CMD 2021

Aug 31, 2021

Good afternoon, everyone, and welcome to f Secure's Capital Markets Day 2021. I'm Henrik Kiely, responsible for Investor Relations at F Secure. I'm today joined with our speakers. We will have first Johan Hindikka presenting the Group strategy and also laying the cornerstones of our corporate security strategy. After that, we'll have a first Q and A session. Then Joakki Vikoski, EVP of Business Security, will take the stage. After his section also, we'll take a Q and A. Then Edvard Parsons will come to the stage and talk about cybersecurity consulting, after which we'll also have a separate Q and A. And finally, Timo Arksenen will introduce the consumer security strategy followed by a Q and A. After that, we'll dive into the financials with Johan Hinde Hink. But now, Johan Johan, stage is yours. Thank you, Henry. Great to be here. Good afternoon, everybody. And this Actually, it's been a while since we had our last Capital Markets Day. So I think it's time that we came out and And engage with all of you. And great to see so many of you here also physically and also would like to welcome all who are following us online. So today, as said, we will share highlights from our strategy And then also talk about the growth opportunities and longer term financial targets we have for our company. And as said, I'm joined here by part of our leadership team who will follow me as speakers. This topic headline in a way captures a lot of the things that we consider important, outcome based security through the fusion of technology, Human Expertise and Partnership. All of those words are important. When we say outcome based security, we really mean that we need to demonstrate The value that comes from our solutions and from our expertise for our customers and we need to accomplish that. We need both Great technology and deep human expertise and all joined by the partnership we have among ourselves in the company, but also Very much among us, our partners and customers. I'm happy to report that after this successful transformation That has been going on for the past few years. We are we have ended up with 2 strong businesses that are both growing and growing profitably. So looking at the graphs here on the left hand side in the dark blue, You see our corporate security revenue. And in the gray bar, you see our consumer security. That gives you an idea of the size of the company. And Worth mentioning that in Consumer Security, we brought the €100,000,000 mark for the first time last calendar year and fiscal year. Profitability is improving after an investment cycle. So we have been talking about the investments that we have needed to take. And now we are starting to react some of the benefits as you can see from the numbers, more about the content and the facts behind this growth and development a little bit later on. The market That we're serving is in a really exciting stage. Of course, when we look at our customers and what is happening around us, It's clear that it is a data driven algorithmic world, which in a way means both the fact that These algorithms and that data needs to be protected. It's key to the business processes of companies. It is also about individuals' own right to protect their own data. It also means that AI, Automation, machine learning are technologies that are increasingly relevant also in terms of the actual technology that we develop and use for Tackling this environment and that is also something that we have been investing in. Cloud is mainstream. It's almost a cliche to say that, but that of course is a reality that not everybody yet is in the cloud when we look at the Corporate customers around us, but most of them are on their way. That also means that the products that are being developed and that includes So our products are increasingly cloud native and we see the strongest growth coming from that. We all know that distributed work and remote work is here to stay. How long will that stay and in which format will that stay is still Open and there are differences of opinion what that will look like going forward. And I don't think there is a Clear one answer to that. But one thing is for certain, digitalization has taken a leap forward and that infrastructure needs to be protected And not all of it has been designed to actually kind of operate in such a way that most of the workforce is working outside of the offices, Some more work for us. And then finally, if we look at the overall cybersecurity market, it is increasingly complex. And that also means that for the customers, for the corporates that we are protecting, It looks complex and many of them have elected to actually purchase the security as a service. When we say servitization of security, we really mean that we need to be able to provide and deliver and sell The security solutions services as serviced packages that can be consumed at will. The markets that we are serving looking at f Secure are the following. So from the top, we see the corporate security products, where we see the highest growth with the 15% CAGR, A 22,000,000,000 USD or euro market. We have the cybersecurity consulting market, which is the largest market growing at about 10% CAGR. And it's, of course, clear that this market is very, very large because simply there are no products for some of the cybersecurity challenges that will continue to be services driven. And then we have the consumer security market At 4% CAGR growing and of course that has been reflected also in all of our numbers. And we are present in all of these three segments and all of our businesses are growing. If you look at our recent publications regarding the Q2, you can see that We're happy to report that all of our businesses are growing and our profitability is improving. And that, of course, It's an excellent basis for developing our company further. We have also spent time in the Spring to articulate our strategy. And of course, a foundation for our strategy has been the good work that's been done in the company or the past few years. We actually looked at the elements and essence of that company and the culture And as part of the strategy work in the springtime and one of the things that came up from that work was that It's emanating both from the discussions between us and our customers and also among our people that we really f Secure stands for Good partnership. And if you pause to think about it, what does it really mean? Well, in a market where you need to have great products And great people in order to actually even to be able to discuss with the customers and have a seat at the table, You need to have that, but on top of that you need to have something else to differentiate. And in our case, it's very much about this Good partnership that we have built, we are demonstrating and taking forward and that is really a cornerstone of our strategy. We have also articulated some lofty goals for us as part of the work. And 1st and foremost, and this is probably the boldest goal, is to state that no one should experience a serious loss from a cyber attack, At least nobody who partners with us. And that is a direction we want to take. And that is the direction we want to take in partnership with our partners, with our customers and of course among ourselves as a company. Our people Are the most precious asset in our company and we want to take really good care of our people. We want to provide them with an environment where they can develop And where they can feel that they are contributing and also making a difference. For many of our people, it means a lot To be actually working in our company and in this industry where they feel that they are making a positive impact in the society around us. And we really want to nurture this and be the most desired partner in cybersecurity, but also the most loved place of work in cybersecurity. And finally, as said, as an industry and also as a company, We are working more towards a security as a service company going forward. And that, of course, will materialize itself as Increasingly become a SaaS company that tracks its progress through annual recurring revenue. How will we win then? What are the elements or the components of our strategy that are Really important. And we will talk more about this in detail, but just covering them highlight. One of the bigger piece of news for today is that we will be launching a new brand for our B2B business. We have clearly seen that there are distinctive needs for our consumer business and for our B2B business. We need to be able to articulate the focus and the customer orientation also in terms of the branding and what the brand stands for. And therefore, we have launched this exercise of coming up with a B2B brand. And our timeline Yes, to have finalized this work by the end of this year so that we would be able to launch it beginning of next year at the latest. Combining technology and real world expertise really is about the fact that it's hard to solve the cybersecurity Problems of the world and of the customers with products alone, but it can be a real winner if you combine the products with the expertise our people bring at Into the Table. We want to monetize through software and solutions. Software And technology behind the software is important for all of our businesses that provides a lot of the scale Impact that we are seeing and also provides a good platform for further automation and repetition of our solutions in the market. We have invested in 1 data powered platform countering active attacks and this of course is something that we will continue to Further enhance and evolve and we are in the process of rolling the latest version of that to our customers. Especially in our consulting business, we have developed deep expertise about chosen verticals. And in our Business Security Business Unit, we have taken forays into new ecosystems that we will talk about later on today. And we need to be flexible about how we work with our customers. We need to have flexible ways to subscribe for our services, and we believe that will be one of the key cornerstones of our success. This picture seeks to highlight the different on one hand the different businesses we are in, But also the different playbooks that are required. What do I mean by that? On the left hand side, we're talking about The consumer business. And the consumers, we are addressing primarily through our partner channel, which to a large degree consist Telecom operators around the world. We have about 200 of them, but also other types of partners. And then we have an online business That's where we sell solutions to consumers directly. Then we have the B2B part, where, as said, We are developing a new distinctive brand for the corporate security to cover all of the things we do underneath. And actually that what we do underneath from a customer standpoint can be divided into 2. So we have the mid market businesses that we're addressing Through our partner channel, partner network that we have developed over time and are now accelerating the growth of that. And then we have the enterprises that we address directly. And this is largely about our consulting, but also our managed Detection and Response Capabilities. And as we have communicated this morning Separately, we're evaluating options to capture growth opportunities in all of our businesses. And I emphasize the fact That we have excellent opportunities to go to grow all of these 3 businesses or 2 businesses, if you count consumer and B2B as 2. But at the same time, we're conscious of the fact that in longer term, we need to also ensure adequate resources for continue and even accelerate the development of these businesses. And for that reason, we have to this morning announced that we have decided or the Board of Directors has Decided to carry out a review and evaluate the possible listing of our consumer security business. The time line for this that we have indicated is that this Evaluation will be completed by the end of H1 of 2022. So a few words about the technology and real world expertise. What does it really mean? So in our industry, typically, When you look at products, one of the things that makes it particular to the information security is that It's hard for the customers actually to evaluate themselves which products actually work well and which don't. So for that reason, there are outside agencies and certification bodies that routinely test products and then issue Findings and of course rankings based on those. And f Secure has been excelling in this Test, for example, the awards that you see here regarding the AV test, for example, we have won the most Of them since inception and we have, of course, other certifications where we have done really well like MITRE And we have been recognized by Gartner, Peer Insights and so forth. There are many other things like that one. One particular thing which is related also to our technology excellence is the Blackfin, which is Referring to the artificial intelligence platform that we have developed inside the company that does many things, but one of the things it does Really well that it helps us also manage the cost related to our cloud usage in the company, which is, of course, increasing as we are moving Increasingly to cloud native products. On the right hand side of this picture, you see then the people part, which is about the Experts. So it can mean different things. It can mean that we have partners who are using the f Secure Elements products, but there is a services need That they cannot tackle themselves. And we are offering them as part of the platform the ability to just simply elevate that problem to f Secure And F Secure will step in and take care of that. Then we have our own managed detection and response, which as the name says, it's about a managed service where the customer doesn't have necessarily the capability in their own team to come in and manage the platform, we'll come in and do it for them. And it goes without it goes with the people and typically these are longer term engagements that we have at our customers. And then of course, the cybersecurity consulting that Ed Parsons will talk more about later, which also It's a combination of project business, but also longer term engagements. All good companies need great teams. And of course, it's not just the leadership team that we are talking about here, but teams in our entire company, One of the cornerstones of our success so far and will be going forward is the culture, the people that we have inside Our company and we, of course, want to nurture and further develop the fellowship culture, as we call it, inside the company. But here is the leadership team and some of the changes that we have made there most recently. And one person that I would actually like to introduce to this audience because you will be dealing with him later on. His name is please come on stage Tom. This is Tom Janssen. Tom is our new CFO. He will be starting 1st September, and they will be working together, Both of them with Erika Soderstrom, our current CFO, during the month of September. So really happy to have you on board, Tom. Welcome. So moving on And talking a little bit more about the corporate security strategy. So as mentioned, we are addressing Two parts of the market, the mid market and the enterprise that have differing needs and particular characteristics. So the mid market we are primarily addressing with our partner network and we are working very closely with them. And of course, Juha will talk more about that later, but as you will find out, it's much more than just the products. These partners that we work with typically have limited internal cybersecurity capabilities. So we complement them. And increasingly, of course, this business is about protecting the cloud environments that we have. Then we have the enterprise piece. And there, clearly, if we look at some of the most demanding customer segments like financial sector. The customers themselves need to ensure that they comply in terms of regulation and the framework that's required from them also from a cybersecurity perspective. And of course, we help them with that. The most complex customer cases are here. These are some of these sectors that are most under threat or under attack typically. So on one hand, of course, it's an extremely challenging environment. It requires us to have the expertise that we can provide And we have built our position there and are clearly a recognized player. At the same time, it is an opportunity for us also to Understand that what is going on, what is happening in the market, what is the threat landscape and also funnel that information into our product processes as input. This is a business of trust and this typically is about entering a new customer, Showing that you can do something to deliver credibly, show the outcomes and gradually build yourselves into the position of being a trusted vendor. Industry vertical understanding is also required here. In some cases, it's not Just about the technology environment, but it's also understanding the regulatory and business framework that there is. So we follow the customer and sell according to the need on the business security product side, Channel sales, mid market, software and here we have most recently at the end of June end of May, we have launched The Elements portfolio. Then we have the solutions part, as we call it. We have the managed detection and response and consulting. Part of our offering is human expertise combined with the technology that we have underneath. And here, we tackle that market directly. We also see that there is a synergy between managed detection and Consulting when we can enter, for example, one customer case with a consulting engagement and then move on to a longer term engagement. And this is our portfolio. I talked about elements, which is a key part of our portfolio recently launched that covers Endpoint Protection, but also, of course, increasingly we'll talk about endpoint detection and response. That has been the evolution. These are often bundled together, but also nowadays sold separately. Collaboration protection and vulnerability management are also Part of it. And then on the right hand side, we have then some other areas like Cloud Protection for Salesforce has its own offering. Jan will talk more about that one and then Managed Detection and Response and Consulting more services driven offering. The joint things that we share are the technology elements that we have underneath. There's the artificial intelligence and machine learning, where we have invested quite a bit over the recent years. And of course, we share the information regarding the threat landscape And that is something that is benefited by the whole company. And increasingly, of course, this is about data processing and understanding how to take advantage of data in this environment. When we talk about flexible subscriptions, We really talk about different commercial models that we're able to offer to the customers. So Typically, of course, this has been about the license, but then we have moved on to longer term subscriptions. We've introduced usage pricing. And of course, we also, in many cases, we need to demonstrate the value it needs to be outcome based, especially in the solution engagements. The key to our success is that our partners are successful. And of course, beyond the portfolio, we have also then Other things that are crucial that make up the whole thing such as partner programs, competence development, the user interfaces and automation and so forth. We have seen positive results about increasing actually the cross selling of our solutions. And here you see evolution that what is the Percentage with more than 2 solutions from f Secure and you see the gradual improvement. And of course, we need to And want to improve that over time. This is also very much part of our land and expand strategy, which is about entering the customer, demonstrating the value and then gradually building our presence there. And that's how we get the synergy also between the different B2B businesses. When I talked about the chosen verticals and this is especially true for our consulting business, I mentioned Financial Services. Here In Nordics, for example, all of the 5 top banks are our customers in U. K. As well in North America, 3 out 5 and in Singapore, 4 out of 5 top banking institutions are our customers. In addition to that, We, of course, serve the technology sector. So many of the software companies, for example, are very advanced in terms of their Cyber capabilities, but also the needs to develop them further. We help them with our consulting skills. We have the communications industry, the telecom operators that we also serve from a consulting perspective and then a very large segment that is True also for enterprise, but also in mid market is the manufacturing sector. And then I mentioned the ecosystems. We will talk more about them later on, but we see really promising development now for the cloud protection for Salesforce business and also the collaboration protection in for Microsoft 365. As mentioned, we are gradually building this towards a SaaS company and that of course will be reflected in the metrics. Here you see how our ARR has been developing on a year on year basis. So we are moving to the right direction. Of course, we continue to Report on that progress as we advance. Here is the development of our order book. So you see how that has been evolving from H2 2020 to H1 2021. And you see also here, I think for the first time how we're splitting this between managed detection and response and then business security software. And some of these orders, of course, we are booking in. So we in a way call it having the orders in the balance sheet, So that we have the ability then to monetize those later on over time and we are increasing this Deferred revenue, as we say, and you can see the evolution how it goes. This, ladies and gentlemen, concludes my first part. I will be back for a summary In the end, but now I believe, Henry, it's time for a few questions. Yes. So first off, let's start with a reminder for all the folks listening to the webcast. So you can also submit your questions in the webcast portal and I will then ask those questions to our management. But now let's start off with questions from the room. Good afternoon. It's Mattriy Konekanen, Carnegie. A couple of questions related to the plans to split the company. I think earlier your message has been That the technology platform for f Secure is common for both businesses, so corporate and consumer. And now if you split the company 2, what will happen to the kind of core technology platform And of course, the competencies related to it, how does it kind of serve 2 separate companies if that is to be the case? Yes. So first of all, part of the technology platform is common. There are also specific elements that are only specific for Consumer. What we foresee and of course we are just conducting the evaluation, so we haven't executed on any decision. But what we foresee happening is that we can provide an operational structure where we can, if required, continue to serve also the Consumer business from a technology perspective. And this is actually quite common in our industry that you are actually Getting some part of a technology from the cloud from another provider. Okay. Thank you. Then regarding the timing, when did you start to get the idea that there would be kind of Better version of the company would be that it would have 2 separate lives. I mean, did it come after Simantek kind of split into the Norton LifeLock consumer business or after you saw that Norden has actually been consolidating the market and taken many of your competitors to their umbrella. So we have been conducting a review on the strategy of the company and the options in the springtime. Part of it has been also related to this question. So I think that's a natural evolution of That work rather than a reaction to anything specific happening in the marketplace. Thanks. And can I finally ask Were you approached during the time that Norton has been making the kind of ambitious moves? And did that lead to your thinking that maybe it would be worthwhile to have a company in 2 parts so that you could be utilizing M and A opportunities in both. Of course, we haven't been officially approached and we would have been obliged to communicate That kind of things. But I will say this that, of course, when you look at the market around us, there's quite a lot going on. At the moment, we've seen Examples of consolidation. And there's a regular dialogue also going on in the market among the players. And I think that's Normal course of business, and I foresee that to continue as well. All right. Thank you. Thanks. So any other questions? Jakot Torbenen from SEB. Just hypothetically, if you lease the consumer business and raise Money or gain some money to the remaining F Secure, what are the plans for those proceeds then? Where are you going to invest it? And should we assume a bit more heavier investment phase for the Corporate Security side. So first of all, we're quite happy with the current situation that is where we have organic growth and where we see improving profitability. We see that the investment cycle that has led into situation like this It's behind us now. Speculating about the future where that kind of decision to be taken, of course, we would look at then the overall picture what would make most sense. And Of course, we would have all options open for us whether it would be about M and A or expansion of the portfolio or even some kind of a geographic expansion. And I think that work is still ahead of us. Okay? Then any other questions? It's Pekka Silveste from Danske Bank. So firstly, Could you give some more color on what's the main reason behind this potential spin off of the consumer business? So is it To make the organization more lean in order for make it easier to reach growth or is it to be able to invest more in R and D or What is behind this? So one of the things that we have been Reviewing and clearly targeting has been to recognizing the fact that we operate in different businesses, consumer and B2B, It's to bring more focus and clarity into what those businesses are all about, what those customers require. And I think Even without the announcement concerning consumer, this would have been required. And that is, of course, reflected in the fact that we have Separately taken the decision that we are going to launch a second brand. We're going to cover the B2B with a new brand. That will happen regardless of our evaluation. So I think on one hand, We want the focus and we want to demonstrate what it means in concrete terms. But then, of course, there is this question that How to ensure the positive development over a little bit longer period of time. It's not the question of this year. I think we're quite happily executing our plans. We're quite happy with the results. We're happy with the growth of 10% across the overall company. But Thinking about it a little bit longer term to ensure that all of our businesses are successful, we foresee that We will potentially need more resources to share. Clear. And then regarding these potential Additional resources, would they be used mostly in the corporate segment for the B2B side? And would it be mostly to R and D In order to maybe add some new modules to your platform or would it be to sales and marketing to boost the growth through maybe additional partners or something like this. I think it's too early to say that. And I would just Kind of reiterate that we would look at the needs for all of the businesses. And of course, we need to balance what is the growth opportunity. Clearly, in the B2B side, The market is growing faster. And there I think it's a bigger question in terms of what is required to be part of it. But If we look at our current portfolio and our current execution, we're actually quite happy already with the structure we have there in terms of starting to re up Benefits from the past investments. Okay. And then finally, who do you consider to be your main competitors for both of these new entities, so the B2B side and the consumer side. This is such a crowded market that it's hard to pick One competitor who would be there. So I think it varies whether we are talking about consumer on B2B first of all and then even Big smaller sections of this segment. So maybe I'll leave it at that. Thank you. Thanks. It's Bjorn from Nordea. A question regarding your management team and the changes there. Aside from Tom stepping in as the CFO, one can notice that you also have a new Chief Technology Officer in place and the Consumer security leaders has also changed. So could you perhaps provide a bit more color on these changes? And do Do you see that your management team is right now set to drive your strategy? Or is it still missing something? Yes. I think, yes, obviously, there have been quite a few And if I start with the CTO, we were very happy to find an excellent person as CTO, Kristin Beharasco from our own company. Kristin is currently leading our tactical defense unit and has a Tell our carrier in cybersecurity. And we think it's really important that we recognize the fact that also in the Leadership team of this kind of company, we need to have deep technology expertise, deep expertise about the market and Recognizing that fact, that's why Kristin is there and why that position is there. She's actually officially starting tomorrow. That will be her first day. The same goes for our Timo, who is here. He will be one of the speakers. Bear in mind that Timo's first day in his new job is tomorrow. So try not to be too hard on him in terms of the questions. He obviously comes with a Long distinguished carrier at f Secure and in cybersecurity as well. And just in terms of the change itself, I think it's natural for all companies to have management rotation and change. So there's nothing more Dramatic than that, but of course, it is really important that we have the kind of team here that can tackle the opportunity and the challenges they bring. And I'm personally extremely excited to be working with this kind of a group of people who I consider to be top notch. And again, coming back to the rationale for the potential split, have you felt that you are kind of underinvested in the consumer business or not Kind of utilizing the full potential there with some of the product new launches that you have made, While at the same time, you have had quite a lot of investments on the corporate side. So have you felt That somehow you would need to have more resources for the consumer side as well to able to capture the full potential. Well, In a way, if you ask the businesses, they always in a way need more and there's always more opportunity. But in balance, if we look at the market growth, The opportunity and stage of the life cycle we're in consumer business, I think it's a pretty good balance. We have also invested in consumers. So we have launched new products like SENS and IDP. SENS is the router product. IDP It's a personal protection product and a password vault. So I think in that sense, we are it's quite a good balance. But at the same time, of course, we want to keep it a healthy, good business. And that means also continuing to invest What is required there and also actively developing the portfolio if required. The market landscape The threat landscape is also developing in the consumer area as such. And of course, we need to be alert to that. Thank you. So should we take some more questions? If nothing from the room, I'll have one from the portal related to geopolitics and the B2B Securities. So Johanim, do you find China as an accessible market for f Secure? I think so far f Secure has been predominantly from a revenue standpoint Europe plus Nordics play. And then of course, There are certain markets outside of that where that are important for us and where we have focused. There's North America, for example. There's Japan, As a couple of examples, those continue to be important for that. But I think we have quite a lot to tackle still, for example, in Europe before even having to consider further down the road. As for the geopolitics, of course, it's clear that The fact that our primary market is the European community is related also to the fact that we are a European company. We And how to do business in Europe, we understand the regulatory framework, etcetera. So it makes it a very natural market for us. Thank you. So do we have any questions for this section? I think then we'll move on. So Juha Kivikarski? Welcome, Juha. Okay. Welcome, everybody, on my behalf as well. And Let's talk about a little bit the customer challenges we face. And I would also like to introduce a little bit to the other side that how do we solve those Or at least try to solve. So overall, if you look at the current situation out there with our customers and Also with our partners, I think that the one key thing there is that there is a lot of different technologies that have been deployed into their environments. According to our studies, it's about, on average, 6 different. So that usually means also that it's 6 different vendors or manufacturers The day of use. And that means that there is a huge amount of work, manual work and also learning work that has to be done. There is no common user interface, so the user experiences are different. So it means that you are not really doing it in a most efficient way, which also means that you are adding complexity. You have to learn new ways how this technology works, how they talk with each other. And the fact is That usually none of these technologies talk with each other, which means that you don't really gain a situational awareness. So you really don't know what's going on out there. And that is the ultimate problem here. So that you are actually exposing yourself To the different threats out there because you don't really know what's going on out there. So how are we now solving this one? This is brand new stuff. We launched this in our species event in May this year. So if you participated last time to our CMD, there was none of this existing. This was under plans. So that's more or less the time when we started to develop this stuff. So what we have done here, we have split our business model to totally new way. We have technologies, We have services stack and then we have the pricing models. And if I talk about the technologies first a little bit. In the past, we had, for example, EDR, we had EPP, we had a vulnerability management and so on. They all had their own clients. They all had their own data lakes. They all had their own back ends. So what did we do? We actually combined the back ends, so we did redesign those. We did build 1 data lake. We did build 1 client. And then we added one more thing. We added the collaboration protection, protection for Microsoft 365 environment. And all of these things like the one client combining vulnerability management, EPP and EDR, And then the cloud to cloud native stuff with the Microsoft 365 protection are all putting all the data into 1 unified data lake, where we can do all kind of correlation, security analysis, and then we added on top of that one unified management view. One reporting, one management, ease of use, clear picture what's going on. And that system Delivers you actually great refined information for fast decision making. And that's the benefit you get from the technology part. Then if you look at the service part, we have there multiple elements. For example, Elevate to F Secure as one example. If our partner All the end user using the f Secure Elements solution doesn't know what is this challenge I'm facing. They can actually just in the Elements Security Center, just click and elevate that ticket to f Secure Experts. We will take care of it. We will solve it on your behalf. Then if you look at the pricing models, the Last time, at the CMD time, we only had the annual license. You could buy it for 1 year, 2 year or whatever years. We introduced then the SaaS business model that we have run for 3 plus years now. And I would say that, that's Very well taking in place. We have a lot of customers moving from the annual license model to the SaaS, to the monthly payment model. And then we introduce now with the elements launch, the latest and greatest, and that's the usage based. You only pay for what you use. So if you have 1 seat used in that particular client today, But you don't have it in the next month, then it means that you don't pay it next month. So it's very flexible model. And on top of this, We listened, our partners and our customers, and they all told us, hey, take away the routines. We want to focus to the security. We don't want to focus to the routines. So what did we do? We automated the whole process. So we introduced here a simple way how to provision new clients to the customer or the partner managed environment. We also integrated it to talk with our CRM solution as well as our ERP. So when an admin Once to protect one particular client, it might be a mobile phone, might be a laptop or server, just provision That protection there and then the system is actually creating automatically an asset to us and our ERP is automatically invoicing. So there is 0 human touch needed. This is a great way of building a scalable business model. So going forward, if you look then a little bit at what is Microsoft 365 Protection, it's actually a technology It is cloud native, it's cloud to cloud integration. So M365 cloud connected directly to the f Secure cloud. And what it means, no client needs to be installed, fast to take into use. The second thing is that we introduced Advanced malware protection into this. So Microsoft, as a native solution, doesn't do that. In addition to this, one of the coolest thing here is related to the compromised account protection. So for example, if a user credentials go and leak out, Get compromised. We can see it from the management system, and we can inform the Microsoft admin that, hey, This CFO has lost his or hers credentials to the bad guys. So please They unplugged the account and asked the person to create new credentials just to help to protect against the future breach. Then you are wondering that what is this number, 108,000. That's the amount of attacks we have blocked during the past 6 months. So is there any use for this? Yes, there is. 108,000 attacks blocked in last 6 months. It's a significant thing. Then if you look at the other side of the cloud protection solutions we have, it's the cloud protection for Salesforce. And this is something that Don't get us wrong. We are not protecting Salesforce platform. What do we do? We actually make sure that the content is clean, So that the content doesn't have any kind of malware or harmful URLs or so, we block those. So what it actually does. This is a shared responsibility model in the clouds. The cloud provider protects the environment, but the user It's responsible to make sure that their data is good and clean. A typical use case It's a community cloud user where you are partnering with somebody. For example, I give you an example, recent example of our deployment, Tokyo Olympic Games. So we secured the delegates. When they came, they actually uploaded their COVID-nineteen data, the test results and so on into the collaboration sorry, community cloud provided by Salesforce, by the Tokyo Olympic Organizing Committee. So when those documents were uploaded from various sources, we did scan those documents, and we did Clean all the possible malware out of it. At the moment, this is a direct sale, which means that this is sitting in the Salesforce AppExchange, where you can download it and start using it. And if you want it, then you start paying for us. We have currently 19 out of Fortune 500 customers using this technology. This is very fast growing, scalable business model, cloud native. So let's then talk about a little bit the other business area we have, Managed Detection and Response. And this is something which is really, really interesting stuff. It means that if I try to picture a little bit, We have the customer environment, the infrastructure, we have their software, we have their different kind of log data and so on. Then we have the f Secure Detection and Response Technology, which includes kind of different technologies Like hunt engine, I will talk about that a little bit later. And then we have there something like user behavior analysis and so on. And then we have the human factor. We have the threat hunters. We have the first response teams. And how does this all orchestrate together? Threat hunting is incorporated as a service into this model. We use the technology to collect the data, And then we have the threat hunters. Threat hunting means that you are actively all the time analyzing what's going on in the customer's environment. It might be a keyboard led modern attack where a human being is attacking. It's not only malware. It can be just a person Doing different kind of lateral movements, trying to gain more access and so on. And our threat hunters, they really know How to seek that kind of behavior. Or it can be some tooling used, which creates anomalies into the network traffic, for example. So what do we provide? We provide clear outcomes to protect our customers. So when we identify malicious behavior, We block it out and then we explain to the customer that this is what's going on in your network and it's detected by the technology and human beings. And what we deliver with this, it's the peacetime for the customers. They can trust that, hey, we are backed up by F Secure experts. They know what they do. And this is really, really interesting area, fast growing, and it's good that it actually creates us a huge playground to understand about the modern attacking behaviors, how the attackers are behaving, what kind of tooling is used today. Johan, you talked a little bit about the commercial models. Yes, land and expand. I wanted to elaborate this one more time. What is the point here? Typically, a traditional F Secure customer has had like endpoint protection. Now with the ease of use, with the F Secure elements, it's really easy to provision, for example, the endpoint detection and response from the same management center. They can also provision, for example, vulnerability management. So it means that using f Secure Technologies more is more beneficial for the partners and for the end customers, Because you have one user experience, you have one combined threat intelligence dashboard in front of you. And the numbers speak for themselves. This is what's going on. More products in use with the same customer. And then if you look a little bit this kind of topic, we did about 2 years ago, not the decision, but that's When it became active, we did decide that we in source our renewable sales. We had outsourced that service for years. And we saw that we are not really performing as we would like it to perform. So we did build into our HQ a 35 strong international sales team to take care of the renewals. The countries are handling today only the big clients' renewals. All the rest we do central here. They speak all kind of languages. Only Japan and U. S. Are handled from those locations, But those people in those roles are reporting into the centralized team as well. So same metrics used. It's like a trading floor if you think about the cadence of doing the things, and it really pays off, as you can see, from the renewal rates. We have also introduced here the cross sell team, so that they are also doing a lot of cross sell and up sell for the existing clients. So this really works. And then if you look a little bit the EDR, there was a little bit like, let's say, worries In the year, when EDR was launched that in the few years, it the kind of a price premium will be 100% melted Into the EPP price levels, but that has not happened. And I believe that there are a few Reasons for that, first of all, I think our product as such has improved both on the EPP side As well as on the EDR detection capabilities, the threat hunting capabilities, how it really works, it has significantly improved. In addition to that, we did launch the Global Partner Program, and I would say that, that has been a success. We can see that our Gold and Platinum Partners business are growing faster than ever before. It's actually the fastest growing partner segment we have, our biggest and the best partners. And now it looks like that the easiness of doing business with f Secure elements as well as the profitability boost and the easiness of doing business because of our global partner program, which is, by the way, supported by our new partner portal For automation of the order business orders, I would say that all this has contributed due to the positive development for the EDR price per seat. And then lastly, we had a decision A few years back that, hey, cloud is the future. So we decided, let's put all our ammunition to the cloud business. So what are we doing today? We are putting all our R and D new efforts, New technology developments and so on to the cloud based solutions. And you can see it from the trend of the business. There are two trends. Some people don't just like about cloud because of their nature of business they do, or they just don't like it yet. And they decided to stay with the on prem solutions. But we also see that many of Current on prem solution users, they actually migrate to the cloud based. There are hundreds of customers, end customers who are migrating every quarter on their own will to the cloud based solutions. Usability is better and deployment is better. And why would you like to invest your own money? Why would you spend any CapEx due to servers and so on and do their maintenance? And we can see that our strategy works. The cloud business or cloud based solutions are growing pretty strongly, I would say. Then we could continue with questions and now you can shoot them to Juha. So let's start from the room. Hey, so it's Veikko Silvesti from Danske Bank. So the Element platform, let's start from that. It seems fairly solid, but How does it compare to Falcom platform of CrowdStrike or Helix platform of FireEye or FortiXDR from Fortinet and so forth? So what is the competitive advantage? I would say that what's the competitive advantage? We can say that always you can fight about do I have a better detection capabilities For the neighbor, I would say that that's not the right comparison. Or you can say that, hey, how well all the back ends and systems are integrated. I think that it's more or less the vendor's problem. The only thing that is solving the game is the usability. Because if you have partner model, like we Operate through 7,000 partners globally, I think that how we win the race is that how easy it is to use our system, How good visibility it gives you, how good situational awareness it gives you, how good is your reporting, how well it integrates to the 3rd party systems and so on. And then this is not enough. You need to have the business model. The business model is what interests also the partners, how they make money out of it, How easy it is to provision, how cumbersome is the ordering process and invoicing process. And if you combine all this with the partner program We have, which is by the way selected as the best global partner program by Forrester. I would say that we are on the winning side here. We are newcomers, yeah, But I would say that we are going to take a good share of the market with this technology. I fundamentally believe that this is pretty unique stuff. Clear. Thank you. And then maybe if you put elements next to the other just mentioned platforms and others in the market, Which platform do your partners, sales partners see as the next best thing to choose maybe? You mean not ours, but what would be the others? Yes. Yes. So it depends. We have a different kind of go to market I mean the way how you sell, do you sell direct or do you go with the channel or what's your model, is it mixed or what model. But if you look this our approach, We believe that with the elements, it's 100 percent channel game as it is. I would say that then you need to look at how is the partner program, for example, supporting that. And then if I look at with whom we mainly compete, it differs so much. If I look from Japan to U. S. And everything between, Every country is different. I cannot say what is the next best. I think our competitors have great solutions, but I think that it's really important to look also that how is The total picture, including the business model working. Okay. And then, nextly, regarding the sales force Protection. So is this kind of service is unique or are other this kind of Security APIs for Salesforce available. This is a tricky question. You can solve this problem In multiple ways, but then if you look really that how elegantly you do it, and I mean that for example, if you have It's kind of a community cloud. For example, our partner portal works on a Salesforce community cloud. And if I look at a customer of ours, one of the big ones, they have 9,000 car dealers in Asia. So it's obviously car manufacturer. So the thing is that what they need to do is actually just deploy System and it does the rest. And you can use the sales force management to see what kind of security posture I have. So the reporting and everything is You can use the same management way how you manage your sales force environment. And if you look, does the competition have anything similar? I would say that there is one, but we have checked the system and it doesn't really do what we do. And I would say that We are a little bit ahead of the competition because this is not the 1st year. We started with this one in 2016. And then it's been like wondering that there needs to be, what kind of things we need to look after, what kind of reporting we should have and so on. And now I would say that we've done also some investment through the R and D, additional investments, and we can see the results That we are well received by our customers and we don't really see a competitive situation at the moment when we talk with the big clients. Okay. And then final question for me. This is regarding the commissions you pay for the sales partners channel. So firstly, I could imagine that a partner sells, let's say, elements for our clients and then It comes the renewal phase of the license. Then your direct sales force comes and sells that The renewal for the end user. So how does the commission fee go from there on? So does the partner Basically, lose those commissions from renewal sales now that you have insourced? Yes. This is very good question to ask, and I give you a clear Answer as well. So we commit to the business with our partners. We never take business away from our partners, Which means that when the partner is selling the stuff, we don't pay any commissions to them. We actually give a discount from the list price. I mean, we have a list price and then partner gets a discount out of it. And then they can decide what kind of Margin, they want to put on top of that purchase price that they get from us. So we don't dictate the market prices. The second one is that when the renewal point comes, What do we do? We fundamentally call always to the partner that, hey, do you remember that you have this expiring license here? Please Let's renew it now. And if you don't know how to negotiate with the end customer, we can help you. But we don't steal the business away from them. We actually what we want to do, we give them as a service also this kind of a churn indicator. So we have AI built into our CRM, so it's actually predicting that you will be losing that customer. And we inform our partner that, hey, you might be losing it. So might be good to do this and that kind of thing so that you don't lose your customer. So we actually make sure that the Partner renewal rate goes high, and we are also measuring in the Global Partner Program their renewal rate performance. And if they go well, we reward. Hi, Johan, Felix Hendrickson, Nordea. I think a key message that you've been Getting on a group level is that your margin expansion or profitability improvement should be driven by sort of operational leverage that You get on sales and marketing costs. So could you maybe describe how this applies specifically in corporate security products and how you Aim to achieve a higher ROI for your S and M expenses and costs. This is basically focusing on the larger Channel Partners, have you already put in place the necessary investments in your direct channels? How do you expect to drive up sales and marketing efficiency? It's a very good question and I can take it from multiple angles. The first one is that we have focused a lot to the automation. So 70% of our purchase orders are coming 100% automated today through the partner portal. So there is 0 human touch. So we don't have any need To increase spend on the for example, order services or so. Then if you look at the sales part, I think we've done our work In seeking the scalability, so it means that we don't really need to increase the sales resources to kind of, I'm not saying, multiply the business, but To have a significant growth, and significant is not 20%. So we don't need to add sales resourcing. And then if you look the kind of Marketing cost, I think that, that is something that when the business grows, you always need to spend a little bit more. But then the direction of the spend might vary Depending on the timing, for example, we have been shifting our funding for marketing from a traditional EPP business towards the EDR, and we have been shifting it quite heavily to the cloud protection of Salesforce from time to time. And when we see the yield, we actually Squeeze the budget sometimes down or we even increase. And then if you look a little bit the rest of the investment thing. Of course, R and D will be an ever growing topic. And how do we finance that? It's through the scalability. We have chosen our battles with the partners. We have about 130, 140 focused partners that we work with globally. And then the rest, We have in total 7,000 partners. We actually used the inside sales function to scale that up. So we actually Can grow this business by just investing more or less through the R and D and develop new technologies and improve the existing ones. Thanks. Another one for me. Do you see any other cloud enterprise applications where you could expand your Collaboration Protection or Cloud Protection Platform at the moment? Yes. For example, I can say now that If you look Microsoft 365, the next thing that we will be protecting is more or less SharePoint because it's a natural expansion. And then if you look the other cloud platforms might be ServiceNow, might be whatever, there are so many of those. We have been actively looking into those, And it might be that we expand into another one. But it's also something that when we look at the sales force community, it is by far the fastest growing platform. Globally, and we have a very tight collaboration with them and we see that there are many other clouds that we could be starting to protect. The usual suspect today has been the community cloud user, but the next one could be sales cloud or whatever. There are so many clouds with Salesforce where we could actually expand by expanding like organically inside of Salesforce deployment. So the addressable market is there. Hi, it's Mattriy, Gunnar, Carnegie. Coming back to the cloud question. What kind of involvement do you need from the Cloud partners like Microsoft or Salesforce when you are creating the cloud protection for their service. So is it Kind of an arrangement where 2 of you think that what can be done or is it kind of Open ground for all security solution providers to come up with the solution and they just Say that, okay, there's a bunch of these services available and you try to find the way where you have kind of most selling potential. How does it work? It actually works the way that, for example, we as a company, we looked at how the people behave. If I look, for example, our company, my colleagues here, how they behave, I would say that, for example, Microsoft Teams is the new email. If you look what stuff is going there, there are URLs, there are files, there are everything going in there. And it's a chatter, it's everything. Then we looked at, hey, should we protect that one? And then we discussed a little bit, of course, with Microsoft that this is what we are going to do. And then we get a little bit help from them that we Get it working, but it's not a kind of, how you call it, ARFP round or it's not too complicated. And that's the beauty of it. It's relatively easy and fast. So basically, anyone with an idea And who is fairly ahead of the market can basically do a cloud service protection for all kinds of Different cloud services that there are in the world. Is it that simple? Yes, theoretically, yes. But you need to remind that f Secure has developed Some 30 years of detection capabilities and protection to the industry. So we were virtually there before even the problem was existing. So I can give you an example. A typical case is that when you have this big cloud protection for Salesforce deal at the front of you, The customers identified, hey, we need to protect this one or that one. And then we explain how it all works. And then we probably do an A proof of concept where we install it and then we show the results and the outcomes and how it works and then it comes like a silence. And then we know now what that silence means is that the customer has decided that this is so easy, we will do it ourselves. And then we know that it takes about 5 to 6 months and then they call back and then they are ready to take the deployment from us. And that's because of us. That's our business. It's to secure the customer's environment. That's why we are good at that. All right. Fair enough. Jakob Tormanen from SEB. With the f Secure elements, upsell must be much easier given the platform. Could you elaborate a bit more on your upsell strategy on the Elements platform, especially given that you have the Channel partner there as a middleman. So how you are planning to go deeper into the customers' pockets going forward? Yes. Actually, the Elements Security Center offers us quite a unique way of doing also the marketing. We can enable, for example, a given partner for a part of their customers. We can have a promo that, hey, Take the vulnerability management, you can use it 3 months as a service free of charge for your customer or with the €1 Price, symbolic price or what? Or we can enable different type of services for them through that Security Center because it's all visible there. And that is a way how we can really promote our stuff with 0 marketing costs. And that is something that we were not capable of doing before. And I believe that the second thing is that most of the, Let's say, awake customers, they all understand that it's not good enough that you can protect against everything that you already know. If there comes a more advanced attack or there comes a 0 day or something that has not been seen before, It means that there is no fingerprint or there is no identification for that piece of malware available. It means that it will not be detected. So it might be a good idea to have something that protects you against that is currently unknown. That's why the upsell will happen and it's happening at the moment. And when it's really easy to buy And the provision then it really happens with the elements easy way. Okay. Thank you. Atter Regla from Inderes. One question about those cloud protection products. Is it possible that someday Salesforce or Microsoft develops their own solution for that product and It takes away your business in the cloud there? It's a good observation and Everything is obviously possible. But then if you look at the nature of, for example, a CRM provider, They usually want to protect the environment that they give you, I mean, a bug free software and so on. But they are not really interested what It's the customer data inside. And that's the kind of in a cloud, it's the business model, but it's also if you have an on prem CRM, for example. The manufacturer doesn't care what's inside. And it's a little bit maybe The strategy that you don't care what's inside and you should not be caring. What we do as a business, we want to know if the data The integrity is there or not. And that's our only business is to make sure that the customer data is safe and it's clean. So I believe that we don't have too much of an aligned interest here. So it might be that it's a Long shot to that to happen, but who knows? All right. Thank you. I think That's it for Juha this time. Thank you for the insightful answers. Next up, I will be welcoming Edward Parsons, EVP of Cybersecurity Consulting. Hello, everyone. Great to be here in person and to be representing our hundreds of security professionals worldwide. I'm here to share how our expertise, our understanding of the threat landscape, Our familiarity with enterprise technologies and our vertical focus leaves us well placed to capitalize on growth in the cybersecurity consulting markets. I'll also share a couple of case studies demonstrating how our deep partnership leads to natural cross sales opportunities where we can use our technology to really deliver security outcomes for our clients. Let's start with the threat landscape. Of course, f Secure has a long history of knowledge and understanding of modern attack techniques. It's baked into our products. But that's also true of our people too. I know firsthand from my own experience as an incident responder How much experience how much that experience counts when you're helping to advise clients? And recently we've seen that attackers are exploiting vulnerabilities in enterprise software products at internet scale To increase the maximum number of potential victims. They're becoming less discriminant and more opportunistic. And that's led to a few significant developments. Firstly, we're seeing ransomware attacks Targeting a wider range of verticals. Cyber criminals are going after companies that have high availability requirements. Perhaps it's manufacturers or it's utilities companies or even health care providers. We're also seeing extortion attacks develop. So we're not just talking about business disruption here. We're also seeing the theft of data, not for competitive advantage, but rather for extortion purposes too. Again, creating new opportunities to monetize access to victim networks. And as enterprises become more connected, we're seeing more attacks focused on supply chains, particularly software supply chains that we rely on in our digital way of life. And as our clients move to the cloud We go through significant cloud transformation journeys. We're also seeing attackers exploiting new opportunities created in some cases by the mere misconfiguration of some of those new cloud services. No wonder perhaps, therefore, that we continue to see growth in the cybersecurity consulting market, forecast to grow at a compound annual rate of 10% for 5 years from 2020. But the threat landscape, the evolutions there and our understanding of it aren't the only growth driver that we can capitalise on. Perhaps the greatest security challenge that enterprises face are the fundamental changes to enterprise architecture that we're witnessing unfolding at the moment. And the technical complexity and pace of change that even the biggest enterprise clients I left Foundering by. We all know that COVID-nineteen has accelerated the shift to remote working, That is accelerated digitization and the rise of e commerce for many enterprises. But that creates opportunities not only for cloud and SaaS providers, but also for security consultants as well As the expertise required to overcome the most complex security challenges is a really scarce commodity. To underline this, we've spoken to several of our clients this year, dozens in fact, across 17 organizations here in the Nordics, in the UK, in the US and South Africa. And they've told us that their security teams are struggling to keep pace. They are failing to capitalize On the opportunities for security improvements that the major cloud platforms bring, for example, enhanced logging and monitoring capability or more granular access control. They're also struggling to keep up with development teams This is taking greater responsibility for IT operations but don't yet know how to leverage the tools at their disposal to deliver secure code. And finally, most of our enterprise clients exist in this messy intermediate phase Where they're pressing ahead with cloud transformation, but they remain wedded to technologies that defy description as legacy. They're still running essential services on mainframes. They're still relying on technologies like ADFS to bridge organizational divides. And security teams are simply struggling to keep up. Some have the capacity, But they don't have the skills within the team to drive value from cloud security tools and to protect against new areas of exposure. And for many, therefore, the 0 trust approach to security remains an ambition, but in practices is no closer It remains a rather abstract ideal. These fundamental shifts are really driving demand for security expertise. But specifically, it's not just about understanding of the threat. It's about familiarity with those enterprise technologies, and particularly cloud and cloud native technologies. As an anecdotal example, I'm happy to note that last week, Some of our consultants published their own security framework for organizations looking to move services to MS Azure. And that's just one of many examples of research and conference talks that we've given over the years, demonstrating our capability with new or novel technologies. Lastly, our vertical focus, Easy for me to say. Our vertical focus has helped us to create more value for our clients. It's driven deeper partnerships, but it's also helped us to win new business. And naturally, we focus on Verticals that are highly targeted, but also and increasingly so, we focus on verticals for whom technology really is core to their value proposition. And I wanted to share a few examples of this just to bring it to life for you. In financial services industry, we work with Number of companies worldwide, including some of the world's largest global banking groups, some of the world's largest asset managers And some of the world's largest investment banks and insurance companies. We're helping those clients To build operational resilience and meet and in some cases exceed regulatory expectations. For those clients, we are more than a security partner. We're a business partner. For example, recently, we helped One Investment Bank launched their own digital bank. And it's just a great example of how security consulting when done right Can actually enable technology driven business strategies. Therefore, we're seeing demand for our strategic advisory services in this sector. We're also recognized as an expert on payment system security, specifically on the interbank messaging services The many capital markets rely. In the technology space, we're helping cryptocurrencies fend off to tax, the impact of which can extend into the 100 of 1,000,000. We're also working with companies with high safety or availability requirements, helping aerospace with hardware security, for example. And we continue our long relationship with gaming companies as well, who are rapidly investing in cloud and cloud native Technologies, but also highly targeted. In the telecommunications sector, we've seen just recently From the T Mobile breach, just how much these companies need to improve their security in many cases. And I'm happy to report that recently we helped telecommunications and broadcast giant go through their own regulator driven Ethical Intelligence Based Red Team Assessment. We won that work because of our help, Because of our track record in the financial services industry, helping other clients get through regular based resilience assessments. We've also helped to identify and work with vendors to fix vulnerabilities in critical network infrastructure as well, helping to build the security of the whole sector. And lastly, We're focusing more now on manufacturing and companies that continue to run operational technology environments, which quite often Contain Legacy Technology. We've seen increased ransomware attacks on this sector And also, some success for attackers launching business email compromise attacks. And we also know that Cybersecurity maturity can vary and is relatively low compared to other sectors. But with so much at stake, Now with some of our clients facing 1,000,000, if operations are disrupted just for a day, We see good growth opportunities in this market. And I'm happy to say that we've proven ourselves as a good security partner, helping manufacturing clients fend off ransomware attacks. So that's how our expert knowledge will help us to capitalize on growth in the consulting industry. But I also want to share how we can help across our whole portfolio, how our partnership with clients naturally creates organic Cross sale opportunities, when our technology can deliver security outcomes. Before I jump ahead, maybe I'll just touch on this slide briefly, but sorry, I missed this in my commentary, but just to explain briefly that Give you a sense of the penetration to some of the industries that we're talking about. Clearly, nearly half of our business comes from Financial Services Industry, We've managed to grow quite successfully our technology and manufacturing as shares of our business as well. And also lastly, that our reputation within the industry has helped us not only to grow existing accounts, but also to attract new customers, including during pandemic. So back and on to some of those case studies. The first concerns a client with a marketing company that we serve from our office in New York. Now in 2019, unfortunately, they became A victim of a ransomware attack. And the ransomware attacker demonstrated to the client that they had a privileged position within the environment And we're in a position to launch a ransomware attack taking down the whole domain. Now the business impact So this attack would have been considerable in terms of direct losses. But unbeknownst to the attacker, This client was in the middle of a major M and A transaction, which would have been substantially disrupted, possibly threatened by a successful ransomware attack. That client engaged f Secure's incident response team for assistance. And when we started running incident response, The priority for us, as isn't often the case in attacks these days, was to make sure that we had sufficient visibility throughout the network To make sure that before we took action, we could be confident that we could find the attacker and kick them out wherever they might be. That was only possible at scale leveraging f Secure technology. And we successfully persuaded the client To deploy the technology rapidly to give us the level of visibility, on which we could make a confident plan to eradicate the attacker. I was personally involved in this case, and I was asked to brief the Executive Board, a CEO included, on our remediation plan, Quite simply because the IT team from the CIO down had never reset their domain I wanted comfort that they were working with a partner who had that experience. Unfortunately, we did, and we were able to step through a plan with them that gave them comfort and led to the go ahead of a successful eradication of the attacker from the network Before they could execute their attack. Now I'm happy to say that having demonstrated our credentials, our expertise And the power of our technology. The client was more than happy to sign up to our MDR service, and that service has been renewed At every opportunity since, I'm happy to say that just recently, we've managed to successfully thwart another ransomware attack for that client. And hopefully this serves as a great demonstration of how through our services we can deliver security outcomes for our clients. In this case, building resilience towards ransomware attacks. Lastly, to give you another example, because I'm conscious we talk a lot about our incident response services and the cross sales opportunities that arise from them. I wanted to share how our partnership with 1 Global Banking Group has created cross sales opportunities for our business security products as well. Now 1 global banking group we've been working with since 2014, began relying on us for tactical assurance work. So generally speaking, penetration tests. Over time, and Having demonstrated not only our technical competence, but our delivery track record, we became trusted with tactical security challenges, where the client was more flexible about the type of project that we might run or what our approach might be. Having earned that trust, we also managed to expand globally and were recommended into the U. S. Credit business run by the same banking group. And over time and through good partnership, we began to unlock more strategic advisory assignments, where we were making recommendations on the implementation of security technologies in order to deliver strategic security goals. And on that journey, there naturally arose the opportunity for cross sales of our Cloud Protection for Salesforce business. And I'm really happy to say that our business security colleagues were successfully in executing that and making this banking group one of their major enterprise clients. Since that successful sale, we've seen our strategic advisory services continue to grow within the accounts, and the cumulative Lifetime value of that account now stands at over €15,000,000 So really good example of long enduring partnership with clients leading to cross sales opportunities for our products business too. So to summarize, we see good growth opportunities in the consulting market and we think our expertise in threats, Enterprise technologies and our vertical focus leaves us well positioned to capitalize on that growth. We see that partnering will naturally create cross sales opportunities where our technology can help to deliver security outcomes. On medium term, we see more opportunities to serviceize security, bringing synergies and potentially new services that will help to deliver better outcomes That's my presentation and hopefully we have some time for Q and A. Thank you. Thank you, Ed, for the latest on threat landscape and also some great insights on the cross sales opportunity within f Secure portfolio. But before we take the questions from the room, just a reminder for all the listeners on the webcast so that you can submit the questions to the portal at any time and I will then ask the questions at the Q and A section. But now let's have the first questions for Ed. So it's Weku Silvesten from Danske Bank. So firstly, If I've understood correctly, fsecur's consulting business is technology agnostic right? Yes. So could you please describe or help us understand basically the costs and benefits between the MDR solution provided by fsecur or for example this kind of technology agnostic providers like Firerise, Mandiant. So Can you help us understand this landscape? Sure. Yeah. So I think the first thing to say, if we start from the customer's point of view, Most of the customers that we're engaged with, their variety of needs and Current situation may involve in house EDR, their own security teams. Potentially, they already outsourced to an MDR provider Or they may have no capability in place, and we see clients from across that spectrum as well. We see at the moment, the trend that we're seeing actually, which I think has been echoed by analyst comments as well, is that over time, I think as many as 50% of enterprises will outsource managed detection and response. That's growth From now on, certainly, that's the trend that we see. And we think that f Secure as a business is well positioned, therefore, to capitalize on the growth opportunities that come with that. Really, I think the major kind of point of comparison for clients isn't between 1 vendor and Because I think as Juha has suggested, they'll all have their own strengths and weaknesses when it comes to detection capability. It really comes down to the amount of control and configurability they want on the service. And that will dictate whether clients go for their own in house solution or whether they'll look to outsource the whole capability. So I think most enterprises are actually facing decision between whether they in house this or whether they out It's also rather than the selection between one provider and another. What I will say, is that part of the The competitive advantage that we have from our MDR service is also our incident response services, and the ability for consultants to help clients build security maturity over time. And I think Juha mentioned briefly peacetime value, which is where we use the data from our MDR services to identify opportunities to improve security when a client is not under attack. And I'm very excited by the opportunities that, that creates, not just to kind of enhance the value of our MDR services, but also opportunity for Additional consulting services to be sold into those clients too. Great. And then finally, do you see that the MDR business, Is it more mature in the U. S. Or in Europe? And is it growing faster in which geography? I don't know whether it's growing faster in one geography or another. Perhaps one of my colleagues might be able to help with that question. The I think it's fair to say that it's still a relatively immature market, and we're seeing therefore, we're seeing growth opportunities in both. And certainly for us as a European provider, there are pros and cons, okay? And I think one of the pros for European provider clearly is that where we have regional points of presence, where we're able to satisfy language requirements and also align with things like local regulations as well, That creates good opportunities for European headquartered MDR business versus our global competition. Given that Jakku Torvenu from SEB. Given that you're in people driven business. How is the recruiting market looking currently? And how is it to find the top talent you need in your to deliver the growth ambition. Yes, thank you. Good question. So recruit I'm happy to say recruitment is going really well. And I know over the second half of the year, we'll be welcoming dozens of new consultants into our team and I look forward to the opportunity to meet them. Recruitment is a challenge. Generally speaking, our approach has been to build rather than buy, although we will opportunistically I look for expertise in the markets. Across several regions, we run academies, where we'll take people who Our graduates typically are looking to take their first step into the security as a career into the industry. And broadly speaking, I think we have to go upstream and try and attract more people to computer science And then more of the best computer scientists towards our industry. And we've got a good track record, I think award winning in some countries and our ability to do that. So I have confidence that we can build continue to build the pipeline for future growth. Great, thanks. We still have some time for further questions for Ed. I think maybe just if I can add another comment actually to that question if we've got time, just a couple of other thoughts that come to mind. So One is, we're in a great position in the wider company to leverage our technology leverage our consulting business through technology, And that will be a focus for us going forward. And secondly, I'd note the way that we organize ourselves in terms of having A dedicated enterprise sales actually kind of reduces the number of things that we're asking our consultants to do and therefore maximizes our capacity within our It's Ferg Hendrickson from Nordea. Fairly straightforward question. You're seeing above 10% market growth in cybersecurity consulting, but yet your ambition level is to target high single digit growth. Any reason why you expect to be growing at a slower rate than the overall market? Well, I think broadly, our ambition medium term is to grow with the market. So we our ambition medium term is to grow with the market, that's what we're targeting. We've had many discussions internally over the last few weeks about what the right kind of compound annual growth rate It's for the market over that period. And I think when we're saying high single digit, we're talking towards 10 anyway, very close. I'd note that Many analysts, as I'm sure you're aware, have moderated their growth ambitions for the consulting market down over the last 6 months as we continue to see Uncertainty created by the pandemic, and I think perhaps some of the spread within our targets reflects that. Also, I think for the consulting business and noting what the wider company is trying to do as well in terms of improving profitability over time, That's the responsibility on all of our business units and therefore, we're not looking to grow ahead of the market. We're looking to strike that balance between growth and profitability. Then we still have time for one question. Yes. Terekla from Inderes. The pandemic situation has affected the consulting in the short term, but Do you see now in your customer base that's like when they were scrapping project or delaying some projects last year, is there now like the Short term demand outlook picking up. So the short simple answer is yes, but uncertainty still remains across many regions. I think I read this morning actually that confidence in the economy between the UK and European Economic Areas varies as they navigate their way out of the pandemic situation, and we certainly still see that. I think It's a massive public record that in Q2 this year, we saw 19% growth year on year. Q2 was Last year was when we saw the most direct impact from COVID. But it's important to remember that many of the regions in which we operate Still under restrictive lockdown conditions, in some cases ending only very recently, The nation rollout and the management of infections in Countries varies. Annex totally, for example, I know one of our consulting regions only recently I began inviting people up between their 20s or 30s to be vaccinated, which is basically all of our workforce and many of the people that we work with as well. And therefore, our advice reflects that, that uncertainty is will continue this year. All right. Thank you. Okay, Ed. Before the ending, I have one question from the line. So Could you elaborate a little bit on the employee turnover for the past couple of years? How has it developed? Yes, an interesting picture generally, and I think what we've experienced is reflected in the sector and perhaps more broadly as well. I think it's fair to say that attrition has gone up this year, but also I'd note that attrition was markedly lower last year as well. And I think that's probably pretty normal, I think, is what we would expect in terms of during the pandemic, People focusing on keeping their jobs and staying put. And then naturally, as the world's opened up, perhaps we've seen some deferred attrition as a result of that. But I think how do we tackle that? Well, I share Yohani's ambition to be the most loved place to work. We have to Look after our people in order to keep attrition to manageable levels whilst supporting good levers where it makes sense and also just double down on recruitment and see that as an opportunity to refresh the team and improve leverage as well. Okay. Thanks a lot. And there was a follow-up question on the employee satisfaction. So how has that been for the couple of past years? Yes, so it's unfortunate timing of the question because I think we do our employees satisfaction survey in a couple of weeks' time. So, You know, I don't want to speculate as to what it might look like now. But what I can say actually is that our client satisfaction remains high. And we recently polled last month and we saw an improvement on our last survey 6 months ago. So I sincerely hope that our Employee satisfaction will be heading in the same direction. Thanks a lot. Okay. Thanks very much. And next, We'll move on to Consumer Security and Timo Laksenen will give us the presentation. Good afternoon, everybody. Great to be the last speaker of the afternoon. I hope you're still with me. So let's start talking about one great business, which is consumer. We are all about partnerships. And if there's one thing I'd like you to remember after this is that we want to be the absolutely best partner to anybody Who wants to run consumer security business in addition to their core business, want to be the best partner? Already, Johan Johan talked about the best partnership in his pitch. We definitely subscribe to that 100%. We're also in the process of expanding that sales channel naturally as it's all about partnerships. So Reasons for optimism and happiness in consumer. Once again, one of the megatrends that Johan Johan already referred to It's that distributed work is here to stay. And not only distributed work, but people are using their connected devices more at home. So there has been an increase in Internet usage also in homes, both related to work and people's pastime. So that's a megatrend underlying. But then we've also seen that security is not a one dimensional thing anymore, which is only about device security. You go a few years back and pretty much the only thing that anybody talked about was anti malware or endpoint protection or antivirus, whatever name you want to call it. That's not the case anymore. Now there are more needs For consumer security that I will come back to in a moment. And this has created a need and move towards all in one security suites. It's way too difficult if you're asking people to download multiple separate apps which seem very alien from each other. So we have seen a growth in that percentage, who wants an all in one. Secondly, the willingness to pay for security is increasing. There are certain pockets of the market where free B or freemium offerings have been quite common. But once again, people are seeming to be more ready to pay for services. They see the big headlines in the media, How people are being hacked, how identities are being stolen and that makes them willing to actually tackle or address the problem. Overall market growth is 4% and you may say, but that's a small percentage, but it's a huge market. We are currently, like you've seen, slightly over SEK 100,000,000 out of that market. So there is endless growth potential for us in that market In addition to the generic market growth. So we are about to Expand our channel to market, it's already wide. I think that it's been referred to a few times already today that we have over 200 operator partners out there and we have now started working on a new partner segment in the finance, insurance and utility sectors of companies into whose core value proposition Security would be a natural fit and expansion. I'll give an example of insurance a bit later on. In our direct sales channel, We are serving our customers both through e commerce online as well as retail. And to preempt your question, Retail is actually doing fine against all odds. It's doing fine. And that's how we want to reach the global consumer market. This is a very cost efficient way to reach a large market as it's heavily partner based. So it scales well. So we've got 2 channels, which we are separating here from 2018 onwards. You can see that our total business was very steady at about NOK 96,000,000 or so For 5 years and we managed to break that stride and put a new gear in 2020 and we're seeing that same development continue now in our last 12 months. So the market is growing at 4%. In full year 2020, we grew 6% and that in the operator sector in the Direct business 5%. And as you can see in the last 12 months, the good development continues. This was not Something that just happened once and went away. What's causing this growth? Well, A few factors. I already mentioned that there are good underlying factors for us which are very positive. But one is that When we are getting different kinds of consumer security products and we're able to bake them into 1 single user experience, It's going to be easier to sell more of that capability to end customers by our partners through an all in one suite. And it is much easier for our end customers to actually adopt those services through a unified user experience. What you can see here in the screenshot is our mobile app and we are a mobile first unit. So our mobile app, which is covering malware protection, so device security. We've got a privacy and browsing protection, I. E. VPN. We've got ID monitoring and we've got a password vault all in one. Plus we have a capability to connect Parental control into the same app and we're going to be introducing next year also connected home security into the same app. So all in one, very, very easy both for our channels to take to market and for customers to take into use. And actually, If you want to forget all about it, it's all there in a very simple package. It talks to you as much as you want to talk to the app. So I think that this is the core And perhaps the most important slide of them all for me. I already mentioned that we're all about being the best partner to channels. And on the top, you can see that it's not good enough to just provide some software To customers for consumer security, it has to work very, very well. Year after year, we get the awards for providing the best protection. So technology is there. It is efficient and the outcomes are there. We can provide from the left there, we can provide Device protection, which is safe. We can provide freedom, VPN. We provide ID protection and password vault and we provide Connected Home Security. And you can get these within that same app that I just showed as separate apps with their own User interfaces, if you want to combine them with your own or you can even get this as an SDK or an API. So depending on the partner and what is their end customer strategy with regards to the kind of experience that they want to provide, We can even embed our technology into theirs. In the lower left hand corner is the go to market partnership from our consumer business. So this is a big, big part of what we do with our partners. We help them engage with their customer bases. We enable them to send out the messages and to provision the services, And we naturally want to help them cross sell, up sell and extend the scope of the service. So there is a whole host of marketing services and go to market services that we have as a support to our partners, Very much in the same spirit as Juha was telling about in the business security area. And finally, The service providers that we work with are big behemoths oftentimes. They have their own billing systems, their CRM systems, business intelligence and so forth. Our Capability to integrate with their infrastructures is very, very strong. We've done way over 500 integration projects up until now. So for us, this is an integral part of our capability to be the best partner that we can work with the kind of environment you have And we can make our services fit with those in a way that you like. So this is How we then protect consumers connected lives in a model which has f Secure highly visible in the app, Maybe service provider branded or maybe completely under the hood being the engine that drives that security business. I would call this the ultimate security business engine. This is our business. How are we doing then in this business right now? I think we're doing very well. So our retention rate in the service provider business is over 97%, Which I think is a great achievement for any company and proves that the value of what we provide is Appreciate it. Our channel partners give us a 63 NPS Net Promoter Score, once again Stellar, they stay with us. Our sales cycle can be months, quarters, even a year long. But once we get to the partnership, it's a very long term partnership and it's a very sticky value proposition and we Take good care of our service provider partners. We won roughly 30 deals for our new products In the last year, one and a half years actually. And With regards to ID Protection, the number is very big, but many of those services are still in their early phases of growth. When I look at why did we grow the way we did in 2020, quite a bit of that growth came from new products, the ones that you see here, But not all. We were also much more successful at expanding our footprint in the service provider channel that was already with us. So you have seen, I would say, only a fraction of the potential of the new products up until now. With regards to SENSE, We have 7 partners across the world. That's an even slower sales cycle than our typical consumer security products because it involves An element of the network, which is the home router. And to integrate our capabilities into the home router, There is the sales cycle, there is the deployment and integration cycle and then there is the rollout cycle. So that's slightly slower, Thus, smaller numbers, but we're not happy with this yet. And starting tomorrow, we'll be looking on to ways how we could accelerate our go to market in SENSE. It's a fantastic market that plays very well together with the rest of our consumer products. So here's the example of a new type of a partner that we're looking at. So this is an example. This is a Deloitte A study that we're sharing here. So roughly in about 3 years, roughly half of people who are looking for a new insurer are looking more At the non insurance propositions of these players than the core insurance offering, which is a rather powerful message about the fact how insurance companies are looking to expand their core offerings with adjacent offerings such as security. Gives us a good proposition to go and expand their offering. Secondly, They expect by 2024, 33% of the premium service volume will be coming from new propositions outside of insurance. Our value propositions are very similar to what it is currently to our operator partners. Security and privacy is a natural fit with the core offering. It is about trust, boosting revenue growth, margins and profitability and customer loyalty. We've seen time and again in our studies that operator customers who have also adopted Consumer security are more loyal to those operators. They get a proven world class value added service expertise, our business engine. And it is that same engine that has already been proven to work so well in the operator sector. Direct sales or direct business of consumer. This is an offering which I would say has 3 strategic narratives behind it, The why. So the first one is enough. It's a damn good business. It's a very Profitable and good business to be in. And that might suffice and we could say that that's good. But it has more functions for us which are equally important. Secondly, it's a fantastic way for us to validate Some of our new products and features because we have a direct interaction with end customers so that we can see how the Customer experience works because it is ultimately about customer experience, who people stick with and who they leave as a service provider. And finally, we're developing best practices in sales and especially marketing, cross selling, up selling. We're developing practices over here that we can then extrapolate to our service provider business. It would be very hard to be that good in service provider business, if not outright impossible, if we didn't have the direct business. The way that we are seeing our business develop is that if you look at our standalone products versus F Secure Total, which is the combination of our applications under the similar one single app. The growth Of the OneSuite app is growing consistently from 14 to 26 to 34 in the last 3 years, which means that our average annual revenue per user is going up. Each customer who takes our Total versus one product makes more than 1.5x more revenue for us than a single product user Easily. So this actually is a major impact in our capability to generate revenue and profit in a scalable manner from direct business. And as a summary, It's a story of good news. We've managed to turn the company, Thanks to the fantastic team we have in place, the great partners we have and the good product offering and operational excellence how we work both in direct business As in service provider business, we've turned this unit into more than NOK 100,000,000 revenue a year and growing. We have very healthy fundamentals. So the house is in order. I'm going to be stepping into a new position tomorrow where things are in excellent condition, but we have several future growth drivers that we can now play upon. Overall security market growth, consumers' willingness to pay, growing demand for all in one suites, Expanding into new verticals, over 30 service providers as of today with our new products and about to launch them or recently launched and direct business transitioning to a clearly higher ARPU offering. All of this through the best business engine that anybody can have if you want to get into security. That's all from me. Thank you, Timo, for the exciting presentation. As always, when it comes to F Secure, it seems that partnership is at the core of everything. You got it. So as before, we'll continue with the Q and A. And before we take the first questions, Just a quick reminder that you can send those questions in the portal at any time. But now do we get the first questions from the room? Hey, so Wekka Silvast from Danske Bank. Can you describe the profitability? You said it's a damn profitable business, but can you describe it maybe compared to Avasten Norton LifeLock? Do you maybe have Higher cost of sales due to the partnership channel or how should we think about it? Okay. So we don't currently Share different profitability rates between the business units and we are considering doing so in the future, but we don't do that Unfortunately today, so sorry to say that I cannot respond to that right now. Okay, fair enough. Worth a try though. And then secondly, how do your Operator partners like it when you start using this kind of finance and utility providers as Your partners also, so multiple different partners selling the same product. So each one of our service provider partners It's addressing their end customers with a slightly different strategy and message. So already today, we have several countries, we may have 3, 4, 5, even 6 different operators serving the same population in a way. I don't see that the difference is that big. With utility providers or insurance Providers coming into the market, they will have a most likely different type of a total value proposition. The security offering will be tied into their offering with different commercial terms, with a different kind of a customer experience, Maybe with a different application altogether, so consumers will gravitate towards the one which feels right for them. There is lots of green pastures out there still for F Secure to conquer. Great. And then finally, can you just describe the business opportunity in the SENS home security markets? If you I've now been with the MDR business unit for the past 2 years Today still. But 2 years ago when I was still with consumer, we saw that practically every home We'll be connecting more and more smart devices into their routers. There may be a fixed broadband or there may be a mobile broadband The home, but you know independent of that practically all will need a layer of security. So I'm seeing that every single home is a potential user of connected home security. This is a slow process to roll it out because I said that in a way the integration project into an operator's infrastructure is rather slow. The operating systems and firmware within home routers are quite complex and not very standardized. It takes time, But we're seeing that the wave is growing and more and more of the operators are moving towards that. So, you know, I wouldn't be Price before 5 years from now, 2 thirds of the world's operators are using some kind of a partnership like this to provide connected home security services to their end customers. Some may be totally network centric, Some others may be much more application centric which talk to customers. So you can make it very quiet underneath and people never know about it Or it may be in the home routers. So implementations will differ, but one way or another And the game has started maybe from, let's say, the bigger end of the service providers and mid tier Who want to be forward looking and leaders in the market, but it's still very early stages, very early stages still. But I'd say a universal need. All right. Then we have some time left. So please keep the questions coming. Jakob Drormann from SMB. Another technical one on your numbers. You didn't share us the profitability you have, but could you elaborate a bit more on the Geographical split, how much it differs from overall f Secure's geographical split? Relatively similar. So we are maybe one of the more global units in F Secure. So we have significant business in Europe, but equally in Asia, For instance, in Japan as well as in North America, also Latin America. So We are not, let's say, Europe only in any kind of way. We're a global business, But our strength is once again like for F Secure is more in Europe, but we have very, very strong partnerships in Japan which are growing fast And North America for that matter. Another one, if I may. If we look at your kind of Product range and portfolio, which you would describe you have a better position against the rivals It's out there. Combination thereof. The combination of the products we have is very unique and strong. And bringing them under one single app and integratable suite, that is the strength of the portfolio. Excellent. Thank you. So do we get any more questions? Yes. So I will continue. So who do you see as your main competitors? Would it be these Kind of premium offerings or maybe premium from Avasten Noten or? I would say that There's 2 types of competition. First of all, big, big companies who are providing premium products. That's one and you know their names. And then there's a whole host of startups that are addressing potentially one product area, right, For instance, VPNs or connected home security, some of them very, very small still, Some of them already raised quite a bit of funds. So those would be the ones that we're competing against, Not so much the freebie players or freemium as the major business model. Also, if I may add, Our partners want to make money with security. So we have to make it A very strong value proposition for their end customers so that they're willing to pay. So We don't feel that scratch and sniff and try the product is the right kind of approach for us. It's a long term partnership. Okay. And then if it should go that way that The consumer business would be its own entity. What kind of benefits would you see from that kind of structure compared to the current? The same as for our business to business, higher focus on creating a brand that Speaks to the needs of the customers and channels that we're dealing with, the kind of value proposition that we develop and in a way Company image, proposition, everything optimized, both on the business to business side as well as on the business to consumer side And also potentially a capital structure which gives us freedom to put the resources and expand the resources where need be in these two businesses. It sounds like in both business cases it's about the customer perception Maybe. So is this to help sales or do you see that you would have some kind of problems with the R and D organization? Do you have enough R and D resources if you would be your own entity. Would we like to have more R and D and sales and marketing? Yes to everything, please. I would say that being a growth oriented team that we are now in consumer, we would definitely see that Some more investment in all areas is going to be helpful, right? But We're already a very even keeled unit, which can manage very well with the investment levels that we have. But we just think that increasing both sales and marketing as well as R and D to certain extent Would give us better boost. I don't think we would be considering this kind of option otherwise. Clear. And then finally, how do you see The merger of Avasten Noten, how does it affect the market? Does it have any implications on your business? Thank you. Naturally, it does. There will be a big player. It will take them time to integrate the offerings and that's always a possibility for Other players in the market for some time, I see that especially on the e com side, there will be a power to be reckoned with, no doubt about it. But as I said, we're all about the partnership. So I believe that we can still be the absolute best partner in consumer security to service providers, But there are power on the ecom side. We'll see. Thank you. I think we still have time for one question for Timo. Joanna Hintikka. Well, thank you, everybody, and thank you for the audience. You're Still wide awake, I can see. And Timo, good job minus one day into the job. So I think you're starting to get the Handle of it, so good, good. Let me just recap a little bit about the day and what we've said. So first of all, we're in the fortunate position that all of our businesses are growing, all of our businesses are operating in growth segments. So Our plan is to grow and improve profitability going forward. We have done a transformation and we are beneficiary of that To a degree, so that is already visible in our number. And of course, we aim to continue the positive development. And you heard Today about the different plans to further accelerate this development. Profitability has been on the rise. There are areas where we started investing earlier on. We are reaping some of those benefits. You heard about the elements launched from Juha. You heard about the partner program, partner network that we have done. We're starting to see that yield results and of course also equally The good work that's been done in the other units that you heard about, we're starting to grow The consulting business after some impacts from the pandemic, and we are in a good position to capitalize on our positioning the consumer and also there explore new market opportunities as you heard, for example, about the new verticals that we are looking into. And of course, fundamentally, we want to build Scalable businesses because that will enable the profitability improvement and that is especially true of course in software business Well, as you well know, we can provide repeatable products into the market and we don't necessarily need to Increased the investment because of that and that of course over time will then start showing on the bottom line as well. In Managed Detection and Response, as you can see from the gross margin figures or ambitions in this picture, Clearly, there is a technology component in all of that. It wouldn't be otherwise possible. Here, we are talking about the use of automation and AI especially and rolling out our platform into the customer base. And this, as I said, is ongoing. In cybersecurity, consulting technology also plays a role. But of course, as you heard from the presentation, this is very much about the deep expertise and understanding that we have into the customers and verticals in there. And that in itself will allow us to capture this kind of margins. Consumer Security, of course, equally as just described, Technology plays a key role. Our recent investments into a common portfolio, one application underneath which we can bring other Many solutions makes it easy and attractive for the consumers. And of course, it is very sticky with the partner base that We have. As you have seen from our reported numbers, cost levels are normalizing. So we are now starting to see them come back to pre pandemic levels. Of course, there's still A difference, for example, in terms of travel cost, we are not traveling at the moment, Almost that I would say. There are some exceptions like Ed being here from U. K. Today, but that truly is an exception. We, of course, foresee that we will need to continue to maintain a healthy level of investment In Research and Development and also Sales and Marketing, of course, with growth come Certain requirements also for those, but as you can see from here, the development has been positive. And this is what we're saying about our guidance. The outlook for 2021 remains unchanged. And let me just reiterate what it is. So for Corporate Security Products, we're expected to grow at a high single digit rate. For Cybersecurity Consulting, For the revenue, we're expected to grow, but uncertainty remains due to the COVID-nineteen pandemic that is Still a factor. In Consumer Security revenue, we're expected to grow approximately at the same rate as in 2020. And for the adjusted EBITDA for the f Secure Group, we're expected to remain approximately at the previous year's level. As for the mid term financial targets, for the Corporate Security Products revenue, we're expecting To grow at a double digit rate, so accelerating. For cybersecurity consulting, we're expecting to grow at a high single digit rate. For Consumer Security revenue, we're expecting to grow at a mid single digit rate. And regarding the EBITDA, we are expecting adjusted EBITDA margin improving towards 20%. These targets for the midterm are derived from our strategy, and they are presented, of course, here above. I want to make it clear that the financial targets are midterm ambitions And they should not be viewed as an outlook for the ongoing fiscal year 2021. Coming back to the key takeaways still, as you have heard many times over, Good partnership is at the core of who we are as a company, as an organization, how we work together, how we approach the market, how we approach We have 2 strong businesses and 3 different playbooks. We approach the market in 3 different ways. We have the elements, which is cloud native and modular cybersecurity platform. Our consulting and managed detection and response Serve enterprises with their hands on experience and they of course have the visibility from the latest attacks and from the threat landscape. And Consumer Security back on growth track. We continue to benefit from the shared technology investment and These are, of course, key to improve profitability. We are able to leverage that investment across several businesses. We serve the growing markets and we are seeking growth. Our ambitions are to grow all businesses while improving profitability. In Corporate Security Products, this growth is driven by our cloud native offering. You saw that presented earlier on. The threat landscape that is changing, it creates growth opportunities for consulting. And of course, the fact that we're deep into that, We understand what is going on. We published research around that also helps as a foundation for our own service and product development. We continue to see that the growth in the consumer security business will be driven by the service provider channel. We continue to Focus on expanding that one and especially with the help of some of the new products that we have discussed earlier on. And finally, as we have discussed now a couple of times today, we are evaluating strategic options to enable capturing growth and ensuring adequate resources for all of these businesses to grow, also in longer term. In practice, this will materialize now in 2 ways quite clearly. One is that we will have 2 distinctive brands. There will be a B2C and B2B brand separately that we will use to communicate to the market the focus. And as said, we are evaluating the possible listing of the Consumer Security business as potential way to enable all of this. With that, I think we are done for the slides for today. Thank you for your patience. I think it was Quite many slides, quite many presenters, but maybe, I don't know, time for some final questions. Yes. Thanks a lot, Johan. That was a nice way to put it together all of the slides. And thanks for also our other presenters. But now It's time for the final Q and A. So please keep the questions coming. Yes. So it's Perk Prasil of Stanske Bank. Firstly, just to make sure, You consider both your corporate and consumer security businesses as recurring by nature, right? Yes. Yes. So any plans to start giving some kind of SaaS metrics on these maybe Number of customers, average revenue per user and so forth. Yes. We intend to Develop our reporting and the KPIs that we share as we progress. And of course, I hasten to add that this is a process of becoming a SaaS company. Not every single business that we have today could be classified as SaaS. But broadly speaking, of course, our software businesses are on that track and we will continue to develop them further towards that. Sounds good. And then so there's basically no kind of legacy business, especially in the Corporate Products segment at the moment. It's a question of definition, of course, what is legacy. I mean, one could argue that It's a distinction between cloud native and on premise or such thing. We don't typically use that kind of Distinction, different products businesses have their own life cycles and we as most other companies have different businesses in different stages of the lifecycle and that's probably a better way for us to classify them. Clear. And then finally, Is the corporate business at the moment cash flow negative? And is it viable business on its I think we'll save the answers to that question for later. So we won't disclose more details on the profitability there. Understood. Felkens from Nordea. Given your current thoughts around the strategy review, What's your thinking regarding acquisitions? Are you does that play a part of your strategy? And if so, What are you looking for in terms of candidates? Yes. I think acquisition capability, if you like, is in the toolkit. And of course, we, like Many other players are continuously scanning the market and making this kind of make by your partner type of decisions. And usually the outcome then is dependent on the required time to market and deployment of resources and so forth, which is fairly routine for a company of our kind. So we will continue that work and potentially Then have something to tell later on, but nothing to announce. And on that front, of course, what would be the Candidate, I think it can either be a question of expanding the product portfolio, so finding something which is clearly complementary Or something that is clearly complementary from a customer standpoint. The other way to look at it is to kind of gear more towards a Services driven acquisition where there's a good customer contract in place engagement, But it requires really state of the art technology that could be the other option for us if we just Classified 2 types of M and A. It's clear. Then thinking about your decision to Build or buy in general, are there any sort of clear or obvious gaps at the moment that you see in your offering? Or is it more about Putting efforts into your current businesses and current solutions and investing in those and driving growth. Of course, developing a portfolio is a continuing effort and we will, of course, continue to do that. But as you heard, for example, From Juha, if we look at the customers, I mean, on average, they are being served by over 3 vendors, all of them. So it just means that nobody has the kind of a breadth of the or very few players have the breadth of the product portfolio that would cover It's entirely so you could always argue that if we had that, we could expand. But then there's also the question that It depends on what is the stage of that particular market. Is it attractive anymore? Or should we rather look at something completely new? And the information about the completely new is about understanding the threat landscape and understanding where the market is Going, and we're going to put a lot of emphasis also on that one. Thanks. Jakot Torenen from SEB. If we are talking of consumer security market and look perhaps 5 years from now, how do you see the global market developing from M and A point of view, meaning that will it be more consolidated JT, to the biggest ones or will we have more players in the field or a few words on that there? Yes. Forecasting is always difficult, especially forecasting about the future. I think what we can say today is that there's consolidation, of Course already happening and there are some really big players being put together that can command a customer base of 500,000,000 customers. But then there's the question of business model. And I think the big question will be that how Robust will the freemium model be? And if you have large companies, are they able to change that dynamic, Large players, we are not in that business, but I think that will be one question to watch. I do think there is a difference on how you Approach to market, if we look at ourselves being there with the partners and deeply embedded with the communication service providers, I would say that's very sticky. And I would say that that is a market where you are part of somebody else's value proposition. And that is a different market than selling or even providing on a freemium basis a stand alone solution. So I think it's a little bit maybe not a clear answer, but I think there are even in that market, I think there are Several fragments that behave differently. Very well. Thank you. I think at this stage we'd have one question from the line. Also considering the numbers for different business units, so the question is looking to give or get more insight to the sum of the parts, valuation of different parts of f Secure. So Any plans that you could discuss when are we going to give out more numbers? We haven't announced any definite plans regarding that one. So we'll get back to that when the time is right. Yes. One more question came to mind. So Regarding the possible IPO of the consumer business, would there be any proceeds for the remainder The corporate business, would there be any proceeds from that operations? Or just why not just to find a buyer for the business? You would Good amount of net cash to pursue growth and R and D and sales investments and so forth. Yes. Well, let's put it this way that we haven't ruled out any options in terms of what we are considering to do. But we have Elected to say that for us the listing is an interesting alternative. And time will tell how the capital structure It will look like what will be the proceeds and for whom and those kind of details we'll simply need to cover later. Klim. Ate Regla from Indus. Maybe one question about your consulting business and its profitability. You are operating in the different markets and some are bigger and some are smaller. So could you Tell anything about that on those bigger markets, are you already driving the business like profitability wise or Is it still like in the growth mode or is there some smaller locations That there wherever you need to like scale to be profitable on? Yes. I think That it's fair to say that we look at that business also geographically differently. So we have certain geographic areas where we are more in growth mode Our investment mode and in other areas where we clearly are capitalizing on the position we have already built. And that's kind of That is true, I think, when you look at it holistically. Then I think the other way of looking at the profitability in Business to look at it through the offering. So there are differences in the range of services that we provide. And then of course, We see different competition for different parts of the offering. And what we have found, for example, is that We are quite good at very complex and very demanding assignments, obviously, because they demand high expertise and we have Being able to play to our strengths. Then there are certain segments that are more driven maybe by a little bit lower value, but higher volume. Sometimes you need also that as an entry point or as a complement to your other offering. So we're very customer driven, I think, is the Way to say that. And of course, maintaining the target to grow, but also as Ed indicated to grow profitably that and manage it like a proper global services business should be managed, where we also have The opportunity to do global deliveries that are cross border rather than simply having the people in the country provide All the services and that's one example of that one. Okay. Then a little bit technical question. What is your definition For the midterm, I'm not sure if you said that already. Yes. Broadly speaking, I think we're saying 3 to 5 years time period. And of course, what we are embarking on as the new strategy, we see that this we talk about episodes. So this first episode will be about building on top of the foundation we have and accelerating, and we expect that 1st episode to be a minimum of 3 years. All right. Thank you. Thanks. All right. Now is the last chance to ask any questions. Until the next CMD. Yeah. Okay. I'd like to thank you all, all the presenters and the analysts here at the venue. So thanks a lot. Thank you very much for coming and thanks for the good participation and questions.