Good morning, and thank you for joining us for Plurilock Security's Conference Call to discuss its financial results for the year ending December 31, 2024. I'm Sean Peasgood from Sophic Capital, Plurilock's investor relations firm. On the call today, we have Plurilock CEO Ian Paterson and CFO Scott Meyers. During the call, all participants are in a listen-only mode. Following the presentation, we will conduct a question-and-answer session. We encourage you to submit your questions through the Q&A tab at any time, and management will answer them following the prepared remarks. Before management discusses the results, I'd like to remind everyone that certain statements in this call may be forward-looking in nature. These include statements involving known and unknown risks, uncertainties, and other factors that could cause actual results to differ materially from those expressed or implied in our forward-looking statements.
For caveats about forward-looking statements and risk factors, please see Plurilock's MD&A for the year ended December 31, 2024, which can be found on our company profile at Cedar Plus. Unless otherwise stated, all dollar amounts referred to in this call are in Canadian dollars, the company's reporting currency. I'll now pass the call over to Plurilock CEO Ian Paterson. Ian.
Thank you, Sean, and thank you all for joining us today. Good morning, and welcome to Plurilock's financial results conference call for fiscal year-end 2024. My name is Ian L. Paterson, CEO of Plurilock. As we review the results, I'll provide some highlights along with a business update. I will turn the call over to Scott Meyers, our CFO, to walk through recent financial performance. We will wrap up the prepared remarks discussing our outlook, and we will leave some time at the end for Q&A. Before we start discussing our financial results, I actually want to take a moment to reflect on the broader cybersecurity landscape. In 2024, the threat environment grew much more complex and dangerous. We saw state-sponsored attacks, AI-driven threats, and supply chain vulnerabilities become more frequent, more sophisticated, and this puts unprecedented pressure on both governments, enterprises, and organizations of all size to act decisively.
This has really shifted the cybersecurity industry from a back-office IT function to a board-level and national security priority. Within that global context, Plurilock continues to execute with discipline. We built our business around real-world security needs, ones that are becoming more urgent, more complex, and more strategic with each passing quarter. In 2024, we demonstrated that Plurilock is a trusted partner to governments and commercial clients across North America and NATO countries who are navigating this increasingly high-stakes environment. I'll ask Sean if you'd indulge me to go to the business overview, and we'll talk about the three interconnected business segments. Plurilock has three business segments today. We have our Solutions Division, which is the core unit that provides technology and cybersecurity products through an extensive network of partners and customers.
It also serves as a key entry point for both our Critical Services and SaaS offerings. Critical Services, which is something we'll be talking about quite a bit on this call, is a specialized team that delivers tailored cybersecurity services to help clients address urgent security challenges and build long-term resilience. Plurilock AI, our proprietary software as a service platform, is focused on advanced security and identity protection. While all segments are contributing to overall progress, Critical Services, which we formally launched in February of 2024, has become a strategic priority due to its significantly higher margin profile and its ability to create long-lasting client relationships. Acting as a trusted cybersecurity advisor, Plurilock brings deep domain expertise in regulatory compliance, security architecture, and technology integration to support government agencies in Canada and the U.S., as well as large global enterprises.
Our strategy is to build on existing customer engagements, transitioning them into recurring managed services. By introducing adjacent high-value offerings through our reseller network, we help clients solve more of their cybersecurity challenges, deepening relationships, increasing retention, and enhancing profitability. I would like to walk through a few highlights from the year. Sean, I would encourage you to maybe go through and show our business update slide. To start with, the gross sales bookings of CAD 81 million for the year ended 2024. This is an increase of 15% from our previously reported CAD 70 million of revenue in 2023. Gross sales bookings are unaudited numbers but are a reflection of what our revenue would have been, rather, had we continued to report with the same accounting practices that we had had in the past.
Now, with that implementation of our new accounting practice, which focuses on recognizing revenue from software and services over time rather than upfront, recognized revenue for 2024 was CAD 59 million, which was essentially flat over the new adjusted 2023 revenue. This shift aligns more accurately with the long-term nature of our contracts and strengthens our ability to build a predictable recurring revenue model. As a result, we introduced backlog as a key metric to better reflect the scope and duration of our contracted business. Because we did not previously report contracted backlog on a consistent basis, comparing this quarter's results to past periods is inherently challenging and may not present a clear picture of the company's trajectory. We now have a contracted multi-year backlog, which as of December 31, 2024, was CAD 56 million.
This is a new metric that investors can track and use to model out future revenues. The introduction of backlog highlights the strength of our current business pipeline and provides a more meaningful indicator of Plurilock's future revenue and margin potential. The backlog is comprised of both critical services as well as software revenue, which we expect to be recognized over approximately three years. Our critical services business grew 152% year- over- year to CAD 8.7 million, and we've added multiple new professionals to support that demand. This critical services segment has been a primary focus of the business, and we also expect to continue to focus heavily on this segment moving forward.
The other thing to mention is that Plurilock's switch from hardware-centric technology sales to more software and services aligns with our core thesis of buying access to customers and leveraging that platform to drive higher margin products and services. Really, these efforts have been designed to support longer-term margin improvement by diversifying revenue streams and deepening recurring service relationships. Gross margins increased to 13.1%, up from 8.5% as we continue to push our unique brand of higher margin Critical Services as well as software, which led to gross profit increasing 50% to CAD 7.8 million, even with the new reported revenue recognition practices, which again were flat roughly year over year. Now, it is worth reminding folks that despite being a Canadian headquartered business, well over 90%, specifically 92% of our revenue comes from the United States, which really positions us firmly in the world's most resilient and security-focused market.
These achievements are not just financial; they're also strategic. As threats evolve, customers need partners who can not only sell cybersecurity products and technology but also architect and implement and operate those technologies in complex and real-time security solutions. That is where Plurilock differentiates itself. We've deepened our role with customers by becoming a hands-on, high-trust partner, and that also includes our strategic partnerships with leaders like CrowdStrike and Forcepoint, which are a very large part of that. These relationships help us expand market reach and solution depth, while also continuing to enhance our credibility. Leveraging our trusted position within the Canadian and U.S. public sector space with government agencies, we are now expanding further into the commercial sector. Our success in high-stakes environments like defense and energy and infrastructure builds confidence in our ability to serve large commercial enterprises with equally critical needs.
Now, it's worth noting Plurilock historically has experienced a stronger half, which we certainly saw last year with Q4, Q3 and Q4 consistently driving a larger share of our full-year performance. Despite macro uncertainty and volatility, we continue to demonstrate operational resilience, consistency, and strategic clarity. We are executing on a focused playbook, delivering hands-on cybersecurity solutions, building long-term customer relationships, and selectively expanding into commercial verticals where our credibility and expertise translates into real-world opportunity. In 2024, we made a deliberate investment in strengthening our sales organization along with our growing pipeline and evolving service offerings. As I said, we've added multiple new professionals to our critical services and sales team. Plurilock's partner ecosystem also plays a critical role both in market access and service delivery.
The company has seen steady engagement and continues to fulfill a wide range of customer requirements across both government as well as enterprise channels, which is contributing to active business development and customer acquisition efforts. As we continue to scale, we're committed to ensuring our sales function remains agile, aligned with our higher margin offerings and supported by the right tools and incentives to drive long-term, recurring, repeatable customer value. It is the combination of these expanded capabilities, the deepening client relationships, and recurring revenue momentum, which is beginning to generate flywheel effects. That is something that we expect will accelerate as we execute against our 2025 strategy. At this point, I'd like to turn over to our CFO, Scott Meyers, who will walk through some of our 2024 financial results. Scott.
Thank you, Ian. What I'd like to walk through is just our revenue margin performance, and then we'll take a look at the balance sheet. While revenue was flat at CAD 59.1 million, gross margin increased CAD 2.8 million to CAD 7.8 million. This was mainly driven by our expansion in critical services. If you look at critical services, we grew it to CAD 8.7 million this year from CAD 3.4 million, so more than doubling. This expanded our margin by CAD 2 million alone on its own. Overall, our margin rate went from 8.5% of sales last year to 13.1%. This near 5 point improvement, again, was driven off of mainly critical services, but we've also made some improvements in our resale business as well. Overall, that drove our adjusted EBITDA to improve by CAD 2.9 million.
If we take a look to the balance sheet, our working capital, so we've driven some of these improvements, and it translated into our working capital improving by CAD 2.2 million. Also this year, if you recall, if you've been following what we've been doing, we converted CAD 1.2 million of our convertible debt. Our total balance sheet improvement was CAD 3.4 million this year versus last year. With that, I will turn it back over to Ian to look at what's coming ahead.
Yeah, thanks, Scott. I think largely we're going to continue executing on the strategy that we set out in 2024. We see flywheels spinning, and we want to continue that. I do want to emphasize that Plurilock entered 2024 with strong momentum, a clear strategy, and commitment to delivering value both to our customers and to our shareholders. I think that our foundation is strong. We're trusted by some of the most security-conscious organizations across North America. We're getting pulled into other organizations outside of North America. Our critical services business is scaling. Our pipeline reflects growing demand for real-world solutions. We're not chasing hype. We're solving complex cybersecurity problems every day for our organizations that can't afford to get it wrong. We see 2025 as a year of continued execution. We're expanding our presence in the U.S. commercial market. We're deepening relationships with public sector clients.
We're pursuing higher margin opportunities that will improve operating leverage. We'll continue to invest where it makes sense: people, partnerships, performance, while maintaining the discipline and focus that we brought so far. I will say, as part of Plurilock's strategic roadmap, we're also actively expanding our footprint into NATO and NATO-allied jurisdictions by leveraging really our long-standing relationships with the public sector institutions in the United States and Canada. In a world where the threat landscape changes day by day, resilience isn't just a goal, it's a requirement. At Plurilock, we're ready. Thank you for your continued support. We look forward to delivering another year of progress, purpose, and performance. With that, I might ask Sean if you could help direct us through any Q&A that we might have, and we can get into some questions.
Yeah, thank you, Ian and Scott. Thank you for everyone who's joined the call today and for submitting your questions. As a reminder for others on the call who haven't submitted a question, you can click the Q&A tab at the bottom of the webinar, and we'll get to them as they come in. The first question: Critical services ramping and the margins are good. How should we model blended gross margins over the long term?
I'll take that. As our percentage of revenue becomes more weighted towards PLCs, we expect it to well exceed our traditional VAR offerings. If you were looking to model this out, I would take our services revenue, which is published in our financial results, and do your own projections there. Again, we're not giving forward guidance, but we are.
If you could look at the performance and what we just showed today, you can see that the growth rate of services has been quite astounding.
Next question: Do you anticipate hiring more sales and support staff? Would you be doing that now or later in the year?
Yeah. For us, we did make an investment this past spring. Earlier this year, we set out on a specific strategy. We wanted to continue the flywheels spinning and accelerate those flywheels that we had last year coming into this year. We did make an investment earlier this spring, specifically targeted that. I mean, the short answer is we are constantly hiring. You never really stop hiring. I think for us, what that looks like is as we find new talent, we'll look to add those to the team. I think the thing also that we're finding is that the salespeople that we've added so far have shown materially positive results. Short answer is we're always hiring. I think largely, though, this will be kind of more of a steady state where we add as additional sales performance makes sense.
Okay, great. Another financial question: At what revenue level would you be EBITDA positive?
Thanks, Sean. Again, we don't give forward guidance, but I would say if you're modeling this out, I would look at what we've done and what we've accomplished over the past year, and you can see that we've been making a lot of strides towards that and look at our sales growth. I would say also consider how we've repositioned this business to be much more focused on services. We're also seeing that basically for every dollar of resale, there's almost CAD 2 of services out there for us to go capture.
I think also just to add to that response, the question is around what revenue level. I think actually the key metric that we're looking at is gross profit because really the focus for the business for the last 24 months has been very focused around driving gross profit. I mean, I'll give you a practical example. If we have a salesperson and they have two potential sales opportunities, CAD 1 million of technology resale at potentially 1% gross margin, and CAD 500,000 of critical services at potentially 40% gross margin, the latter example will drive significantly more operating leverage and gross profit to the company, but it will come at a lower revenue rate. For us, the key really is driving gross profit. I think also that comes with a quality of revenue improvement as well.
Typically when we're doing technology resale, it's a single transaction. Whereas with critical services, not only do we get that initial sale, but we also get opportunities to sell additional products and services thereafter. Again, the way that we operate internally is really focused around gross profit, even to the point where our salespeople are compensated on gross profit. It's not a revenue compensation plan. That's really the way to look at this business.
Okay, great. Okay, I'm going to merge two together that are also financial, and then I have another one. This person's asking what the cash balance is now, and it is probably tied together. Another person's asking if you're raising capital? so maybe address the balance sheet.
Yeah. You'll see that at year end, we've left the year with CAD 1.4 million. Keep in mind we've also done a raise of around CAD 5.5 million. We are not raising capital.
Okay, great. What risks do you anticipate with respect to the change in U.S. policy to protect U.S. businesses, if any?
Yeah, it's a good question. I mean, I think tariffs also play into this question. I mean, from our perspective, the Plurilock corporate structure, we're Canadian-headquartered, but we do have a U.S. operating subsidiary. If you're following press releases, we'll often talk about Aurora, which is one of our U.S. operating subsidiaries. Aurora is a U.S. company. It employs U.S. people. It sells U.S. products. It sells U.S. services to U.S. customers. There is very little cross-border activity that takes place within that business. I would say that the broader trend, though, of supply chains being deglobalized has been occurring for many years. If we zoom out from this specific question, I mean, we saw in the last five years a huge shift away from purchasing brands like HUAWEI and ZTE from China or Kaspersky from Russia.
There's been this push for ongoing well before the current U.S. administration. There's been a push to kind of focus technology supply chains, including cybersecurity supply chains, to be more aligned with friendly companies or, excuse me, friendly countries. That's always been the case. Now, I think what we have done really from day one is that we've made a very intentional decision that we were going to align ourselves with the Five Eyes countries. That's the United States, Canada, Australia, New Zealand, and the United Kingdom, as well as NATO-allied countries. That's largely Europe, kind of with a focus around Western Europe. We saw this trend very early on, and we wanted to ensure that we as a company will ultimately align ourselves with the West. We've tried to build our organization with that trend in mind.
You can see that show up in a number of places. You can see that in our corporate structure. You can also see that in our talent. If you look at our advisory council, for instance, you'll see Canadians, you'll see Americans, you'll see some British folks. You can see that kind of across the business. That is the long answer and kind of the background for how we're set up and we're structured. Obviously, we monitor this stuff pretty closely, but right now we believe that we're well positioned for being successful.
Okay, that's great. Okay, I'm going to put another couple together here. Please explain your motivation to pursue interest in the U.S. Accounting Convention, PCAOB. The second follow-up to that, and I think it's probably linked, is when do you roughly anticipate Plurilock being listed on the NASDAQ?
All right, I'll take that one. I think two things. One is just to clarify, PCAOB is an auditing standard, not necessarily like an accounting standard. The U.S. and Canada have different standards. We're not going to comment on which one. They're different. You need to have a PCAOB-audited standard in order to list on the NASDAQ. This is all part of the process for us to do some sort of potential U.S. uplist. In terms of timing, it's not necessarily upon us to say when we'll do this. There's definitely a series of steps.
One is deciding how you're going to do it. There are multiple avenues you can take. You can do a straight IPO. There is also potentially to find a NASDAQ shell and a few other options as well. We've been evaluating where our best option is, especially for our shareholders. There is a process. We need to do part of this, which is the PCAOB. There are a few other steps that take a bit of time. We have to get through, of course, SEC approval down there. Part of the reason we're doing this is if you look at our valuation on the Canadian markets, we believe that a U.S. listing would get us a higher valuation and get us more. We're basically undervalued here in Canada.
If you've kind of been following this space, there's a good business model for PE firms to also take out a company and then later list it in the U.S. and make multiples on that. I think there's a value gap between Canada and the U.S., and that's why we're focusing and putting attention here.
I think just to build on that answer, the process was really started last year. I mean, we put out a press release announcing that we were reviewing U.S. strategic options. We had engaged a banker. I think what you are seeing is that we are taking steps to be ready to try and realize some of that value discrepancy that Scott was talking about. There is a lot of work that happens behind the scenes to be able to realize some of that value. I think the intent was really to educate shareholders on what we are doing to be able to go after that and try and ultimately realize increased shareholder value.
Okay, great. Just as a reminder, we have one more question here so far. Just as a reminder, if you have any additional questions, put them in the Q&A tab at the bottom and we'll get to them. One more here. Can you provide an example of a normal customer journey? You've said you are increasing software and services as a percentage of sales. How are you shifting them from hardware to software?
Yeah, that's a great question. There are actually two selling motions. I'll describe both. We see two main selling motions within our business. The first is that we have well over 400 customer accounts that we sell to. That's really coming from the solution segment of the business where we sell technology resale to those customers. When we do that, when there's a transaction, there's usually an opportunity to have a conversation with that customer and say, "Hey, you've just purchased some firewalls. Do you need help to deploy it, to configure it, to operate it, to manage it?" That becomes an opportunity for our critical services team to come in and start to introduce the customer to what we're able to do. That's one way. That was really kind of the focus in 2023 and 2024.
We talked a lot about cross-selling during those years. It was around introducing our current clients, our captive audience, to our critical services offering. I will say that of those 400+ customers that we have, only a fraction today are our critical services customers. Even the revenue growth that we have seen so far in the critical services segment, there is still a very large untapped market within our current customer base. We are going after those customers with the increase in sales folks. I talked earlier about a flywheel. That is a flywheel that is running. That is really the first go-to-market motion. The second go-to-market motion, and this is a little bit newer, but is a reflection of the critical services work that we have been doing late last year and then coming into this year, is that we are starting to get notoriety.
We're starting to get name recognition, and we're actually starting to get pull-through from some of our partners. The way that that looks is that we will be introduced in some way to a potential new customer that we've not done any business with in the past. What we're seeing is that we will start working with them typically on a smaller engagement. It could be a pen test through our offensive security practice. It could be some sort of security assessment. From a dollar figure perspective, that might be a CAD 50,000 project of some kind. Now, what we do is when we get into that customer account, we're really learning about that customer's environment. We understand what they're doing. We understand where the gaps are. We understand where the shortfalls are.
From there, we're seeing good success and then upselling to potentially a CAD 200,000 recurring red team engagement where we have now an existing relationship and an ongoing relationship with that customer. From there, the customer gets a chance to see how we work. We have great results, and we have great testimonials from customers saying that they're happy. Additional doors open. Perhaps the customer comes to us and asks, "Could you provide some help around our zero trust strategy or similar?" The door is open, and we start to see a flywheel of additional customer engagements. At that point, we have a great relationship with that customer. We're providing value. They're turning to us with their problems, and we can rinse and repeat.
That example that I just gave was one that actually happened with a multi-billion dollar U.S. publicly traded firm. It worked exactly like that. I mean, it started with approximately CAD 50,000 engagement. It led to a low six-figure kind of ongoing relationship. I spoke to the CIO a couple of weeks ago, and they said, "We need help with zero trust, and we also need help with how do we effectively deploy AI inside our security organization." That is the second sales motion. Again, that is newer this year relative to years past, but that is the typical way we see these things building.
Excellent. Okay. I do not see any other questions in the queue. I think we are going to leave it at that. If you were not able to ask your question or you have other questions after the call, please reach out to one of us. We will be happy to answer them. Our contact information is available on the screen here or underneath any of the press releases that we have put out. I will now pass the call back to management for closing remarks.
Yeah, I just want to say thank you both for everybody attending today and listening and following Plurilock's story. We look forward to continuing to share our progress with you in the quarters ahead.
All right, this concludes Plurilock's Fiscal 2024 Conference Call. We thank you for joining us. Have a good day.