London United Kingdom – 06 May 2020 – Cyber Security 1 AB (Publ) (the “Company”) (“CYBER1”) (Nasdaq First North: CYB1), has today published an open letter from the Group CEO, Daryn Stilwell.

“Dear fellow shareholders,

I am writing to you following the publication of our FY20 Q1 results and the recent announcement relating to the application for admission into company reorganisation process to specifically relay my thoughts and comments on my first 90 days as Group CEO, on how the Group progressed in 2019 and, what lies ahead for Cyber1 in these turbulent times.

Looking back for a moment, FY19 was another exceptional year in terms of progress with the overall strategic growth plans of Cyber1.  This progress was, as we are all too aware, overshadowed by the unexpected and tragic event of the passing of Kobus Paulsen in late December.  With this came a number of significant challenges for Cyber1, including a change in overall leadership, as well as a material narrowing of opportunities to obtain operating capital.  The latter being significant in that the Cyber1 strategy had been focused on expansionist M&A and dynamic organic revenue growth underpinning the Cyber1 platform, both requiring additional externally sourced growth capital.

The Group is responding to these, and other challenges, by sharpening its focus and strengthening its efforts to maximise its existing value as further detailed in this letter.

As context, Cyber1 had been set up as a Cyber Security growth platform to attract fragmented parts of the cyber security industry to, in a three phased approach, achieve a wholistic and end to end Cyber security product and service provider.  The strategy is briefly touched on below:

CYBER1 Strategy 

The first phase was the acquisition of Value-Added Distributions (VAD) and Value-Added Resellers (VAR) networks, both to acquire vendor relationships and customer relationships, and to drive organic and inorganic revenues to achieve a critical mass.  These are the existing subsidiaries in the group (i) Credence Security, (ii) DRS, (iii) Protec and (iv) Cognosec.  As part of this phase, Cyber1 was then listed on Nasdaq First North Growth market to enhance transparency and to allow for exposure to investors to support its growth funding discussions and needs.  The first phase was complete as of January 2019.

The second phase to be implemented during 2019 was the acquisition of Cyber security advisory/consultancy business to overlay with the VAD and VAR business.  This was to provide a structured approach to the pure services element and to build on the profile and credibility of the Cyber1 platform as a truly holistic Cyber security business.  This second phase is also intended to support and address the margin pressure in the VAD and VAR businesses, experienced in the first phase, and bring the group into EBIDTA positive territory.  The respective acquisitions had been identified and were in the final stages of completion as of January 2020.

The third phase is the acquisition and/or organic build of the Group’s existing Managed Service Offering to further drive margins, increase annual recurring revenues, and to support the scalability of the first two phases.

The vision for the Group was for Cyber1 to become the quintessential cyber security platform and to be at the forefront of reshaping the delivery of cyber security services for customers.  The strategy thus far has delivered revenues of just over €14m in FY16 for the Group, to revenues of just under €70m at the end of FY19, and with forecasted revenues, both from organic and M&A, in excess of €145m with the Group entering into profitability for the first time in the latter stages of FY20.

This strategy was highly dependent on the support of external parties to fund its operationally intensive and cost heavy implementation.

Refocus of the Strategy 

In Q1, the Group has had to pause and take stock of the development of the second phase of the strategy and to specifically evaluate what would be in the best interests of shareholders moving forward.  Following an Extraordinary General Meeting at the end of January, a new board of directors was appointed and with that the appointment of myself to take on the role of Group CEO.  The change in leadership and the reflection on what is next for Cyber1 has resulted in a temporary shift in the strategic intent of the Group, away from the expansionist M&A and revenue growth to an extended period of stabilisation and integration.  This extended period of stabilisation (referred internally as “Operation Atlas”) will be earmarked by a move towards the streamlining of operations, maximising of synergies across the Group from integration activities, and a more towards profitability.

The activities in relation to the second phase of the Cyber1 strategy are now, while the relationships with the various M&A targets remain open and good, on an indefinite hold until the completion of Operation Atlas.  This is anticipated to be at least until the end of FY20, at which time the board will reassess the situation.  This hiatus will specifically include all of the activities announced in relation to the exploration of a US listing through a Special Purpose Acquisition Company (SPAC).

A number of activities in terms of Operation Atlas have already commenced and with some of them already starting to have a significant effect for the Group.  By the end of the summer, head office operations for the Group will see up to a 70% reduction in operating costs as a result of the focus of resources on integration and profitability.

CYBER1 Challenges 

At the end of FY19, the Group was left with a number of material challenges and as a consequence the board has taken a number of strategic decisions to address these.  At the end of FY19, the ITWAY acquisition of entities in Turkey and Greece remained in a state whereby a number of post completion conditions had not been fulfilled.  Despite last minute negotiation attempts on both sides, the parties were not able to come to a suitable way forward and parted ways.  This is a disappointment development, as the transaction was a long way down the path to integration into the Cyber1 Group. On a positive note, this development will allow the current resources to be focused on the delivery of Operation Atlas for the shareholders.  The departure of the ITWAY companies will not affect the long-term core strategy, nor affect Cyber1 in any of its key strategic markets.

In terms of further challenges, as a result of the previous M&A strategy, and the Group’s anticipated move into the US with a SPAC, the Group incurred a significant amount of financial, legal and professional advisory support fees that remain a burden to the Group.  Cyber1 maintain good relationships with these firms and are working with them to come to suitable terms.

In addition to the above, a number of non-commercial decisions were undertaken by the previous management of the Group, which resulted in the over-extension of the available Cyber1 commercial resources at a period of significantly reduced cashflow resulting from its M&A strategy.  The current Cyber1 executive team and management are in negotiations with vendors and customers with the specific aim to resolve this going forward and move towards profitability as part of Operation Atlas.

Despite the significant operational revenue growth displayed by the Group in each year since its listing on Nasdaq, and the unrelated performance in the Cyber1 share price despite the year on year growth, the Group has been unsuccessful in being able to raise material growth capital to support its strategic plans.  This has left little room to manoeuvre.  The board is considering a number of options to address both these challenges, which will be communicated to the shareholder basis at the appropriate time in due course.

None of these challenges are insurmountable.

COVID-19

In the current turbulent climate, I would like to update shareholders on the matters that relate to the COVD-19 outbreak and the Cyber1 response.

The first and immediate impact assessment undertaken by the Cyber1 executives was to ensure the Cyber1 Group staff and their families are protected and well informed by repeating and asking them to follow the local advice from the governments in each jurisdiction.

We will continue to monitor the situation as it develops.

In the second impact assessment, we have been evaluating our business to see if this will affect any of our customers and considering how best to ensure they are not impacted from a service delivery perspective, as well as from additional exposure to risks from criminal and/or fraudulent activities.  This impact assessment is underway and fortunately given the industry we are in and the manner in which our staff operate, already for the most part working remotely will not have as much of an impact as it would with some of the other industries.

In terms of our wider business and customers, we can at this early stage report that some of the business has been positively affected with a surge in demand for products related to cyber security in a home working environment while other areas have potentially been negatively affected with budgets allocated for spend in Q2 being placed on hold.  This has been most prevalent with Credence Security (VAD) where most of its high revenue countries are under full lock down with fully restricted movement of its population.  Our South and East African operations have also felt the effect with the change in the local exchange rates, but this is being managed to mitigate any material effects.

The third impact assessment would be a strategic reaction to a longer-term plan resulting from a change in our customer behaviour and/or their needs as a direct response to how business may change in the future.  This is as yet unknown, and we will monitor this with our customers and vendors as the situation develops.  We have taken a number of anticipatory and precautionary measures into our planning and forecasting for the remainder of FY20.

Government funding opportunities – COVID-19

We are exploring the various funding packages being offered by governments related to the COVID-19 pandemic and we have been in touch with our banks in the UK and Sweden for advice as well as within our network of advisors.

CYBER1 Group Swedish reorganisation / reconstruction process 

Further to the recent announcement, the Cyber1 board has, during the course of its evaluation of the Group for purposes of Operation Atlas, considered a number of options available to it to allow for a period of stability and confidence to be restored to its investors and internal and external stakeholders.

It has been decided to apply for a Corporate Reorganisation Proceedings (företagsrekonstruktion) in Sweden, which will allow the company a period of up to 3 months (which may be extended) to agree a compromise with its creditors and a suitable payment plan of up to 12 months going forward.

Throughout the period of reorganisation, the Cyber1 Group will continue to trade as normal (with some actions requiring the consent of the administrator where the position of existing creditors may be concerned) and such the process does not affect the day to day operations of Cyber1 or any of its subsidiaries.

It is the belief of the board of directors that the application for Corporate Reorganisation Proceedings (företagsrekonstruktion) is the best option, given the stable underlying business operations, to provide Cyber1 with the stable platform to encourage investment, to address the challenges identified above and to allow the management of the Group to implement Operation Atlas.

In summary 

Through Operation Atlas and beyond, we will be focusing on investing in the capabilities we need, the knowhow and the talent to continue to create value for you, our shareholders.

We also want to thank you for your continuing support, your confidence and above all for your trust.

Rest assured that our passion for Cyber security, and our passion to fulfil the initial strategic intent for the Group in a sustainable manner will lead us to generate the sustainable, profitable returns you rightfully expect from us.”

Daryn Stilwell
Group CEO

This information is information that CYBER1 is obliged to make public, pursuant to the EU Market Abuse Regulation. The information was submitted for publication, through the agency of the contact person set out above, on 6 May 2020 at 19:00 CET.

Certified Adviser

Mangold Fondkommission AB is the Company’s Certified Adviser.
Telephone: +46 (0)8 5030 1550 E-mail: info@mangold.se

FOR FURTHER INFORMATION, PLEASE CONTACT:

European Investor Relations Contact:

Tim Metcalfe / Zach Cohen
CYBER1 Email: cyber1@investor-focus.co.uk

US-Investor Relations contact, CYBER1

Matt Glover: U.S Investor Relations contact, CYBER1
Email: cyber1@gatewayir.com

ABOUT CYBER1

CYBER1 is engaged in providing cyber resilience solutions and conducts its operations through physical presences in UK, Sweden, Kenya, South Africa, United Arab Emirates and the United States. Listed on Nasdaq First North Growth Market (Nasdaq: CYB1.ST) and as an American Depositary Receipt (OTCQX: CYBNY), the Group delivers services and technology licenses to enhance clients’ protections against unwanted intrusions, to provide and enhance cyber resilience and to prevent various forms of information theft. CYBER1 had revenues of 68.73m EUR in 2019. For further information, please visit www.cyber1.com/investors.

For further information please visit: www.cyber1.com

For all company filings and reports, please visit: https://cyber1.com/cyber1-investor-information/