Welcome to SSH Communications Security's investor call for Q2 of 2025. I'm Aino Virolainen . I am a member of the SSH Finance team, and I handle our investor relations. The Q2 results will be presented by our CEO, Rami Raulas , and our CFO, Michael Kommonen . After the presentations, we will have a Q&A session. If you have any questions during the call, you can ask by posting in the chat. The call is hosted with our own solution, SalaX Secure Messaging. The call will be recorded, and we will share the recording on our investor pages. I think we are good to start, so I will invite our CFO, Michael, to start with the financials. Please go ahead.
Thank you, Aino, and good morning also on my behalf. Looking at the second quarter results, our net sales grew 5.7% and EBITDA reached EUR 0.4 million. Net sales totaling at EUR 5.4 million. Underpinning this growth was a subscription ARR growth of 10.9%, and PrivX overall sales grew 15.1% in the second quarter. EBITDA was, as mentioned, EUR 0.4 million. This is broadly in line with the comparison period one year ago. We did see some currency headwinds in the first half of the year, particularly in the second quarter. At a comparable constant currency rate, the sales growth in the second quarter would have been 1.9 percentage points higher, so 7.6% at a comparable currency rate. We also, in the second quarter, worked on the partnership and investment agreement with Leonardo that we announced on July 1st.
We closed the framework investment agreement and the partnership agreement with Leonardo, and we also closed the first PrivX deal with Leonardo. In the second quarter, the overall subscription growth, excuse me, subscription sales continued to grow. Subscription sales grew 9.5% in the second quarter. Deferred revenues were stable at EUR 10.9 million. Profitability EBITDA and EBIT were also broadly in line with previous years. For the comparison period, EBITDA is slightly below last year and EBIT slightly above the year-ago quarter. Cash flow from operations was negative EUR 1.4 million. With that, I will hand over to our CEO, Rami, to discuss our second quarter in greater detail. Rami.
Thank you, Michael. Even though our kind of number growth, revenue growth was moderate, 5.7%, although a bit higher if you take the constant currency into account with the weakening dollar, we for sure aspire for higher growth than that. We did indeed have a lot of activities, again, to enable our network and create more new opportunities into the pipeline for future growth. If you look at it from the invoicing growth at 35%, maybe that indicates that that is a measure of us being able to create new opportunities and increase the amount of activity out in the field. Indeed, in June, invoicing grew even more, and the PrivX invoicing grew fabulously over that summer. There were timing issues, so you know renewals or further orders changing from quarter to quarter, but also quite a bit of new orders there as well. We have a clear partner strategy.
In the quarter, we signed up a few more new partners here in Finland, as an example, Loihde and Cinia, both of which have also won together with us their first OT, manufacturing OT security customers, and together we're working on many more. Of course, our strategy has been more feet on the ground. Indeed, we had a lot of different partner engagements. That is Hungarian. This is British. This is somewhere in Asia. This is certainly Japanese, with our partners altogether. We also organized partner summits, had about 100 people, including CEOs and leaders of our partners in Prague, in Central Europe, in Bangkok for APAC, and in Helsinki for the Nordic market as well. Very successful events, and I'm sure we are able to create more common work with our partner network on the back of those great successes.
We had a few new wins as well in the finance sector. These are mainly PrivX wins, also NQX, network encryption. A large, one of the largest trust funds chose PrivX for highly automated audited access control. A large OT, manufacturing equipment fleet management solution for an automation vendor for logistics and supply chain, automation and robotics, which has its origin out of Japan, was won as well in the quarter. We had progress on many solution areas as well. I'll come to those in a bit. You may have seen some recent press releases, a little bit delayed from June, but still having the impact for Q2 activities. Even with the vast, a lot of activities across the regions and solutions, there is actually one thing, one thing that is above everything else, and that is our strategic partnership and the investment of upcoming investment of Leonardo into the company .
This is what we spent our time. This is where I spent most of my time. This is what brings another 100 ft on the ground on top of the 100 ft that we had in the partner events, as you saw earlier there. Let's have a short recap on that transaction. Michael, I've already explained that. This is a transaction of us becoming a strategic partner with Leonardo on the back of an investment into 30.3 million shares at the value of EUR 20 million. This will go through on August 7 at the extraordinary general meeting to accept this, and then the Ministry of Economic Affairs and Employment are conducting their standard foreign investment survey as we speak here as well. We expect the transaction to go to close in Q3, so pretty soon. Just a few words about Leonardo .
We had that announcement event on July 1st, just a few weeks back. Not to go overdo it, but just to recap. Leonardo is a major player in many domains in defense, critical infrastructure, you know, like energy, transportation, and so on, and public safety, with a EUR 17.8 billion revenue last year, 2023. You can see the activities there in the areas of air, rotary wings, space, fighter jets, land vehicles, cyber, and maritime, electronics, and solutions for the maritime defense market as well. Leonardo is very active in partnerships. In the drone space, they've just announced a partnership with RIACE . In the land area, it's a partnership with Rheinmetall . In the space, it's a partnership with Thales. In the rotary wing, a partnership across European and Japanese partnership for the sixth-generation fighter jet. Leonardo grew much more than that.
There are, I think, exciting projects for digital twins, like having sensors in bridges and monitoring the health and stability of bridges as a digital copy of the physical bridges, license plate recognition with the U.S. police forces, physical security with video surveillance systems, AI-based video surveillance systems in energy companies and energy grid operators, and then public safety networks, communication networks, like the similar ones like we have in Finland called Virve 2. By the way, indeed, often when we talk about the UFVs, so unmanned air vehicles or unmanned ground vehicles or unmanned sea vehicles, we just announced our partnership into the European Union project on that called PROACTIF, which aims to develop sensor technology for unmanned solutions.
Our role in there is to make sure that the connectivity to those unmanned vehicles is managed in a low latency, high bandwidth, secure, quantum-safe, secure network connection with an audited and role-based control access. That's our role in there. In that project, also Leonardo and, by the way, Nokia also are participating as well. Cyber is a growth area and a strategic area for Leonardo It was announced as a strategic area in the strategic plan about a year ago. I'll say a few more words about that later on. Cyber is not really a separate entity. It's all kind of multi-domain, cross-domain, because everything is digitalizing. Even armament systems and military solutions are digitalizing, which means that cyber plays a role in that in terms of securing the digital connections.
That is where we see the opportunity as well, not only in cyber and cyber defense in its own domain, but also as a cross-domain and multi-domain connecting to the different other parts of the solutions in the Leonardo massive family. This is all very much in line with our own strategy transition or development in the past five years. You've seen me present this earlier, is that we particularly targeted the defense market as an example, starting from five, six years ago with product development and some agreements. Indeed, all of our solutions are available and used in the military space as well. We have taken a year ago further steps into the NATO market. On our own, that would have been a bit more difficult. The partnership with Leonardo now opens doors significantly differently there.
If you kind of think of where we started from as a company decades ago, we started from a finance market, which has been the most regulated market, retail market, healthcare operators, and then, of course, technology and IT companies. That's been kind of our domain. In the past five years, we had a really clear strategic shift or addition to that. We launched the term defensive cybersecurity two and a half years ago to enter the markets of defense, critical infrastructure, federal governments more widely than we've been into, and especially manufacturing operational technology security. Of course, now I can say that the manufacturing companies have been the most attacked industry, you know, for ransomware and extortion four years in a row. Earlier, it was three years in a row.
There's a role to be played to secure them and put cybersecurity defenses in place, also to protect the resilience and continuity of operations, also in manufacturing environments. As you can see, this is all very much in line with Leonardo's main focus areas and kind of home territory. How does this all fit then to Leonardo and SSH? Leonardo's cyber operations have been pretty much in cybersecurity and resilience, you know, governance, risk management, architecture design, education, assistance, security operations, huge security operation centers in three continents, identity and trust, digital cloaking, if you wish, threat hunting, secure digital platforms for sensors, secure cloud, secure collaborative working, professional communication systems, and zero trust suite. Leonardo, as I said, announced their intent to become the leading cyber and security player in Europe for mission-critical environments in the target segments and markets where their strategy lies.
They decided to do it through mergers and acquisitions and strategic partnerships to expedite and have a faster entrance into the market of solutions. They're very strong. Leonardo is very strong in the services market and consultancy market and have strong agreements with multiple governments. For the solution market, this was a faster way in their strategy to bring into the product portfolio cyber products like SSH portfolio, PrivX, NQX, SalaX, FQX, enhancing secure cloud, digital platforms, cyber resilience, enhancing mission-critical communications. Leonardo just announced a strategic partnership with Nokia on that one and cyber consulting monitoring as well. Domains like you see in the pictures here, the bottom one is a security operations center monitoring service for the space agency.
From our side, as I said earlier, we had a really clear strategy to enter into these segments of the market and have indeed been fairly successful in so doing, especially in the Nordic market and close-by markets. We need muscle. We needed muscle and presence in the largest European markets and in the NATO space, NATO domain. That partnership now, both the strategic partnership agreement whereby our solution base becomes the center of excellence for zero trust access management and quantum-safe network security and encryption, gives us a totally different leverage to be able to build upon our growth. This is not just an agreement, you know, names on a paper. We are already on the roll. Here are a couple of examples of what has already taken place since June and a bit earlier as well. We organized a sales summit here and I invited Leonardo.
You can see Nunzio, Pierpaolo, Enrico, and Davide in the picture there with our team. We were visiting also Le Bourget Air Show, which is a massive event for the defense market and also civil air aviation. You can see there David, who runs our European business, and then Alessandro, CTO of Leonardo, and Francesco, Strategy for cyber. We just this week had an onboarding session now for about 100, yet another 100, 100 commercial people, so salespeople and technical people in Rome. Our team was there. Highly successful and exciting event to seek and define and look for opportunities to work together further than the initial win, which we already kind of announced. The initial common customer now or partner customer through Leonardo is an energy grid operator, the major energy grid operator, and this is a PrivX deal.
Of course, our aim, coming back to the earlier statement that I said, is to develop our solutions into the multi-domain cyber solutions, which is a kind of a longer-term strategic development opportunity. All right. Today we keep our presentation quite short. Mikko, if I invite you here, and I'll save you while we're on solutions though. Maybe Tom and Omar, we talk a lot about our products, so maybe we need to save you as about the solutions as well. We introduced NQX 3.1, which is now the latest quantum-safe implementations. It'll also be NATO, the European Union, and nationally certified soon. It's quite important now because Europe now introduced the European Union with the European Commission published a post-quantum roadmap which urges the member states to begin the transition to PQC. It's finally happening.
In the U.S., we are part of the National Institute of Standards and Technology post-quantum cryptographic building block consortium to ensure proper transition to quantum-safe encryption in the U.S. market, but also more widely. We also introduced a couple of new functionalities into PrivX. We integrated the key manager, which was earlier kind of a different starting point, but it's now fully integrated as a password SMK, the solution for automating access controls. We developed and introduced a bit of demand from our partners in the U.S., FIPS, which is another NIST federal encryption standard, which means that you have to use government-approved cryptographic libraries in your solution to be approved. We are one of the two now that have the latest FIPS validation, something called 140-3. This is important because in the U.S.
federal government, the mandate is to move to that new standard -3, as opposed to the existing -2, where we already have some other products validated by the end of next year. There is a bit of an urgency for the new standard or new cryptography standard to be implemented also in the U.S. government. We have it now in PrivX available for customers and started a campaign for it last week. For SalaX, we introduced a few more new things. First of all, it's now available from a secure cloud offering. We also offer a free version for people to test it, and that's why I think interestingly gotten a lot of traction.
We also announced just probably a couple of days ago integration and availability of SalaX Secure Messaging with legacy public safety networks, which are Tetra radio-based, like in Finland and Virve network, and also availability in the new generation LTE 5G generation networks, which in Finland is called Virve 2. Quite important progress on the solutions. These are, in my opinion, necessary developments to give us opportunities to open more dialogues, open more new deals with customers with the cover and more extended functionality of our solutions. That was the mandatory part of our products, which we always highlight so much about. Maybe now, Mikko, I'll invite you here to say a few words about the... We can stay both here, actually, and we can take the Q&A after this one as well.
Yes, thanks. Yes, for the outlook, we are reiterating the outlook that we gave in February of this year. That has not changed. We expect net sales to grow compared to 2024. We estimate EBITDA and cash flow from operating activities to be positive for the year 2025. Here you can see our numbers for 2024, ARR EUR 20.5 million. In 2024, our net sales grew 9% and EBITDA was EUR 3.4 million.
All right, thank you. We will move on to the Q&A session. I will be checking the chats for questions in just a bit. As it's been tradition, we will take the first questions from Redeye's analyst, Fredrik Reuterhäll . Frederic, if you're ready, please go ahead.
Thank you very much. Good morning, and thank you for a good presentation, Rami and Michael.
Thank you.
I do have some questions. The first one is, over the last years, how much have you been partnering or working together with Leonardo? I'm curious, how well do you know that before?
No, the dialogue started about half a year ago. Of course, we knew it. We've been having some dialogues already through, for instance, kind of export activities. We had a joint project discussion two years ago on some European Union projects in Italy that never led anywhere. Of course, we've been kind of thinking and looking at and working with different defense and space companies. We didn't have indefinitely, I would say, before the dialogue really started.
Okay. This partnership is a large milestone for you, no question about it. It's a major quality endorsement. Is there a risk that you lose focus on your other partnerships and your communicated focus on the U.S. markets? Will this partnership change any of your earlier strategic plans?
Yeah, that's a really good question. I think we haven't been able to grow, as you can see, and always challenge me. I spent a lot of time not being able to grow as much as we aspire, as I said. Our partner network is growing and the activities are growing, but it hasn't really yielded, resulted in too significant growth numbers. We need stronger partner activities. This certainly adds, I mean, the kind of mandate given to the company. Everybody said, hey, we need to spend 50% of our time on this and 50% on the rest of the businesses. By the way, Leonardo also has about 8,000 people in the U.S. We want to explore how we can leverage that to benefit as well. No, we're not dropping the ball. We're not abandoning our current domain territories. We have a really strong customer base.
We want to do better account management, key account management, and land and expand and grow with our existing customers. We will certainly win and develop more business in other domains as well than the domains where Leonardo is a dominant player. It needs to be a balanced act moving forward.
Yeah, okay.
This is our biggest partner opportunity and our biggest market. No question about that.
I have some questions about the sales process and payments. I mean, you announced you were already in the press release. I remember, I think it was PrivX, right? I mean, going forward, will you announce all the flows and all the values there? How do you think about that?
I think we're not planning any changes to our disclosure policy. With that, we will announce deals that might not be above those thresholds but are significant for other reasons in terms of verticals, customers, or use cases for our products. Those, I expect us to release going forward also as press releases.
Okay.
I think you have to, Fredrik, you kind of have to deduct from the invoicing number the orders flow rather than seeing it separately.
Can you talk some about the sales process? When in the sales process do you come on board? Will all the sales go through Leonardo ? Can customers come directly to you? You're on the shortlist, so to speak.
Yeah, yeah. I mean, our job so far has been to develop the business, you know, create demand for our solutions, and then work together with partners. We need to provide leads and opportunities to partners, and of course, partners need to work with our products to their customer base. It's a two-way street always with partnerships. With Leonardo , it's the same thing, right? Indeed, the first win actually was a lead that came from us from an event. Surprisingly, Leonardo was already a supplier for that particular energy company. That was a meeting of things from two directions. In the strategic agreement, we are granting exclusivity for Leonardo in certain areas, which is the defense and space, NATO, and certain other markets, when our solutions are part of the integrated zero trust suite or zero trust platform that they offer to their customers.
Okay. I'm curious about, if you can give us some kind of anticipated sales mix between your products. What products do you believe would be the most attractive for Leonardo?
Yeah, we don't report the mix of product sales like we do regional sales. From the revenue growth, you can kind of deduct it. You know, the PrivX zero trust suite is our biggest domain, by far at the moment, followed by NQX and SalaX. PrivX is built on the N zero. As you saw on the slide as well, Leonardo's main focus is on zero trust in the cyber domain. Our solutions are kind of in the core of zero trust. There are multiple other elements. I mean, they just announced another acquisition as well for attribute-based access controls of a Swedish company. It's a portfolio of solutions, but we are kind of in the middle, in the center of that. PrivX is certainly the drive. NQX, just given the understanding that everything is connected, and when you transcript data, it has to be really well encrypted and protected.
NQX would be a number two, and then the other solutions.
I'm thinking about the payment steps when you receive orders within these partnerships. Would the payment be as before subscriptions, or would it be license or milestones payments? I mean, depending on products. What I'm after is how the cash flow looks like.
Yeah, our strategy is based in pushing for subscriptions. Selling licenses is an exception. I mean, if there's a really heavy hard-headed CapEx customer, we are willing to negotiate. Subscription sales is our main deal. Most customers pay annually. There are some customer cases every once in a while, they pay in advance maybe three years. I would say annual subscription is the dominant way of working and moving forward.
Okay. I think to kind of expand on what Rami said, I don't think we expect any significant change to our order-to-cash process or collection payment terms, things like this. We expect to stay broadly the same.
Okay, good. My last question here is regarding cost. I mean, you talked about it in your presentation, Rami, that the first steps are already taken in Italy. Will there be any more cost drivers for the partnership? I mean, do you need to hire more personnel, open up an office in Italy and so on?
Yeah, we have an office on the seventh floor in Rome. That's already agreed and half meant. We're looking into that. For sure, overall, I think we've been communicating that already earlier. We need to strengthen our presence in the digital space and demand some marketing spend. We need to have a bit more bias and focus on customer-facing resources for sales and professional services and technical engineering parts. Certainly, we need to, and we will increase that to some extent.
Okay, thank you very much. That was all for me today.
Thank you.
Thank you very much. I will now check if we have any questions in the chat. We don't seem to have any questions, so we will close the call at this point. Thank you very much, Rami and Mikko, and thank you to everyone who joined us today. Our next investor call will be October 23 when we release our results for Q3. Thank you again for joining us today, and we hope to see you in October.