Good morning, everyone. Welcome to our Q2 2025 Interim Report Presentation. My name is Kate Linwood, and I am your host for today's session. With me, as always, is our CEO, John Vestberg, and our CFO, David Nordström. Welcome. Today, we will start by John giving a short business insight from the last quarter, followed by David elaborating on the financial details. After the presentation, we will have a Q&A session. You have the opportunity to ask questions. Please also feel free to already post the questions in the question box throughout the presentation. Of course, at the end, you're very welcome to ask any questions. With that, I would like to hand over to you, John.
Thank you very much, Kate. You're welcome. I would like to start with just taking the opportunity to provide some of the key highlights or the key takeaways, if you like, from the second quarter, starting with a bit of the macro situation. As we all know, it's a continued uncertainty on the geopolitical arena. As sad as that is from a macro perspective, it is nonetheless a strong driver for pushing the need for European products, European cybersecurity in particular. I think it's worth to state as well that the growth we are seeing, not only this quarter but the previous quarters as well, is still not impacted that much from the geopolitical uncertainty. Until concrete orders and concrete demand trickles down in the supply chain, it is still some time.
The growth we're experiencing right now is based on activities, I would say, over the past few years and not reflecting the current situation. If we look at the business, the growth this quarter comes from all our business lines, which I'm extremely pleased to see. That goes for our civil business as well as for our defense business. The gross margin is strong in the quarter, above our set out goal. As a consequence, of course, the bottom line is showing an improvement as well. Last takeaway message from this quarter, which I think is really important looking forward, is the ability for Clavister now to attract partnerships. We've announced a few in the quarter already. We see that as a trend, essentially, where partners and businesses across are showing more attraction to Clavister. I'll come back to that.
If we look at the growth, again, it comes from all the areas. The order intake grew with 52%. A strong order intake growth. No particular individual large orders in the quarter, which I think shows a really good robustness in the underlying business. Consequently, net sales provided good growth as well, 22%, 25% adjusted for currency effects, amounting to SEK 55 million . Again, both from the order intake perspective and from our net sales perspective, it is driven by all our business lines. Looking at our order backlog, we are increasing that one with this quarter, ending at SEK 375 million . Worth mentioning, absolutely, is that our order backlog now extends into 2029. This means from a visibility perspective, we have really good predictability over the years to come. Going back to the comment and message about partners.
What we're experiencing in this quarter and in previous quarters as well is an engagement from our existing partner network that is deepening, I would say, by the quarter. Investments that are done in our collaboration with resellers, with distributors, with integrator partners, which essentially, by all means, drives the presence we have on the market. It lays the ground for additional growth from the extended and growing partner network. On the same note, what we're experiencing as well is that we are able now to attract a little bit different tier of partners, partners that have until recently been out of reach for Clavister due to our limited size, limited brand, and so on.
I think the combination we're seeing now, the perfect storm, if you like, with the uncertainty on the political arena, the increased visibility from Clavister, and of course, the product portfolio, which is competitive, this has started to really attract a new tier of partners. We look really forward to see how we can capitalize on that. Looking at the civil business, again, the clear market drivers are coming from the geopolitical instability. There is a continued, really, really strong push, not only from the industry as such, but from the political arena, from the agencies, and so on in Europe to strive for a more sovereign Europe, reducing the dependencies of specifically American products. This, of course, benefits the few cybersecurity vendors in Europe, where Clavister is definitely one of them. The momentum is really high.
We face an inbound request rate that is really increasing now and coming from both the existing partner network and, as I mentioned, also from new types of partners. We see additional requests coming from end customers and actually on a level that we have not experienced before. Our focus remains on the mission-critical sectors and mission-critical applications. We believe that it's still a very, very good fit for Clavister, given what's happening on the market right now. Actually, given our size, we need to be very selective in the domains we're addressing. One example of this is the energy sector. I think we've talked about that in previous quarters, that the energy sector specifically is challenged by the rising amount of cyber threats. It becomes the natural target for an enemy that would like to disturb a country's sovereignty.
As one example from this quarter, we have the ability to add a major, quite large energy provider in Germany. That adds to a set of energy customers that we have already. We start seeing a good momentum, good repetition of customer cases on the energy side. Looking ahead on the civil market, I think worth mentioning and coming back a bit to my first comment on the time it takes for the political situation to trickle down into concrete business, the engagements that we've started recently, that we're starting now, naturally, they are large infrastructure projects. They take some time to design, to implement, to roll out, and naturally to see the impact on our numbers. That being said, we're creating really, really sticky long-term relationships with the type of partners we're engaging with. It adds a stability, which I think is beneficial for us as a business.
Moving on to a bit of a technology piece, some of you are aware of the AI effort that Clavister has been pushing for a couple of years now. As a bit of a background, we have our Clavister PASAD technology. That is our innovative AI technology that is the result of many, many years, 10+ years of Swedish academia research and further within Clavister. This is a technology that is really innovative. It is able to detect what's referred to as zero-day attacks. In other words, attacks that have never been seen live before. Typically, this is a type of attack that is really, really difficult to detect and to identify and to block using traditional methods, anti-malware or intrusion prevention technologies. You need some kind of AI technology to do this, and Clavister PASAD can do that.
What's really a strong benefit of our technology is that this is a technology that is deployed on the edge, meaning on devices that sit with the customer. We're not depending on any cloud or any large data center. We're not gathering big data, sending that to a foreign cloud somewhere to analyze, which obviously has massive consequences on both traffic, bandwidth, and your sovereign data sovereignty issues. This means, all in all, that this technology is really well suited for mission-critical and highly secure environments where you cannot essentially have external communication. During this quarter, we had the opportunity to get an approval, a patent approval by the U.S. Patent Office for this technology. This follows on the European patent or intention to grant, as the formal statement is. That means that we have dual patents, EU and U.S., that is protecting our IP.
Given that this is a sort of fast-moving business, we have to make sure that we have innovation as a cornerstone continuously in our business. Looking at a new, really compelling defense product, it's part of our Cyber Armour product family. It was a product launch we made during the quarter, the Cyber Armour RSG-200 product. This complements our larger RSG-400 and RSG-500 products that are being used by defense customers already. This is then, again, a ruggedized security product that is used for tactical, even mobile type of deployments. It has a really, really strong performance in regards to its footprint. It's a very compact box. It comes with the full security capabilities, the full firewall feature set that Clavister provides in all of our products. The typical use cases, this product would sit in military vehicles, in mobile command posts, and even in unmanned systems, given its small form factor.
This is also an ideal product for retrofitting of older vehicles where you didn't build in security by design from the design phase. Rather, you would like some bolt-on security onto your target vehicle. The reception from the market has been good. We secured a first order from a Northern European nation. They are deploying this product as part of what I just referred to as a retrofitting or modernization program of their vehicle fleet. We have solid interest from additional defense prospects on this one. We also announced, shortly after the end of the quarter, a very compelling partnership with Saab. Most of us know Saab, of course, leading Nordic defense and security company.
The focus of this collaboration or this strategic partnership is to combine and leverage on the experience that Saab has in the defense market and that Clavister has in the security market and take the best of those two worlds to the market. The first joint product release was actually this Monday, where we, together with Saab, announced the TactiGate XD product. This product is what is referred to as a cross-domain product. Essentially, it manages classified information that needs to pass from, let's say, a NATO secret information domain or a NATO restricted information domain to another classified domain. This is typically something that is managed by large clumsy devices today, whereas we and Saab come in with a slim, really neat little product that takes all of the capabilities from the Clavister Cyber Armour product family, all the capabilities from Saab's components into a very, very compact form factor.
We claim that this is the smallest footprint on the market, which means that when we're looking at the land domain, vehicle domain, this is an ideal product for those types of vehicles. With that, leaving the word to David to talk us through the numbers.
Thank you, John. I'd say that I'm suffering a bit from a cold, so my voice might be a bit rough, so you have to bear with me. As John said, we're seeing a solid order intake growth in this quarter. We're seeing this growth coming from all parts of our business, which is, of course, very good for us. I think when looking at the bars in the graph, it's quite interesting to see here that we're managing to deliver SEK 76.2 million of order intake in this quarter, which, looking at other bars where you see very high order intake numbers, that has been supported by single large orders, typically from BAE Systems. We have no such orders in this quarter. That is, as John alluded to earlier, showcasing an increasing robustness of the business where we see orders coming from all parts of our business.
That together regenerates a larger overall order intake. That's very positive. Looking at our net sales, we're seeing that we continue to deliver on what we have stated, a bit above 20% net sales growth. Worth remembering, this is all organic growth. Clavister has no M&A that are supporting these numbers. This is organic growth as before, also supporting the growing net sales trend line. We're seeing more and more quarters now coming in with some good margin above SEK 50 million in net sales. That's positive. ARR-wise, and I think this is important to state also for those who participated in the Q1 presentation. We then said that, as you see here in Q1, we had a dip in ARR. We said then also that this was associated to life cycle events when we did really the change of the business model back in 2021.
That created effects in 2025 on ARR numbers. As we said then, that was a one-time effect. I think we proved that by now saying that, in Q2, ARR is back on its typical growth trend. That's positive to see. It underpins what we said before. Gross profit-wise, I would say a strong improvement of gross profit in this quarter. This is very important. We're producing 22% net sales growth, but also producing an 81% gross margin. I face quite many people asking the question and having the view that growth means that we will not reach a gross margin target of 80% or above. We have been saying that, no, that's not the case. We can have growth and we can have strong gross margins. I think this proves this.
Of course, as we've said before, growth puts the margin under pressure because typically that leads to more hardware shipments. It still means that, okay, there is a growing recurring revenue base, which gives margin support. There will be different sales mix in different quarters. Here we see a quarter with strong growth, but with a lot of, also a lot of software in the sales mix, hence landing in a strong gross margin. I think that's, I think, good. It proves that Clavister can grow with maintained strong gross margins. This is something that we're very pleased with. Looking at operating leverage and looking at OpEx, as you know, we stated some time ago that we are no longer focusing on cutting costs, but rather investing in our ability to capture a good market that is becoming increasingly favorable for Clavister. This is what we see here.
The main growth drivers for OpEx is investments, well, controlled, selected investments, but still investments in mainly sales and marketing, and to a certain degree also in our tech organization, being able to enable us to grow better. I think it's also important to state that we have SEK 2.4 million in non-recurring OpEx in Q2. That is mainly related to cost optimizations. I think this is also important. I mean, we are investing in a growing Clavister, but we keep a frugal view on spending and looking harshly at, do we need an organization looking exactly as it does, or can we extract cost saved by doing changes in the organization? That we have done in Q2, which means to have some reserves then for cost optimizations that will lead to a structurally lower OpEx in 2026.
I think just as a final comment, if you adjust for those one-offs for cost optimizations, the underlying OpEx increasements is not 19%, but rather 13%, 14%, which is then well under the growth rate of net sales. EBITDA, a 60% growth in adjusted EBITDA. I think we continue to see a growing EBITDA trend, which is, again, very positive. Main drivers for the improved EBITDA is, of course, the sales growth combined then with improved margins and somewhat dampened then by the reserves for the costs for structural changes. Kind of a last comment here is, okay, how are we performing versus our financial ambitions? Ambition number one is, of course, a sales CAGR of at least or above 20%. We are delivering on that landing on 22%.
Glad then to see, repeating myself here, but with a gross margin coming in above our target of 80%, where we land on 81%. Adjusted EBITDA margin not fully reaching the 20%, landing on 16%. Would we adjust for... I think, no, we are seeing that the margins are kind of gaining more support from growth, from protected gross margins. I think we will see EBITDA growth as we're moving forward as well. Cash flow-wise, here is an area where we are actually not meeting the ambition of positive operational cash flow. We have a slight negative cash flow from operations in the quarter. That is mainly related to the fact that there are two main drivers here. One is a little bit of higher inventory levels because inventories, as you might remember, we had very, very high hardware shipments in Q1.
Hardware deliveries increased with more than 100% in Q1, putting inventory levels, of course, being quite low when leaving Q1. I would say we're leaving Q2 with more normal inventory levels. I would say there's not a dramatic buildup in inventory, but rather being on more sustainable inventory levels. Second impact is the good growth we saw in the quarter has then translated into more accounts receivables that will then turn into cash in Q3. There's a kind of temporary effect of binding more operational... Oh, sorry here. Operational... operating capital, really. That is only kind of short-term effects that will translate into cash in Q3. I'll stop there.
Okay, let's go over to the Q&A session. I've seen there have already been a few questions that have come in. Please keep them coming in. We're happy to answer your questions. Looking at the defense area, we have a few questions around defense. One is, how big part of the overall turnover do you think the Saab collaboration will be? I think this one's for you, John. Yeah.
I mean, clearly, and I think you all understand that we're not speculating or even disclosing any sort of projections we might have. I think it's fair to say that the underlying reason why we and Saab decided to partner up here is, first of all, it is a strong growing demand on the market for this type of product. That demand comes mainly from the overall digitalization of vehicles or systems on the battlefield. Given that sort of that digitalization then drives more classified information that needs to flow through the system, apparently that also drives the need for protecting that information.
Now, for a company like Clavister, being able to partner with a large vendor such as Saab with a market reach that is, of course, many, many, many times larger than our own, that is a great opportunity to reach sort of new areas or new customer groups that we are not able to do on our own. That's really the reason from Clavister's point of view. From Saab's point of view, of course, you might wonder why Saab would select to work with a much smaller vendor like Clavister. Again, looking at the capabilities and the technology that Clavister is providing, again, realizing that there are very, very few vendors in Europe that sit with this type of technology that Clavister has. The other few ones are already part of major company groups, maybe even directly competing with Saab in some areas.
Having two Swedish companies collaborating is quite natural. From a product point of view, the technologies really, really add on each other. It is really a strategic, very good partnership. That being said, we're in the beginning of a product sort of rollout or a product marketing effort here with the first product just launched. Both we and Saab have great expectations that we will be able to capture interesting customers on this. To what extent that is a substantial part of our revenue in the next year or two or five, I would say that still could be seen. Clearly, we would not, and Saab would not have done this partnership unless we believed in that it would create revenues for us.
Thank you, John, for that. We have a follow-up question around Saab. A question about, we had communicated previously that we will have a collaboration with one of the major defense players in Europe. We hadn't named the partner at the time. If this was Saab or if there is any expectation of another partnership coming up.
I think we should actually move or zoom out a little bit and look at what's the strategy for Clavister within the defense arena. I think you've seen in our previous communication that the majority or almost all of our communication has been related to working with defense contractors of various sizes. BAE Systems is the most named one, obviously, but also General Dynamics and a few others that we are not able to disclose due to defense confidentiality. Saab is clearly one of those defense contractors, but we do have commercial engagements with a couple of others within Europe that are actively using Clavister products on an operational basis next to BAE Systems and next to our proof of concept work with General Dynamics.
If we look at the long-term or mid-term perspective here, our ambition is to repeat what we have done successfully with BAE Systems on the CV90, on other defense systems as well. We've come a bit on that trip. We have several defense systems that are using our products, and we clearly want to see them scale to the same level as we've been able to scale with BAE Systems. Hopefully, Saab can be one of them.
Okay, I think that covers a lot of those. There were lots of small follow-up questions around partnerships, the future partnerships. I think that's covered that very well. A question still in defense. What is the status on the joint order from the Baltic countries plus Sweden and Norway regarding the CV90?
Yeah, so you're referring to the so-called Nordic edition that has been announced in media. As a background for those of you who don't know, this is an initiative between Sweden, a few other of the Nordic countries, the Baltic states, a couple of them at least, and a couple of other nations. The ambition is to procure a larger volume of infantry fighting vehicles. This effort is coordinated and led by the Swedish Defense Material Administration, FMV. The BAE Systems CV90 is the strong contender for this initiative. As far as I know, there has not been any commercial contract signed yet between the vendor, in this case, presumably BAE Systems, and the procurement agency. I think they are well underway.
Okay, we have another question towards General Dynamics. How is that progressing, and how can we expect this to materialize into a concrete business in the near future?
I think the relationship and the engagement with BAE Systems, sorry, with General Dynamics follows more or less on the same pattern as our engagement with BAE Systems. What do I mean with that? Keep in mind that the relationship with BAE Systems started many, many years back with initial engagements on evaluating technology, building proof of concepts, looking at integration possibilities, and actually commercial discussions that were linked to. At the end of the day, the triggering point for commercial orders always sits not with the contract manufacturer like BAE Systems or General Dynamics, but with the sort of procuring end nation, the country that essentially buys the infantry fighting vehicles. I would say, in lack of better words, on sort of the mid of that journey with General Dynamics, where we have arrived with a clear value statement to them.
They have evaluated the technology similar to what BAE Systems did back in the days. We have built proof of concepts with them. Just a couple of months back, or just shortly before summer, our products were also installed physically in the ASCOD vehicle that General Dynamics is producing. I would say we're very much at the level now where a commercial order placed by a nation to General Dynamics could very well then translate into an order to Clavister. I think that's the way of answering that.
Yeah, thank you, John. Coming away or talking about the defense business, the question is, based on all the recent progress in defense, is it a fair observation that most of the revenue comes from this sector? We have a similar question. Which segments do you see the strongest drivers to achieve business growth? Can you elaborate on that?
David would like to take that.
If we take first, I mean, it's a very good question. I understand that. No, the revenues do not mainly come from defense, rather the contrary. The vast majority of Clavister revenues comes from our civilian business. On the other hand, we're winning quite many orders and large orders in defense. The majority of the order book is defense-related. I would say that the combination here of a to a high degree recurring ARR-based civilian business together with a large and growing order book with a lot of defense, not only, but a lot of defense in it, which then translates to revenues over, as we have said, until 2029, based on the order book as it looks right now. That means that's a good foundation for growth going forward. What are our drivers for our growth? Increased geopolitical risk, a growing digitalization of society.
That combination, of course, if you digitalize in order to extract efficiencies, you also increase risk. That's the kind of the other side of that coin. If you digitalize, you need to invest in more cybersecurity. If you're seeing that the world is becoming more complex, who do you trust? Where do you... kind of realizing that, okay, Europe lacks a large cybersecurity industry. To a very high degree in Europe, we rely on U.S. and Israeli technology. I think more and more decision makers are realizing that that is actually a problem. We need to be able to secure ourselves with technology that comes from Europe. I think that combination is then very good for Clavister, not only in defense. I think that's very important to remember.
In protecting a society in a much wider scope, water distribution, energy distribution, that schools can uphold, education for children, and so forth, all that is positive for us. Icing on the cake is, of course, investments in military platforms. That is a smaller part, but of course, important and growing part. I'll be long. Do you want to add something from...
No, I think that's a good response.
Okay, thank you, David. Staying with you and some more financial targeted questions, can you please describe how much of the order book that is recurring turnover and how many years you're normally having in the order stock?
Okay, so in the order book, we sit mainly, as I said before, mainly, not only, but mainly defense-related orders. These, and they are then mainly related to BAE Systems, where from when we gain an order, it will sit roughly maybe 18 months, two years before we start delivering on that order. It falls kind of a bell curve shape where deliveries are smaller in the beginning, bigger in the middle, and then they kind of ease off. It takes roughly four years for such an order to be fulfilled. They will then give revenue support for quite a long time. We have a situation where we're building more and more orders, meaning that that will gradually build up and lead to increasing revenues from that order book. They are typically not recurring. The defense orders are not recurring revenue.
On the civilian side, on the other hand, almost everything is recurring revenues. They typically don't sit in the order book for very long. They are delivered more or less instantaneously as we take that order. The recurring revenue parts are hitting our revenues much more quickly. I think that combination is very good for Clavister because we have a good momentum in the civilian business that translates into revenues quite quickly. They are recurring. We add then a growing order book in defense. It takes time to fulfill it. That means that the growth risk of Clavister is dropping quite rapidly.
To complement on that, David, it is absolutely true that the defense orders typically are perpetual or non-recurring at the moment. That being said, the reason for that is obviously the defense market as such is quite a conservative industry that is quite recently undergoing this digitalization phase and is historically used to buy completely different types of products where a recurring element is not common at all. That being said, that industry is, of course, as well, looking at modernization itself and looking at how a more recurring element can be introduced. Naturally, we are pushing on that. That's in our interest and in our benefit.
Also, if we look at parts of the defense sector or defense market for us where our software is being delivered as software-only components, then we've experienced that it's easier to drive a recurring narrative when we're shipping only software rather than when we're shipping integrated complete hardware platforms for integration. Over time, I'm convinced that we would see more recurring, but exactly as David said, currently, it is non-recurring mainly in the order book.
Yeah, to add to that, making a long answer even longer, you should take a chance and get it. I think we can say that the defense customer, because these are very sticky solutions, if you get integrated in a system, it's not contractually recurring revenue, but we're adding customers where it's safe to say that there are customers with a recurring buying behavior. It is likely that this will translate into more orders related to different types of software upgrades because these are perpetual orders. The lifespan of the system means that since it is perpetual, you will need to come back and upgrade the capabilities of the software over time, likely also adding support elements and so forth going forward. I think it has that element to it, and that is not reflected in the order book.
Good. Another question is, given your target of 20%—more than 20%—annual growth and a positive EBIT in 2025, what concrete milestones or leading indicators should investors track over the next 12 months to assess whether Clavister is on course? How do you plan to balance growth investments with the risk of further dilution?
I think it's a very good question. First of all, I think we should be evaluated on several different metrics. One is, of course, the ability to keep the growth target of about 20%, keep delivering on that. I think that is highly important. Then adding profitable growth to this, reaching positive EBIT and growing EBIT, translating, because I think it's important in our mindset, it's important to state that we're looking for growth, but it needs to be profitable growth that generates positive cash flows. Of course, balancing that is an important trade-off that we are investing a lot of time in. How much should you then prioritize further and additional growth at the expense of EBIT and cash flows? I think that is an important trade-off that we are spending a lot of time in monitoring and finding the right balance.
Evaluate us on our capacity to grow and our capacity to grow with profitability. I think that's what we're looking for internally.
Thank you, David. Taking a broader outlook, what step is Clavister taking to foster proactive cybersecurity culture within organizations? How are you empowering your clients to stay ahead of sophisticated threats like zero-day attacks or ransomware?
Very good question. The good part here is that we're not alone as a supplier to educate or to drive the narrative of cyber hygiene within our clients or within the industry. On the opposite, I think we have a lot of people working for us in this matter. Looking in Sweden alone, looking at our politicians that have moved from basically being non-aware of cybersecurity to driving the agenda, looking at our Ministry for Civil Security, for instance, pushing the cyber agenda really, really hard. I think there's a lot of movement in the society that talks for us on this. What do we do then specifically from Clavister's side?
I mean, naturally, we're increasing our marketing efforts in a pace, a little bit alluding back to David's comment on profitability, that naturally we would like to be even more out talking about cybersecurity and Clavister's offering with much more marketing efforts. That comes with a cost. We have, of course, our constraints. That being said, we are quite aggressively increasing our marketing spend if we look year over year over the past years. I think that has been visible as well on how Clavister has broadened its brand. On top of that, we actually engage quite frequently in the political debate. We take the opportunity to try to influence the overall debate on cybersecurity, naturally with sort of the limitations we have in bandwidth being a small vendor. Again, we're being a lot helped by the overall push in society right now.
Maybe staying in this area, given the increased demand by the need for European solutions, what is Clavister's competitive edge versus larger international players?
If we just zoom out a little bit and look at Clavister, it is today delivering mainly two product groups. As you know, we have our network security product group, mainly with our firewall products, and we have our identity and access management product group with a strong focus on the user identity solutions. If we look at these two product groups alone, they represent, first of all, a huge market, a huge market growth by themselves. There are not too many vendors, and I would say in Europe, there are presumably no vendors, at least not of Clavister's size, maybe a couple of startups, but anyway, not any established vendors that sit with this sort of range of technology. These two product groups started off on the market being quite isolated. You had one buyer persona working with firewalls and another working with identity.
As things have evolved, you have probably heard of a term called zero trust, basically where you need to, first of all, stay in control of your users, your identities of your users. That alone is not enough. You then need to enforce policies based on who you are, who your users are. That combination of the identity part and the firewalling part, combining those into a really, really strong zero-trust offering, quite few vendors can demonstrate that. Naturally, the big incumbent U.S. vendors might have an offering, not all of them, to be said, but a few. This is, again, sort of the key reason that we are so much focused on the European market, because of these reasons. I mean, we are too small to pick a fight with the huge U.S. vendors. Hence, we're not moving outside of Europe, at least not to an extent.
We're focusing on the verticals, the customer groups, where they place certain requirements and certain priorities of working with European suppliers, European suppliers that can demonstrate a sovereignty of technology, meaning no dependencies on external or non-European nations or legislations, if you like. Another key aspect in this area is that Clavister has been on this market for now close to 30 years, 25+ years, investing continuously in the tech stack that we have today. I think we've alluded to this in earlier calls or in earlier reports. Very, very little part of that many years' investment have been sunk costs. We have rather built on our product portfolio incrementally over a long, long period of time, reaching the level where we are today. That means that the barrier to entry into this market for a new vendor is extremely high.
I don't really see that we will face completely new vendors on the European soil. We will continue to meet the American vendors with the strong benefit of us being the European alternative. Naturally, scratching sort of under the surface, you will see a lot of technical differences as well. That being said, the products still have to do what the requirements are set out to do, which means that this is, I don't really want to use the word commodity market because that alludes to something quite non-technical and non-complex. This is a complex market. That being said, the products are performing, providing the capabilities that the big American products are doing. We have some edge in some technical areas. The other vendors have some edge in other technical areas.
It comes down to sort of the high barrier to entry, the geopolitical situation, the credibility, and the references we've built in our selected verticals. Of course, a good degree of technical robustness. A bit of a long answer, but again, coming back to the fact that we are being approached by new types of partners really points us to believe that, yeah, the amount of vendors out there that can fulfill today's European requirements are very few. Clavister is really, really one of the names that are floating out there.
Yeah, and I think just adding very quickly to what John said, which is very important for driving our growth, sad for the world, but still, is asking the question, could a Donald Trump administration force U.S. security companies to add backdoors into their firewalls, giving American agencies access to your very sensitive data? Yes or no? I think that question is a key factor driving our relevance because under Swedish law, that is not possible. I think people should give that some thought.
Yeah, you've touched upon the IAM business. We have a question for that area. What is the development regarding new orders and customers within IAM from PhenixID?
Would you like to take that, David?
Yes, for those who might not know, the name PhenixID, back in 2016, 2017, Clavister acquired a company named PhenixID. That forms up roughly a third of our revenues today, and that's where our identity and access management business sits. I think that part of the business has showcased a good growth over quite a long period of time. What we're seeing and what we're doing is working to more and more tightly integrate our firewall and next-generation firewall business with our identity and access management business because in being able to offer a more complete solution regarding zero trust, where we protect with identity and access management the individual and with firewalls the network. If you combine that, you can create higher security for the individuals and more security in the network by protecting both. That's a very good growth potential for us.
It has the same key selling points in Swedish technology, high resilient products. They have a high degree of stability, geopolitical risk, and so forth. We're articulating the same customer groups. The development has been good. I think we can extract even more growth in that part of the business by leveraging, because I think this is also important. Overall, the traditional firewall business has a larger reseller network, which the IAM business can benefit from more, which we are working very actively to utilize. I think that's an important growth driver going forward.
Thank you, David. How is Clavister addressing the challenge of balancing robust cybersecurity with user accessibility and cost effectiveness for organizations of varying sizes? From SME to the large enterprises?
Yeah, this is actually one of the reasons why we, a number of years back, took a hard look at our go-to-market strategy, looked at what are the customer groups and the sizes of customers that benefit from a Clavister solution and that are relevant for Clavister to address. The area of mission-critical applications or critical infrastructure, if you like, there are many names for this, where we have specifically decided to focus on the public administration within Europe. That would be your municipalities, regions, state agencies, and so forth. The energy companies, the telecom customers, and the defense customers. Those four customer groups, they represent, first of all, good, hefty growth opportunity going forward. They have a common denominator in the fact that if they suffer from a successful cyber attack, there are really dire consequences, not only for the organizations themselves, but for society in general.
In addition, they are fairly sizable. Naturally, there are variations in size, but they are fairly sizable as customers. That being said, our focus with our product development roadmap, with our sales and marketing efforts, is exclusively on those customer groups. That really helps us to balance the investments and staying focused on requirements that are gaining the sort of viability of the products for those customers. Whereas being too broad or being too split-focused would have led to a very, very scattered roadmap, very scattered sales and marketing investments, and potentially no growth coming from that. The technology that is being developed as a result of that still is highly viable for an SMB or a mid-sized enterprise. A lot of our channel partners or resellers, they, of course, sit with a base of that type of customers as well.
We have a sort of, I wouldn't call it hidden, but we have a stream, a run-rate stream of business coming from our partners from customers that we do not address ourselves. That's a quite interesting leverage that we have in the business, being able to sell to customers which we're not actually focusing on. That's really good. It's inevitable for us to do that because we need to focus. Also, looking at the general enterprise market, it is a big market, naturally. It is also a market that is dominated by really, really huge American vendors, where we would lose deals probably 19 out of 20 just because of our smaller brand. At the end of the day, this focus we have really helps us doing this balance.
You're talking about our customers. There's a question come up. Does Clavister use the opportunity to measure NPS, the Net Promoter Score, regarding customer loyalty?
To be honest, we're not doing it as systematically as we maybe should. It hasn't been a strong focus for us. What we have done in recent years is to create and work with our partners, our end customers in various types of user groups, forums, building really, really tight relationships with them to make sure that we not only onboard new customers, but also sit with them, maintain them, work with them, get feedback from them on a continuous basis. We've had some Net Promoter Score measurements in the past, but again, not systematically. Good idea, good advice. Maybe we should do it for the future.
Okay, coming more to the communication area, there's a question. How strongly does Clavister emphasize that, unlike many other alternatives, it doesn't have built-in backdoors? Our communication previously has also been strongly on no backdoors. John, can you elaborate on that?
Yeah, absolutely. I mean, this is a really good question. It is, at the end of the day, really about what is the brand and the credibility that Clavister wants to build and needs to build. Our experience is that even though the no backdoor story is relevant for many customers, of course, it is nothing that we should lead with in terms of a marketing narrative because essentially what it says is that all other vendors are crap and they are fooling you as a customer. Badmouthing your competition is rarely a good marketing path. We want to emphasize the strengths of our products and the benefits and all of that. Stating that our products have no backdoors, that's a bit of a given, to be honest, in this market.
We have to be a bit careful using that because it can backfire as us trying to badmouth the competition. In the discussions with the customers, of course, the question arises from time to time, you know, what's your take on the presumed backdoors and in some cases, proven backdoors in some U.S. vendors' products? To that point, we can only state that, well, that's nothing that we would do. There's no legislation that would enforce us to do so. It would be against all our business ethics to do so. There's nothing to gain from doing so. We are the trustworthy European supplier. In those one-to-one customer dialogues, naturally, it pops up from time to time. We're not leading with that narrative. It can backfire.
Yeah, quick, you can add one thing to that because I agree with what you say. The question is relevant, but I think we more emphasize that Europe needs to be able to protect itself and critical European interests by using European security technology. Talking about if you place your trust in a third country, you rely heavily on legislation and political decisions in that country. In our case, it's the United States. to a high degree and to a certain degree Israel. I think that is more relevant because then we're not talking about our competitors, but rather looking at the legal systems in Europe and the needs to protect ourselves. Why outsource that to someone outside the Union and to their legal system? That makes you very vulnerable in a situation of increased tensions or conflicts. More from that perspective, I would say that we're articulating.
No, thank you, David. We're kind of slowly coming to an end. I have one last question regarding communication that can be interesting for the audience here regarding the press releases. The question is, some press releases are not fully reached or not fully reaching a market. How is your decision to prioritize which information goes to which channels? For example, there was a press release on our website about our Netsecurity partnership, which wasn't sent to investors. John, can you elaborate on how we decide which news piece goes to which audience?
Absolutely. Communication or sort of selecting what's newsworthy or not is, I mean, that's of course always a thing we're reviewing internally. I think Clavister, as a business, has moved from a point where we tried to announce everything, which in the end resulted in a quite sort of diluted message in the end, where the audience could not really understand, is this substantial orders coming in? Is it some future potential nice-to-have business? Or what is it really that Clavister is trying to communicate? The position we've taken lately has been that given that we now are positively engaging with large partners like Saab, bringing in new orders on quite a big magnitude, we have concluded that it's better to announce to the capital market at least the substantial orders, the substantial strong brand partnerships.
It's a fine balance because you know recently we announced in the press, not to the capital market, that we were starting to work with the Norwegian partner, Netsecurity. Obviously, from a brand perspective, that's a much smaller partner than Saab. Clearly, it would sort of warrant a smaller communication from our side. However, it is a strong actor on the Norwegian market. It could very well turn into good business for Clavister. At least that's what we hope for. It's a fine balance. Again, our position that we've taken is that onto the capital market, focus on these substantial orders, substantial news with really big brands, because we believe that's in the best interest for Clavister and the capital market at the moment. Again, we're reviewing it and assessing it as we go.
Thank you, John. Yeah, we are already over time. Just a quick shoot at the end. John, you have 30 seconds. What are you most proud of from the quarter?
From this quarter, it is the strong order intake growth without being supported from a single large order. I think that's really demonstrating strength. I'm really happy about that.
For you, David, what are your highlights?
I think I go back to highlighting the fact that we are able to demonstrate that we can showcase a high net sales growth with a high gross margin. That growth does not mean a diluted margin. I think that's very important. I also saw in the chat a question that we didn't answer, which was, what's the impact of repaying debt to the EIB? A very short answer is, the EIB debt is quite costly, meaning that when we repay the interest-bearing part of the debt, that reduces debt. Interest rates are a bit above 10% on the EBITDA . We reduce that with the TO8 to TO9 warrants programs. It has the corresponding impact on our financial net.
Okay, yeah. Thank you very much, John, and David, for answering all the questions for your presentation today. Thank you very much to the audience for being here, for posting all those questions. It's really good having your input and being able to answer directly. That's really valuable. Thank you for attending today. This recording and also the report will be available on our website. With this, we would like to close today and wish you a great rest of the day.
Thank you very much. Thank you, Kate, for hosting us.
Thank you.