH
November 2016 • Start of the development of a network-integrated solution for mobile vir-tual network operators (MVNO)
March 2017 • “Proof of Concept” for MVNO solution with I-New in Mexico • Start of the development of a security solution for financial services pro-
viders, such as banks
April 2017 • CYAN AG founded • Extension of the T-Mobile Austria contractual relationship until the end
of 2021 • Acquisition of the business share of the company SysConn Soft-
wareentwicklung und Vertriebs GmbH (now: CYAN Licencing GmbH) by the company CYAN Security Group GmbH
May 2017 • Completion of the development of the security solution for financial ser-vices providers and start of worldwide marketing
September 2017
• First contract concluded with MyBucks in the field of financial services (security solutions)
November 2017 • CYAN AG economically re-established with change of the corporate purpose
December 2017 • Subsequent conclusion of the contract with Sberbank in the field of fi-nancial services providers; the contract includes a group contract
December 2017 • Contribution of the 25% share in CYAN Security Group GmbH to CYAN AG for a capital increase in kind by increasing the share capital of Cyan AG by EUR 16,650 to EUR 66,650.00
December 2017 • Signing of a CYAN AG option agreement for acquiring further shares of CYAN Security Group GmbH
• Exercise of Call Option 1 of the aforementioned option agreement for the purchase of a further 26% of CYAN Security Group GmbH with ef-fect from 15 February 2018 by Cyan AG
December 2017 • Implementation of a cash capital increase by increasing the share capi-tal by EUR 2,999,250.00 to EUR 3,065,900.00
January 2018 • Implementation of a cash capital increase from company funds by in-creasing the share capital by EUR 3,679,080.00 to EUR 6,744,980.00
• Implementation of a cash capital increase by increasing the share capi-tal by EUR 269,943.00 to EUR 7,014,923.00
February 2018 • Conclusion of a licence agreement between CYAN Licencing GmbH and I-New Unified Mobile Solutions AG
March 2018 • Implementation of a cash capital increase in the course of the IPO, in-creasing the share capital by EUR 1,200,000.00 to EUR 8,394,923.00 and including the Greenshoe for a further 180,000 shares. Immediately on the day of the initial listing, the option to acquire 49% of CYAN Secu-rity Group GmbH was exercised.
Source: CYAN AG; GBC AG
CYAN AG Research report (initial coverage)
8
Business model of CYAN AG
CYAN AG is a leading European provider of IT security solutions with many years of
experience in the field of cyber security with its corporate headquarters in Munich. The
company’s products and services are marketed to companies (B2B2C business model)
in the form of a white label and revenue sharing model. The core business of the IT
company is mobile security solutions for end customers of mobile and fixed network
providers (MNO, ISP), virtual mobile service providers (MVNO), companies in the insur-
ance and financial industry and state institutions. CYAN’s security solutions can be easily
integrated into the existing IT infrastructure of business partners, thereby also providing
customer data protection. CYAN AG maintains two research and development centres
in the Czech Republic (Brno) and Poland (Warsaw) and maintains close cooperation with
universities, research institutes and international institutes. This intensive collaboration
enables continuous development of our own cyber security solutions with early recogni-
tion of trends and technical developments.
Business segments
MNO*
MVNO**
Financial services providers
Government
USPs
• No additional downloads
• Easy implementa-tion
• Solution for on-top sales
• Integration into existing infrastruc-ture
• White Label
• Mobile & fixed network compati-ble
• Data protec-tion and pro-tection of pri-vacy
• Increasing profits with cost-saving potential
• Integration into existing infra-structure
• White Label
• No additional downloads
• Guaranteed comprehen-sive protection and safety
• Easy imple-
mentation • Simple alloca-
tion to end customers
• White label
• Easy implementation
• Digital protection of vul-nerable persons
• Support tools for parents
for child protection • Personal protection with
security features for emergencies
• White label
Products
• Network-integrated security solution
• App-integrated security solution (on-top)
• Personal security (on-top)
• Traffic opti-misation
• App-integrated security solu-tion (on-top)
• Personal security (on-top)
• App-integrated security solu-tion
• Personal se-curity (child protection, „panic button“)
• Personal Security (child protection, „panic button“)
Source: CYAN AG; GBC AG * Mobile Network Operator ** Mobile Virtual Network Operators
CYAN AG Research report (initial coverage)
9
Technology
CYAN’s technology is based on a global security network of over 200 virtual IT centres,
which uses artificial intelligence and 23 proprietary analysis methods to monitor internet
traffic for potential threats of damaging interference or content. An update of the data-
base every four hours ensures that internet protection is up to date.
Based on this database, CYAN AG develops various security solutions that are sold to
Mobile Network Operators (MNOs), Mobile Virtual Network Operators (MVNOs) and
financial services providers, and then on behalf of the CYAN Group customer, end cus-
tomers are provided with said solutions (“white-label”). This gives business customers
the opportunity to strengthen their own brand and increase customer loyalty.
To round off the product range, CYAN AG is also developing security solutions for gov-
ernments that help support new digital challenges.
CYAN Security Technology
Source: CYAN AG; GBC AG
The Deutsche Telekom Group, in particular T-Mobile Austria, which had a 75% share of
total revenue in 2017, is currently CYAN AG’s most important major customer. The con-
tract of both parties was extended in April 2017 until the end of 2021. With the successful
conclusion of the contract with T-Mobile Poland, the CYAN Group was able to gain an-
other market for its security solutions. Furthermore, the company is in further contract
negotiations with Telekom subsidiaries in Croatia, Bulgaria and Macedonia.
In the field of financial services providers, initial contracts have already been signed with
Sberbank and MyBucks. Another cooperation partner was also gained with I-New Unified
Mobile Solutions AG, an MVNO platform. The CYAN Group is currently in negotiation
with 36 other customers to expand and upgrade its network, particularly in South Ameri-
ca and Asia. In the near future, the CYAN Group also intends to expand its security
solutions to the betting and gaming market, where end customers are exposed to similar
potential threats with mobile device transactions.
Methods
23 proven CYAN analyze methods
Manpower
80k hours human
manpower per years
Data
+500bn data
requests monthly
Sourcing
Worldwide
honeypots with
+200 IT centers
4h worldwide updates
> 250m
database
entries
CYAN AG Research report (initial coverage)
10
72,85769,025 63,835
58,645
-3,832-5,190
-5,190
Grossbandwidth
overall
Pishes, Tracker,TCP overheads
Legal traffic Suspicious ads,TCP overheads
Clean traffic Clean ads, TCPoverheads
Ad free traffic
Customer segments/target groups
MNO (Mobile Network Operators) customer segment
The performance feature (USP) of the IT security solution in the MNO customer segment
from the company’s point of view is that the security software developed and marketed
by the CYAN Group can be installed in the data centre of the respective network opera-
tor without much effort and can therefore continuously assess the internet traffic pro-
cessed here. In this case, every transaction that takes place in the network of a network
operator is checked and analysed and assessed for dangers such as malware.
If the CYAN AG Data Centre identifies a hazard on a website accessed by a terminal
(such as a mobile device or tablet), the user is informed of the website’s dangerous
content. In addition, this website will be stored in the company’s database in order to
alert other network operators’ customers to this risk in the future.
Other USPs for business customers include the white label business model of the CYAN
Group and the mass market-proven IT security solution to generate additional revenue
Net present value of Terminal Value (TV) 202.70 223.87 Risk free rate 1.3%
Net debt -3.91 -11.86 Market risk premium 5.5% Value of equity 243.75 300.54 Beta 1.67 Minority interests 0.00 0.00 Cost of equity 10.4% Value of share capital 243.75 300.54 Target weight 100.0% Outstanding shares in m 7.01 8.39 Cost of debt 4.5% Fair value per share in € 34.75 35.80 Target weight 0.0% Taxshield 28.7% WACC 10.4%
Retu
rn o
n c
ap
ital WACC
8.4% 9.4% 10.4% 11.4% 12.4%
61.2% 48.24 40.81 35.35 31.19 27.94
61.7% 48.57 41.08 35.58 31.38 28.10
62.2% 48.90 41.35 35.80 31.57 28.26
62.7% 49.24 41.62 36.02 31.76 28.42
63.2% 49.57 41.89 36.25 31.95 28.58
CYAN AG Research report (initial coverage)
32
ANNEX
I.
Research under MiFID II
1. There is a contract between the research company GBC AG and the issuer regarding the independent preparation and publication of
this research report on the issuer. GBC AG is remunerated for this by the issuer.
2. The research report is simultaneously made available to all interested investment services companies.
II.
Section 1 Disclaimer and exclusion of liability
This document is intended solely for information purposes. All data and information in this study come from sources that GBC regards
as reliable. In addition, the authors have taken every care to ensure that the facts and opinions presented here are appropriate and
accurate. Nevertheless, no guarantee or liability can be accepted for their correctness – whether explicitly or implicitly. In addition, all
information may be incomplete or summarised. Neither GBC nor the individual authors accept liability for any damage which may arise
as the result of using this document or its contents, or in any other way in this connection.
We would also point out that this document does not constitute an invitation to subscribe to nor to purchase any securities and must not
be interpreted in this way. Nor may it nor any part of it be used as the basis for a binding contract of any kind whatsoever, or be cited as
a reliable source in this context. Any decision relating to the probable offer for sale of securities for the company or companies
discussed in this publication should be taken solely on the basis of information in the prospectuses or offer documents which are issued
in relation to any such offer.
GBC does not provide any guarantee that the indicated returns or stated target prices will be achieved. Changes to the relevant
assumptions on which this document is based can have a material impact on the targeted returns. Income from investments is subject
to fluctuations. Investment decisions should always be made with the assistance of an investment advisor. This document cannot
replace the role of an advisor.
Sale outside the Federal Republic of Germany:
This publication, if sold in the UK, may only be made available to those persons who, in the meaning of the Financial Services Act 1986
are authorised and exempt, or persons as defined in section 9 (3) of the Financial Services Act 1986 (Investment Advertisement)
(Exemptions) Decree 1988 (amended version) and must not be transmitted directly or indirectly to other persons or
groups of persons.
Neither this document nor any copy of it may be taken into, transferred to or distributed within the United States of America or its
territories and possessions. The distribution of this document in Canada, Japan or other jurisdictions may be restricted by law, and
persons who come into possession of this publication should find out about any such restrictions and respect them. Any failure to
respect these restrictions may represent a breach of the US, Canadian or Japanese securities laws or laws governing another
jurisdiction.
By accepting this document you accept all disclaimers of liability and the restrictions cited above.
You can find the details of this disclaimer/exclusion of liability at:
http://www.gbc-ag.de/de/Disclaimer.htm
Legal information and disclosures as required by section 34b para. 1 of Securities Trading Act (WpHG) and Financial Analysis
Directive (FinAnV)
This information can also be found on the internet at the following address::
http://www.gbc-ag.de/de/Offenlegung.htm
Section 2 (I) Updates
A detailed update of the present analysis/analyses at any fixed date has not been planned at the current time. GBC AG reserves the
right to update the analysis without prior notice.
Section 2 (II) Recommendation/ Classifications/ Rating
Since 1/7/2006 GBC AG has used a 3-level absolute share rating system. Since 1/7/2007 these ratings relate to a time horizon of a
minimum of 6 to a maximum of 18 months. Previously the ratings related to a time horizon of up to 12 months. When the analysis is
published, the investment recommendations are defined based on the categories described below, including reference to the expected
returns. Temporary price fluctuations outside of these ranges do not automatically lead to a change in classification, but can result in a
revision of the original recommendation.
CYAN AG Research report (initial coverage)
33
The recommendations/ classifications/ ratings are linked to the following expectations:
GBC AG's target prices are determined using the fair value per share, derived using generally recognised and widely used methods of
fundamental analysis, such as the DCF process, peer-group benchmarking and/or the sum-of-the-parts process. This is done by
including fundamental factors such as e.g. share splits, capital reductions, capital increases, M&A activities, share buybacks, etc.
Section 2 (III) Past recommendations
Past recommendations by GBC on the current analysis/analyses can be found on the internet at the following address:
http://www.gbc-ag.de/de/Offenlegung.htm
Section 2 (IV) Information basis
For the creation of the present analysis/analyses publicly available information was used about the issuer(s) (where available, the last
three published annual and quarterly reports, ad hoc announcements, press releases, share prospectuses, company presentations,
etc.) which GBC believes to be reliable. In addition, discussions were held with the management of the company/companies involved,
for the creation of this analysis/these analyses, in order to review in more detail the information relating to business trends.
Section 2 (V) 1. Conflicts of interest as defined in section 34b para. 1 of the Securities Trading Act (WpHG) and Financial
Analysis Directive (FinAnV)
GBC AG and the analysts concerned hereby declare that the following potential conflicts of interest exist for the company/companies
described, at the time of this publication, and in so doing meet the requirements of section 34b of the Securities Trading Act (WpHG). A
detailed explanation of potential conflicts of interest is also listed in the catalogue of potential conflicts of interest under section 2 (V) 2.
In relation to the security or financial instrument discussed in this analysis the following possible conflict of interest exists:
(5a; 5b;11)
section 2 (V) 2. Catalogue of potential conflicts of interest
(1) GBC AG or a legal person connected to them holds shares or other financial instruments of this company at the time of publication.
(2) This company holds over 3 % of the shares in GBC AG or a legal person connected to them.
(3) GBC AG or a legal person connected to them is a market maker or designated sponsor for the financial instruments of this company.
(4) GBC AG or a legal person connected to them has, over the previous 12 months, organised or played a leading role in the public
issue of financial instruments for this company.
(5) a) GBC AG or a legal person connected to them has over the last 12 months agreed to create research reports for this company in
return for payment. As part of this agreement the issuer was shown the draft of this analysis (excluding the evaluation section) prior to
publication.
(5) b) After receiving valid amendments by the analysed company, the draft of this analysis was changed.
(6) a) GBC AG or a legal person connected to them has over the last 12 months agreed with a third party to create research reports
about this company in return for payment. As part of this agreement the issuer was shown the draft of this analysis (excluding the
evaluation section) prior to publication.
(6) b) After receiving valid amendments by the third party, the draft of this analysis was changed.
(7) The analyst responsible for this report holds shares or other financial instruments of this company at the time of publication.
(8) The analyst responsible for this company is a member of the company's Executive Board or Supervisory Board.
(9) The analyst responsible for this report received or purchased shares in the company analysed by said analyst, prior to the time of
publication.
(10) GBC or a related legal party has closed an agreement with the underlying company regarding consulting services during the
previous 12 months.
(11) GBC or a related legal party has a significant financial interest in the analysed company, for example to get mandated by the
analysed company or to provide any kind of services (like the organization of fair, roundtables, road shows etc.).
(11) GBC AG oder eine mit ihr verbundene juristische Person hat bedeutende finanzielle Interessen an dem analysierten Unternehmen,
wie z.B. die Gewinnung und/oder Ausübung von Mandaten beim analysierten Unternehmen bzw. die Gewinnung und/oder Erbringung
von Dienstleistungen für das analysierte Unternehmen (z.B. Präsentation auf Konferenzen, Roundtables, Roadshows etc.)
BUY The expected return, based on the derived target price, incl. dividend payments within the relevant time horizon is >= +
10 %.
HOLD The expected return, based on the derived target price, incl. dividend payments within the relevant time horizon is >
10 % and < + 10 %.
SELL The expected return, based on the calculated target price, incl. dividend payments within the relevant time horizon, is
<= - 10 %.
CYAN AG Research report (initial coverage)
34
Section 2 (V) 3. Compliance
GBC has defined internal regulatory measures in order to prevent potential conflicts of interest arising or, where they do exist, to declare
them publicly. Responsibility for the enforcement of these regulations rests with the current Compliance Officer, Kristina Bauer, Email: