Morning, everyone. Welcome to Trend Micro Investor Day. Last year, at the Investor Day, I used this chart to explain how Trend Micro is transforming our business from a packaged software into a platform SaaS platform company. And I explained that the pink line, which is our very profitable packaged software with renewal revenue as a % of our total commercial revenue, versus the red line, which is our new first-year SaaS subscription revenue as a % of the total revenue. And that's where, in the previous few years, the transformation causing Trend Micro's profit margin declined. But starting last year, when the subscription renewal revenue, the blue line, started to take place and multiply more % of the total enterprise renewal revenue, the profit margin will come back.
This last year, 2024, I think we Trend Micro approved that this SaaS platform business transformation has been taking effect and is a scalable and profitable growth market that we can take on. Therefore, starting from next year, we will focus on more of our growth engine. Talking about cybersecurity growth, it always evolves with the IT infrastructure change. For the past 35 years, Trend Micro has been going through all the IT infrastructure change. And that change also affects how the cybersecurity organization in customer side is changing. It changed into a security operations center that oversees all of the IT assets security. But this IT operation and security operations balance is actually a very difficult thing to do because IT operation is focusing on the sustainability, stability, and the requirement is like five nines, 99.999%, no downtime.
While security operation is focusing on mean time to detect, mean time to respond. Everything needs to be quick, quick, quick, quick. We are racing behind the threat actors. And this balance, if not taken care of carefully, then it will be. Sadly, this year's largest global IT outbreak was caused by a security update from one of the security vendors. And I think that is an alarm for everyone that we need to remember cybersecurity is for the IT operation to operate smoothly. So IT operation is changing, especially in this AI age. All the IT infrastructure change, user behavior change, and the threat actor change will impact how we design our cybersecurity product and solution.
If you look at how AI is going to change the IT infrastructure, just think about when we're starting to have the Gen AI, we will break all the data silo between the sales, marketing, the HR, the customer data. All of this data needs to be exposed to the Gen AI to enable it to generate the new intelligence for the modern-day business operation. But this change might cost a lot of time. Accidentally, a simple salesperson will expose the R&D architecture design while the simple R&D people will assess the HR data. So data infrastructure change. And also user behavior change. Gen AI will enable everybody from top to down and was able to use AI. I think last week we know, at least in Japan, 97% of the enterprise customers say they already enabled somehow for their employees to use AI technology.
And that will cause accidentally sensitive data was exposed to OpenAI, public AI, or the device was. There's a prompt injection. All of this would cause new security problems. And not to mention the threat actors. They definitely are using AI. The phishing email is much more targeted. It's hard to detect. The fake voice imitation, all of this impacts not only enterprise, small business, and consumer altogether. It's changing the cybersecurity. And that's why we believe in today's already very complicated attack surface, when you're adding Gen AI and changing the AI operation, we need to rethink how to do cybersecurity. Of course, in the past 20 years, cybersecurity vendor is not sitting duck. We kept on evolving from endpoint security to EDR to XDR to the combined SOC modernization. All of this, we have been doing it.
However, no matter how we do it, we were mostly looking at the log, the alert, and trying to trace it behind. We were just after the fact detect and respond. That is causing a lot of problems. If you look at the investment in security staff, right now is heavily invested in reactive technology. Only about 5%-10% is able to do what we call proactive, forward-looking proactive security. That caused what is today's reality. Today's reality is expanding attack surface. However, we still lack all the security experts and the silo of the tech stack and disjointed team that is still causing all the problems for cybersecurity. So, well, just this year is my 20 years as a cybersecurity company CEO.
I don't know if that tenure is a credit or debit to the balance sheet of Trend Micro, but for 20 years, I had a dream as a cybersecurity expert. The dream, I named it the project is called Minority Report. That project is trying to do, we need to stop the cybercrime before they take place, just like the Future Cop. How to do that? We need to be able to have the full visibility of the attack surface so that we can turn the obscurity into visibility. How to do that? Today, we will be able to use the native sensor that Trend Micro has a lot of them, but most importantly, connect with all of the third-party log, ingest them, and we will be able to use all of this data meaningfully, utilizing AI.
And then we can turn this total visibility into decisions that we can make. And that decision is based on risk. Risk equal to the likelihood of assets being attacked times the impact when it was going down, the crown jewel, right? So if we will be able to decide the risk factor, then we can make sensible decisions how we will detect and allocate our resources, prioritize them over our specific customers' specific IT infrastructure and environment. This risk score would combine with how important the asset is and what is the vulnerability sitting on there, how serious the vulnerability is, and what is the relationship between all of these different assets.
And therefore, we apply our threat knowledge, our understanding of how the attacker will attack, and we will be able to predict from the attacker's point of view and say, "This is the most likely attack path." Once we can predict that attack path, then we can turn that decision into action. That action is mitigation. And that mitigation is not just detection and response. You can do it before the attack really happens. You allocate what is the most important places that you should prioritize your patch to apply on, or where is the network segmentation and traffic filtering that need to be tightened up. All this mitigation is like, "What is the better, the best mean time to detect and mean time to respond?" Minus, right? Negative time you prepare before it happens. All of this can happen today with Trend Micro's Vision One platform.
That is a proactive cybersecurity platform where we can use our 35 years' knowledge of how attackers will attack and take an outside view of your attack surface. And then combined with our XDR, SIEM, and SOAR technology that we will be able to map out what is your customer's specific environment and therefore enable our customers to take proactive action so that their risk will be reduced. That is what we are very excited about, our Vision One and the attack surface. And that will continue to empower our enterprise business transformation. As you can see now, our mostly Vision One attached customers' resubscription revenue already is 33%. And next year, we will continue to grow our first-year new subscription revenue. So that two-line will continue to grow, and that will make our business both profitable and also growth.
Not only that, not only on the enterprise, but also in our consumer product, we are utilizing our deep analysis, and we are enabling our consumer customers to take care of scam problems. The Scam Check app that we just announced is a full platform for protecting consumers from scam, from deepfake, from SMS filtering, the text message filtering, and the web filtering. All of that is consumer attack surface are fully protected by Trend Micro. And this also is a consumer business transformation. I will just take a small example, not small, but our ANZ, Australia and New Zealand's business, where we have the consumer business. Now, we already have 15% of the sales of our packaging in this market is non-AV. It's only scam. We are talking about the scam business. And 70% of the sales is AV plus scam.
So altogether, you can see mostly we already transformed 85% of our customers utilizing our new scam services. And we believe scam is the biggest problem now in consumers, and we will start to do this transformation business-wise. This Scam Check before our Virus Buster business is mainly on the PC, but on the TM Check, this is attachment to the smartphone devices. And it's mainly the subscription model. So in average, right now, it's about $5-$6 per month per device. That's our consumer. So you probably will ask me if 20 years ago, you already have the vision. Why wait 20 years to come to this proactive security? It's all because AI is making it possible now. For 20 years, the data plan continued to evolve. The analytical plan needs to enable us to make meaning of all this huge data and structured data.
And then finally, we can apply the control plan onto it so that you can have a customized view of your own data, your own attack surface. This is why we now can do it by utilizing Gen AI. A lot of people might think, "What then? Why Trend Micro can do it?" Actually, if you think about Gen AI, the difference between Gen AI and previous rule-based machine learning is Gen AI is able to understand the data, the meaning of the unstructured data. And Trend Micro's business, antivirus on the whole security stack, network, the firewall is on the port level, IPS is on the protocol level, and antivirus is actually on the data, on the content level. We need to understand the content of the network traffic. What's inside a spam mail? What's inside a file that contains virus? Those are the content level.
That's why Trend Micro has invested heavily onto this content analysis, data and structured data analysis. Since 2005, my project called Minority Report was already using FPGA trying to solve that problem. And then we implement and use GPU in our ServerProtect products. And all of this is our accumulated knowledge and understanding of why we need to use AI to do security. Not only that, we did invest a lot of our talents, and we continually recruit and train and energize our engineers that have very good knowledge about how to use AI. So it's really not like we just jump on the wagon because it's a hot topic about AI, so we're doing the AI. It's actually we invest in AI, and we know how to use AI to solve cybersecurity problems.
That is why we are very proud that we say all of our products now are powered by something we call Cybertron. It's a cybersecurity AI. And this AI is an AI that can think like a cybersecurity expert. Later on, we have our privilege to have our Chief Architect, Jason, that will explain about this Cybertron, how we designed this Cybertron, and it's the power behind all Trend Micro's products. So you might also ask me, like, "Okay, you do this, but how about other cybersecurity companies? Why only Trend Micro can do it?" I will say Trend Micro is the only cybersecurity vendor that is the leader in every security stack from email security, endpoint security, IoT security, vulnerability management, CNAPP. We actually are on the CNAPP market, we're number one in the market share. All of this, we are in the leader quadrant.
What it means is we have enough customer experience on each of those stacks, and we have enough knowledge of all of these different email threats or endpoint attack or server in the cloud attack. All of this knowledge needs to be connected together so that we can do connected thoughts to predict the attack path. So cybersecurity is a decathlon. It's not a point that you can do. And Trend Micro is the only cybersecurity company that is in the leader quadrant of all of these necessary points. That is why Trend Micro can do it. But even more important is why Trend Micro can break all these product silos and integrate it into a true data plan, control plan. That is because Trend Micro's organization is a very unique organization.
I'm very proud of Trend Micro's overall organization architecture that we call Radial Web, where we can all share our knowledge, see the same vision, and are willing to be the bridge to connect all the thoughts together. I think that is the real core competence of a cybersecurity company. And so today, we will have our global HR head, Claudia, also explain about what is that core competence lying behind the Cybertron that would enable Trend Micro to do. So I'd like to say, I believe this proactive cybersecurity is needed and finally can be done now. And that is the real solution. It's a paradigm, new paradigm change for cybersecurity. We can finally be proactive and break that difficult balance between the IT operation and the cybersecurity need to preemptively provide our customers the best security, proactive security. Start right here, right now at Trend Micro.
Good morning.
My name is Jason Yeo. I'm the Senior Distinguished Technologist of Trend Micro. Today, I'm here to give you a presentation of what Trend Cybertron is. We know AI is a powerful tool, but we need to know the problem we are solving first before we talk about the tool. So before we dive into Cybertron, let's see how the cybersecurity industry evolved and how the AI fits into those solutions along the way. As Eva mentioned, the cybersecurity solution evolved from reactive but essential protection feature to detection and response and to proactive security.
The problem, the complexity of the problem we are dealing with also evolved from binary decisions like malicious or not based on specific contents like files or emails to suspicious activities in the gray area that require detection and response to do further investigation to proactive risk management prioritized based on the holistic security posture and also business context. So as you can tell, the more right-hand side is, the more context we need to correlate and more uncertainty we need to deal with. And we humans are good at dealing with those uncertainties and correlate the context, right? How AI fits into the solution? As we know, the supervised machine learning is good at classification problems. For example, ransomware detection, malicious or not. On the other hand, the unsupervised machine learning can help us to find those suspicious activity anomaly activities.
However, those two machine learning technologies cannot correlate the unstructured context Eva talked about before, which is required when we deal with a problem with ambiguity and uncertainty. That's exactly why we want to use generative AI to think, to correlate, to pivot, and validate like a human. Okay. So Eva talked about the importance of the security that fits, and AI is no exception. So by using the AI that fits, we can greatly improve the productivity of the SOC team and mitigate the problem of the staff or skill shortage. Okay. And Trend Cybertron is to solve that problem. Trend Cybertron is the cybersecurity specialized AI that identifies your risks and secures your future. This cybersecurity specialized AI is powered by our 35-plus years of cybersecurity experiences across file, web, email, network, mobile, AI, and more.
It's also powered by our campaign intelligence covering APT groups, cybercrimes, attack techniques, and of course, our number one ZDI vulnerability intelligence. And we are also AI veterans. As Eva mentioned, we started to use supervised machine learning for anti-spam problems back in 2005. And then we moved on to do the ransomware or phishing detection using machine learning, anomaly behavior detection. More recently, we used generative AI to build a companion AI assistant to boost the SOC performance. And also, we use generative AI to prioritize all the risks to make your cybersecurity more resilient. So by combining those two powers together, Trend Cybertron is the most powerful cybersecurity specialized AI in this industry. Okay. So now we know Trend Cybertron is powerful, but how exactly Trend Cybertron can identify your risks and secure your future?
We know AI is powerful, but we also know the visibility data is actually the foundation, right? Without the visibility data, AI is likely to generate hallucinations. So I'm so proud that Trend Vision One, we have the most unmatched visibility in this industry. We have the broadest coverage of our Trend Micro native sensors from endpoint, identity, email, cloud, network data, AI, and more. And we also support those third-party logs to maximize the value of your current investment. Not only do we have those unmatched visibility, Eva mentioned that we are also the leaders and the most trusted vendor in those categories. Oh, so you may have a question. So how can Trend Cybertron well utilize those intelligence data or the visibility data we have? To answer that question, we need to know how Cybertron works.
The Cybertron large language model is fine-tuned by our cybersecurity intelligence data, our Vision One knowledge, and also the Vision One data schema. That's why the Cybertron LLM model can understand our intelligence data better and understand the Vision One data better. Note that our responsible AI policy does not allow us to use customer data to train or to fine-tune our LLM model. Here, there is no customer data involved when we train the model. In addition to the model, we also build an agent. The Cybertron AI agent serves as a proxy of the Cybertron model to the real world. It has two main capabilities. The first one is about planning. When dealing with a cybersecurity problem, the Cybertron agent working together with the model can break down a sophisticated cybersecurity question or problem into several smaller steps, divide and conquer.
The second capability is learning how to use the tools when executing each step of the plan. For example, we can use the tools to query the latest intelligence from our repository. We know that we have new threats every day, right? And you don't want to train or fine-tune your large language model every day. We can also use tools to query the visibility data we have in the Vision One data lake, and we can implement proper access control and business logic here to well protect the customer data. For sure, we can also use tools to take remediation actions, and the agent, together with the model working, can also do the further validation and summarization before we return the answer to the customer.
So that's exactly why the Cybertron agent and model working together, we can much better do the much better planning when we solve the cybersecurity problem, and we can use those tools provided by Vision One much, much better than those foundation models. And we are not using a single agent to solve all the problems. Here is a diagram demonstrating how the multiple agents can play different roles and collaborate with each other to solve much more complex problems. Okay. Now we know how Cybertron works. So let's walk through some use cases to give you more solid ideas. The first use case is about an SDR story. Let's say I'm a CISO. I want to know, am I a victim of a latest campaign? Let's say Sea Haze. Sea Haze, Unfading Sea Haze, is actually a campaign name.
All I need to do is to key in this question into the Vision One companion AI assistant powered by Cybertron. So once the Vision One companion assistant got this question, the Cybertron will do the planning and break down this question into, for example, four smaller steps. The first step is, of course, to query the latest threat intelligence from our repository using the campaign name CHASE. Once we have the threat intelligence, the AI will learn, "Hey, let me try to do a sweeping query using one of the IOC of the C2 address." And this time it's an IP address to query the Vision One visibility data. And this time, there is no hit, no result return. And the AI will learn, will pivot just like a human. "Oh, if I query IP, there is no return.
How about let me query another tool name?" The Gh0st RAT is actually another tool name used by this campaign. And this time, there are results returned. But the AI will do more. It will try to pull more context. For example, those observed attack techniques on those impacted devices, which is OAT means here, observed attack techniques. And the AI can get more context. Once the AI has all those information, including the context, the Cybertron will learn how to do the further evaluation to make sure that this finding is actually relevant to the campaign CHASE. And if Cybertron thinks, "Oh, it's a possible hit," then it will again use tools to take the necessary actions and then compile all the findings into a report and return it to the CISO. So this is an XDR story. This explains exactly how the Cybertron works like a human.
Let's see another use case for the proactive security. How Cybertron can make your cybersecurity more resilient for the future attacks. We know we have tons of visibility data. So the Vision One can build a massive comprehensive asset graph together with the associated risk events. Then we can try to identify the most vulnerable entry points and also those most valuable critical assets. So we can build a possible attack path in between those vulnerable entry points and those valuable assets. But the problem is, usually, most of the time, those attack paths are simply too many to deal with. We need better prioritization. That's where the Cybertron came into play. By using the Cybertron and those tools, we can calculate the risk score, as Eva mentioned, by evaluating the likelihood and impact of each attack path. For example, I'll give you one example of what the likelihood means.
For example, we have two vulnerabilities. One is remote code execution. The other one is local privilege escalation. We know that remote code execution is much easier to leverage for lateral movement than a local privilege escalation vulnerability because if you want to use the local privilege escalation vulnerability, you need to find the other way to compromise the endpoint first. So that's not that easy to use. So that's one example of how we evaluate the likelihood. As to the impact, it's quite straightforward. It's the number or the importance of the critical assets, this particular attack path, these two. So once we have the risk score calculated, we can now prioritize all the attack paths according to the risk score and then prioritize the risk event associated with those attack paths and take the suggested remediation action accordingly.
So by removing or by remediating those most risky attack paths, we make your cybersecurity much, much more resilient for the future attacks. So just a quick sum up, the Trend Cybertron is the cybersecurity specialized AI that identifies your risk and secures your future by the unmatched visibility, the AI-driven prioritization, and remediation. All right. So that's all for my presentation. Thank you.
Thank you, Eva and Jason. From dream to reality, you can't help but be excited about this game-changing technology. Can you see my charts okay? Okay. One year ago, we had an investor conference, and we laid out a plan that we referred to as balanced growth.
What we said we would do is we would focus in on some capital allocation, we issue a special dividend, initiate a share buyback, maintain our existing dividend policy, as well as take a very methodical and calculating approach to looking at our operating expenses and finding efficiencies overall, and we would do all of that while driving the top-line business as well. We called this balanced growth, and I'm so happy to report that we've been executing on that flawlessly. If we think about the market landscape, you just heard Jason talk about what we are doing with AI. All companies are exploring how to leverage AI, and we believe strongly that that is really going to help us from a business standpoint because companies need to think about how to protect it, so the AI increase in spending will overflow onto us as well.
We're also seeing another dynamic, and Gartner supports this, where many customers are thinking and rationalizing the number of security vendors that they're working with. They're increasingly taking a platform approach and positions us really well with the strength of our Vision One platform. And then finally, in terms of priorities, we can look at the top 12 priorities, and Trend has the capabilities in all of those priorities. So we feel like we're well lined up from a market standpoint. It's not just us saying great things about our platform, whether it's endpoint, cloud, network, and this new category called attack surface risk management. We are in the leaders' quadrant in everything. We've got a proven track record of driving revenue growth, and you can see this over a 10-year period, and that will continue.
We're going to finish this year with about 80% of our business coming from the enterprise part and 20% from consumer. In terms of year-to-date, why I was so bold and said that we've been executing flawlessly, we are in a good spot. Net sales for year-to-date are up 10%. Operating margin increased almost 50%. Now we're running 20% overall operating margins. Enterprise growth has been good, fueled by our success with our Vision One platform. Consumer, we laid out a strategy that talked about increasing our margins, and you can see that we have been doing that by increasing the overall RPU. We also laid out sort of a high-level income statement to give you an idea of where we thought we would be moving toward, and you can see our 2024 estimates, as well as a gray column there that shows the progress that we've made year-to-date.
Nice improvement in reducing our overall cost of goods sold from a sales and marketing standpoint. We really identified that in getting this entire platform adopted, we implemented kind of a flywheel approach, and if you're familiar with flywheels, it takes some effort to actually get the flywheel moving, and we had introduced a number of overlay teams in order to push and get that going, and the big change that we made on the sales and marketing side is identified that the overlays were no longer required because we have momentum now with the adoption of our platform. You can see that we're maintaining our R&D investment. We fundamentally believe cybersecurity needs to have a substantial amount of R&D investment, and we're continuing that.
And then on the G&A side, we really found quite a bit of operational savings with facilities and tools and also related to some contract manufacturing. So we feel like we're in a spot quite nicely in order to hit our 2027 objectives. Let's talk about the two different businesses. From an enterprise standpoint, Eva and Jason both talked about our overall Vision One platform. We have these 11 modules within it. Each one of these is a sellable component. So we're fixated on landing within a customer, the Vision One platform, and then expanding across with more and more module adoption. From an enterprise standpoint, we divide it up into large enterprise and small enterprise. And you can see that the growth has actually been coming from the large enterprise. But we remain convinced that there's growth in small enterprise.
It's not like small enterprise does not have cybersecurity challenges as well. So what we're doing there is we're actually in October of this year, we announced that we have commercially available product. We've introduced our Vision One platform to MSP partners that sell to small enterprises. We believe those small enterprises can also benefit from all this wonderful, powerful technology that we have in Vision One and that by going through the MSP partners, that is the way to get it to them. We have over 100 MSP partners now that have been enabled and are starting to sell. And we know that whenever we land with a customer, we end up with two times the ASP. So it's a really big focus of ours, and we think that that's really going to help us on the small enterprise in 2025.
In the larger enterprise, we have a very big installed base. And I've said on many calls that we've been very, very focused in on how do we make sure that our installed base is realizing the potential of our overall platform, and we're doing the best that we possibly can of stopping those threat actors. The reason why we've been fixated on it is because the addressable market inside our installed base is still $6.4 billion. So I know that there's a lot of business that exists inside our installed base. What we did was we started to look at our installed base and segmented it based on how much business is the customer already giving us today. And you can see we've done a really good job of landing Vision One with our strategic customers. Those are customers that are giving us over $100,000 in ARR every year.
So that model and making sure that we're getting as many of them. We're doing a pretty good job at commercial as well at getting Vision One attached. Where we have some work to do is around the volume enterprise. Vision One attached is sitting at 37%, and we're starting to see Vision One attach actually increase. So 780 new Vision One customers year-to-date, but in the last quarter alone, it was 350. So we're really starting to get better at getting Vision One attached. And we know that when we do, we do a really nice job of expanding from there. When we look at the 11 modules, we have lots of potential that exists within our installed base, with half of our installed base as one module. But we have been making progress.
If I look at the module growth that we've had over the last couple of years, we're actually up at an average of 4.7 modules when Vision One is deployed. So it's been increasing nicely. And you can see with the bright red that it's the four-plus modules. So we've been doing a really nice job of expanding within our customers that we have. There's one module in particular that is sort of the wrapper around Cybertron and what the capabilities that Jason talked about. And this is the module that gives us that proactive and predictive ability for customers to actually figure out what they should be focused in on. As Jason said, we prioritize it for them, and we offer up recommendations in terms of mitigating factors.
What we've learned is that when this module is deployed, actually, we do a much better job of expansion, and we're up at 6.4 modules on average when ASRM is actually deployed. You can imagine that we are absolutely fixated on leading with the ASRM module because we know that that really does help drive broader and deeper platform adoption. One thing new for this year, and Eva kind of teased it upfront, while we've been very focused in on the installed base, we feel like with this revolutionary new technology that we have with ASRM, with Cybertron, with everything that's going on around platform consolidation, it is time for us to go after new logos. We tend to actually try to attach ourselves to the infrastructure players, and we have a proven track record of doing that.
With AWS, we're up at $2.1 billion that we have driven by partnering with AWS over the last decade. What's new is that we've now added support for Microsoft and for GCP. We're also leveraging MSSP channels. So IBM and Kyndryl both have large cybersecurity practices, and we're increasingly working with those partners, and they will be bringing us new opportunities. And then finally, if you've been following us at all, you will have seen that we are doing a lot around attaching ourselves to all things NVIDIA. They're the AI market leader. They have a very comprehensive ecosystem. And working with that ecosystem, we are figuring out how we can get ourselves attached there. So these are examples of how we feel very good that we can go beyond our installed base and start getting our platform adopted by new logos.
So you will see more of that in 2025. On the consumer side, this is the breakdown of the business. We actually have it divided up into two different regions, Japan being 74% and the rest of the world at 26%. And like I said, our strategy has been up until recently, our strategy has been very much margin-focused. And the way we've been doing that is to really zero in on the different channels to market that we have, making them as efficient as possible, and coming up with ways of driving that RPU up. Going forward, though, we are going to see increased growth as a priority. And we think that all things scam, this is the transformation that's going on inside the consumer cybersecurity business, where endpoint protection is fine. You do have to have it, but increasingly, consumers are much, much more worried about scam.
We, with the power of our AI technology, have been able to actually leverage that and come up with ways of helping out consumer customers. We also feel like there will be more growth here. In terms of the road to 2027, it remains completely intact. I'm showing the ARR view of this world with $1.7 billion in ARR by 2027 on the enterprise side, $400 million of ARR on the consumer side. We're truthfully in a very good spot relative to margin. We're already running the 20% margin. We've got some incremental savings that we will see in 2025 with some infrastructure changes that we've made in terms of our cloud spend and also some of our more expensive tools that we've adopted over the years. We're cleaning a lot of that up.
So we feel like that's going to carry us as we grow the top line. We'll be in a really good spot to hit this 2027 target of 30% operating margins. Closing, we've got the platform, and really, it's great to show on the left our AI-powered platform. Really, we should also be including our Cybertron, that core technology that we have, which is being leveraged by many of the modules built into Vision One. It's also being leveraged by our consumer offering. We like this approach of a balanced performance. So we're going to focus in on some increased growth as we go into 2025 in both our operating margin and some top line. And we are fixated on driving shareholder value and making sure that we are also giving back to shareholders. So with our 100% net income distribution that we're planning for 2025.
Thank you, everyone. Look forward to the questions at the end.
Thank you, Kevin. Okay. I'll speak in Japanese. This is Omikawa speaking. So this is Japan business. Just to make sure, and as we have been mentioning, we have the percentage by region, Japan 32%. Globally, Trend Micro is strong in enterprise. We also talked about SMB, another part of the business that we have, but in Japan, we have a business well-balanced in all areas. Virus Buster for consumer, that is 49%. As I'll be coming back to this, 30% enterprise and SMB accounts for 21% of our business in Japan. In the volume area, we are enjoying a good business. This we have already shared in the past, but for enterprise, we want to promote cybersecurity platform. This is ongoing. As we have talked about, we will accelerate.
For SMBs, safety and security in business continuity and growth. Like it was mentioned, MSP. Through MSPs, we would like to do our business. For consumers, this is beyond device security. I'll come back to this point later. When it comes to Japanese market with economic security and supply chain risks, and also regulation is somewhat behind in Japan. There are Japanese companies who have presence overseas in the EU and US, and they are ahead of Japan. Sorry, I should have turned on my video. Okay. It's now working. For enterprise, this is for large companies with employees of 500 people and more. There are central governments, local governments, and SMBs if this is below 500 people.
Then when we look at the market, we have about 7,000 companies in enterprise, and out of which 58.1% are Trend Micro users. Whereas for SMB, we excluded those companies with people of four and below. Also, between that size, there are 690,000 companies, and we have 37.1% of that market. We have opportunity to grow. We would like to drive our effort in that space. Now this is the policy for enterprise. Vision One, we want to promote further our Trend Vision One. It says modern SOC. We will enhance our OI with cybersecurity platform. There are a lot of references overseas. We would like to share those references with our potential customers so that we can penetrate more into our existing users. We also want to focus on new logos next year as well.
Whereas for SMB market, Server ASRM promotion, as Kevin mentioned earlier, for SMBs by industry, they have compliance and security requirements that have been laid out by their parent companies, so that's the trend we see in the US, sorry, in Japan. ASRM and Vision One requirement is rising. From last year, we started XDR for SMBs, and the reaction has been very good. Many customers are starting to use our XDR. We will continue this momentum and work on existing customers as well as approach new potential customers with our partners. AI has been discussed a lot today. Eva mentioned about 97%. With CIO Lounge, we did a lot of interviews this year. As a result, 77%, especially in the software and telecom industry, 97% of organizations are accepting or approving the use of GenAI in their work.
So there seems to be a lot of investment by the government and other companies, but the user side is also expanding, and they're embracing AI. So we do receive a lot of comments when it comes to AI, and many companies have started to say that Trend Micro is quite ahead in terms of using GenAI in security. So I'm sure this will be a follow-on for us into next year. And next is for consumer. Yes, Trend Micro Check, beyond device security. So especially in Japan, there are a lot of scams and frauds. It's a social issue. So we would like to focus this. And we launched this from August of this year, and our user is increasing. And now we are charging on a monthly basis. So the business has been expanding, and we're trying to exploit channels, develop channels as well.
We want to diversify the channels that can provide anti-scam solutions. We wanted to provide value through this as well. Global Anti-Scam Alliance, this is an alliance we belong to, and also JC3, that Japanese police is involved. We are also involved and also Council of Anti-Phishing Japan. We are a member of these associations and organizations. We provide our comments and solutions to these associations. Also, we are working with the police, where, of course, the public has trust on. We also have a long relationship with local governments. Together, we are enlightening the public. That is why in 2025, we want to start using new partners. Online is another channel that we hope to leverage. This will be not in anti-virus, but against this ne
w social issue of anti-scam; we would like to better support our users.
Okay, this is Negi speaking. Yes. We would like to spare time for questions. So I will just talk about the perspective of the investors. Trend Micro, what is it thinking of? I would like to just answer that question. Return to shareholders. In February, we gave you this explanation, but our basic policy is that from net profit, we would spend them all to return to investors. And the payout ratio is 70%, and the rest will be used for share buyback. And so high dividend as return is what you can expect going forward. So I ask for your support. That's all. Thank you.
Okay. Yeah. So while we are talking about Trend Micro transform from a product standalone company to a platform company, and we are transforming also our business model to ARR.
So there's a time we also need to think about, rethink what will be the organization be able to support our transformation to this new era. Yeah. So in Trend Micro, we call this a new organization as a Radial Web organization. And I will take you through what is a Radial Web organization. So at the time, I think the challenge we encounter is as a platform company, we like to have the Minority Report to support our customer to have the total visibility on the data on their security posture. The challenge we encounter is we have a data silo. Without this data connected, how can we have total visibilities? But we start to realize the data silo is actually coming from our organizational design by products that hinder people to collaborate and hinder us to share the data.
But of course, no matter what type of organizational design, there is always a pros and cons. Fundamentally, it's the people. How do we empower our people? How do we shift our people's mentality to be able to support and also work like a platform company, platform organization? So that's the fundamental challenge we want to solve, and you go back to our philosophy. We talk about every company wanting to optimize their performance, and we all believe, especially in Trend, we believe everybody has their potential. Everybody is unique. Everybody is different, so we are the company to unlock everybody's best potential and to remove the interference. We start to think our current organization could be an interference. We interfere. We limit people to share the data, but fundamentally, we inhibit. We limit people to unlock, to contribute to this platform transformation.
That's why we start to introduce the Radial Web. We start to rethink what will be our organizational design. Along the way, there are a few principles we keep in mind when we design this new organization. In this platform, in this AI era, we need to be a very, very responsive, very, very agile organization. We cannot afford to go with a very traditional hierarchy-based approach. We think about what will be the agile and fast-moving organization so we can embrace the challenge, embrace the competition, embrace the speed. By doing so, we feel this is very important. We have all this we need to communicate very transparently, and we need to communicate very directly to all trenders around the company. Everybody hears the same message. Everybody hears the same directions. Everybody can empower to make their decision. They are all experts.
They make their decision, right? So they can contribute to this transformation. And when we run very fast, it won't be perfect all the time. Sometimes we will make some mistakes. So we also start to think about, hey, we need to have a listening and a feedback culture. So we will be able to early detect what goes right, what goes wrong, and we can immediately take corrective action. So bearing these three principles and guidance in mind, we start to also transform our organization to support the business transformation. And now let's take you through the Radial Web organization. This is a very unique design. If you take web, think about the spider web. It's connected, right? So the whole web holds the pressure. The whole web collaborates together. It's very resilient and very responsive.
When you feel a pressure on one side, the other side will immediately organically find out the balance. That's how we take Radial Web as a concept, and I will say three, three, three, so there are three principles. We make decisions by data, we are not make decisions by your position or your authority, because we go transparent and because we have data all available, we believe everybody bringing expertise, they can make the best decision, and while AI is there, technology is there, but all the Minority Report to how do we prevent and proactively detect, so we bring in the empathy to customers. It's not only the core technology, but the most important is use technology to solve customers' pain points, and then we encourage everybody to have the courage and bravery to make a decision, to make a trade-off.
So those are the three principles we talk to everyone. And by doing so, we talk about your role. We don't talk about your title. So you are building. You build something, bringing the value to the customer. You are a bridge. It's a connected organization. Everybody reaches out. Everybody connects the dots. Everybody connects the heart. So that's the best way to break the silo. It's not, hey, that's your role, that's your function. No, it's all our role or our function to support and to contribute the whole. And then in this web organization, we feel, especially in cybersecurity, the insight, the expertise is so important, and that resonates in everybody's mind. So how can everybody as a teacher share and spread your insight? And of course, you are as a teacher, and we expect everybody also as students because things change so fast.
So we share, we teach, but in the meantime, we also learn. We also be humble as students. So that's the role we promote in this company. And then given this organization design, there are three characteristics. We try to grow, and we try to strengthen. It's connected. You can see this work. It's not hierarchy, vertical. It's all connected. You don't see the layer in this organization. It's very agile. It's very flat. So that's our key characteristic. And you might think about when it goes to implementation, how it's run. I think our first step, we need to make the organization flatter so we reduce layers. And then when you go to the real operation, you can see, though you have your function that represents your expertise, but everybody, every day, we have different mission. Because of the mission, we form and reform.
We mobilize the experts together to achieve the mission. That's how we operate. And if you go to the customer side, different customers have different pain points. Then we bring in the different experts. We have salespeople here. We have technical experts here. We have solution experts here. We have marketing here. So we are customer-centric to support customers to success. That's how we bring in the Radial Web into the real operation. Yeah. And then I talk about communication, right? Go direct communication. So you see, hey, our communication is not top-down, layer by layer. I contact manager to communicate to their manager. Their manager communicates to their manager. No, our communication is based upon who is in this mission and then who should participate and who should know. So you can see we communicate by this ring, by this circle.
Of course, in any organization, you will have some of the strategy you need to discuss. You need to debate, so we have this so-called coffee mates coming from different functional leaders, and we discuss. We talk about strategy, and then we have our one level down. We call NAPA, so that's how we come together. We don't call very serious names because we won't have a very safe environment. Everybody can bring in their opinion to the table and then can change opinion, so we also have the NAPA 35 meetings, and then, of course, we have your function, your segment, those kinds of meetings, so by different purpose, then we gather all different people together, and we discuss things at different levels, and I talk about go direct, go transparent, right? In Trend Micro, since COVID, at the time, everybody locked down, right?
We start to do the global broadcast. Since then until now, every month, we are very disciplined. We do two global broadcasts. One we call Super Wednesday because it happens on every Wednesday. One is the morning time. One is evening time in West and East Time. We go direct to communicate what's going on in this organization. We update what's going on in this organization, and then we also have one we call Masterclass because we talk about teachers, right? We share, we learn, so every month, we also bring experts to share their knowledge, to share their expertise, and then we can all grow faster. We all grow together, and by doing so, we run very fast, and we are experimenting the new operating model, new organization, and new leadership style, so we start to also want to hear what's going on. Are we on the right track?
Any alarm that we can earlier know, and then we can take corrective action. So we also start to run Trend Vibe. We run this on a monthly basis, but every Trender will be invited twice a year to respond to this Trend Vibe and give in this transformation. We see it can be short and fast. It's very important. So two questions we ask is, do you find your job engaging? Because we want to keep everybody feeling they are doing something meaningful. And also, during this transformation, things keep moving, keep changing. We also want to know, everybody know that the battle we are fighting for, what's the goal they are contributing. So we also ask, hey, do you know how your job connects to the bigger goal? So connect all this organization. We also reinvent the design.
We rethink the working style, and also we reinvent our communication model, and also we introduce the listening culture in this company. That's all my sharing. Thank you.
Kikuchi from SMBC Nikko Securities. Thank you very much for this opportunity. I have two questions. One is about AI strategy. Thank you for the explanation. Now, in terms of your revenue, how much contribution is coming or is expected to come from AI? And I think ARR is being or ARR is at a certain level right now, but do you expect the potential of that coming up as a result? In other words, the contribution to the revenue is what I would like to ask you about. What is your expectation?
Maybe I can start, and Mahendra, you can jump in. I've calculated the amount. So about your first question, how much of our revenue is connected to AI?
I've actually calculated that, but I didn't think that it was going to be that relevant to share because the number is so big. When you look at our overall Vision One platform and those 11 modules, and you look at our consumer business and what we're doing, we're leveraging AI in so many different places. So it's over $200 million. So it's big in terms of how much of our revenue is directly connected to how we're leveraging AI. In terms of the numbers for next year, I hope you can pick up in the sentiment that we feel very good with where we're at from a platform perspective. We feel good with respect to the market, and we're going to offer up guidance when we publish our Q4 results in February. We'll be offering up guidance then.
May I add something?
Actually, if you think about customer implementing AI, our security for AI is mainly when customers implementing AI, they change their operation, and therefore, they need some more security. So it's actually embedded in different topology of the network. For instance, their AI data center will leverage our container security to secure that AI data center. Their gateway will need to use our AI filtering capability, which we call Zero Trust SaaS Control, Security SaaS. And those are built into those modules. So it's very hard for us to say these are AI-specific revenue.
Okay. Thank you very much. About the second question, the guidance will come out in February, I understand that. Now, the current ARR growth rate is at 4% right now. And I thi nk maybe compared to last year or since sometime it's going down, it's also the same for enterprise and all other segments.
I don't know about the regional split, but now, what is the timing of this catching up? The revenue growth, 8%-10% is your target for revenue growth. Therefore, ARR is right now at 4%. So maybe if the trend continues as is, maybe you cannot reach the target. So when do you think is the catch-up or the turnaround? So from Q4, or is it the next quarter, first quarter, or sometime in next year? I don't know. But the guidance growth, the target rate will come out in February in your guidance. But the turnaround timing is what I would like to hear more about. What is your prospect on that? I can jump in, and then Eva and Mahendra can comment as well. Yes, it's true that the ARR, it looks like it is plateauing.
There's a lot of things that have been moving around this year in terms of, as we've been doing our transformation and getting our operating model in place, and we feel like when you see our Q4 results and you see our 2025 guidance, that you will start to see that we're going to get some more uplift in our ARR. I can't give you the specific numbers right now because we are waiting to close out Q4. We believe in our guidance for the year that we're going to hit that, and we're going to finish strong, and we'll build our 2025 plan from Q4.
So I guess all we can say is we're very confident on our road to 2027, and we stick with that, and for 2024, we're confident that we can hit the plan, but maybe we are economists.
We know it's going up, but we just don't know when.
Thank you very much.
Anybody else? We don't see any hands right now. Oh, yes. I will unmute. Please.
This is Watanabe from Mitsui Sumitomo DS Asset. Can you hear me? Yes? Yes. Thank you. So earlier, you talked about the organization and list layers, and it will not be fixed positions, but the number of employees. So I think you see a reduction every quarter by three digits. So as you shift, yes, productivity may go up, and for existing customers, you're trying to increase the modules, and I'm sure rather than capturing new customers, that will be more productive, but there has been a huge decline in the number of headcounts, but right now, as you try to grow by geography, by job po sitions, what are the gaps in terms of your headcounts right now?
For the time being, you may see a decline in the number of headcounts. The top-line growth, as you try to achieve between 8%-10%, I think you need to increase your headcount. What are your views in terms of talent strategy or workforce strategy?
I can start, and I'm sure even Claudia might have an additional color. I think you are right that we do have plans to actually add headcount next year. In particular, I know we've got plans to drive the growth to add more on the sales side. So quota-carrying salespeople, we have budgeted for around a 10% increase in the number of salespeople that we will have as an example. Zooming out, I think it's about getting the right people in the right roles. That's really what we've been fixated on.
And yes, it has created a net decline over the last couple of quarters, but we feel like we're getting the right people in the right roles. And truthfully, we haven't felt more productive in terms of what we've been able to accomplish with our Radial Web, flatter organization, right people in the right roles delivering on a single vision that we have. So yes, we will be hiring more salespeople.
Yes. And that was the reason that we especially this time are asking Claudia to share what that Radial Web organization looks like. The right person in the right mindset, the productivity increase. And I know people are worried about why our employee is going down. But I think the key is we have the right people, and we are doing more things, and we achieve lots of innovation in the cybersecurity area.
So that is the power of the web organization. We break the silo and increase the productivity of everybody.
Okay. Thank you very much. Maybe some e mployees may hear this call, so it may be difficult for you to say very clearly. But perhaps our person said there is no point in splitting the profit. But in terms of revenue, so perhaps a profit is better to see the breakdown. But in terms of revenue on a local currency basis, if you simply split by the headcount, U.S. seems to be the only region that is going down in terms of productivity. Other regions are improving. But like I said, U.S. seems to be low in productivity. That's what I see. So from last quarter four to quarter one of this year, you went through restructuring. However, it seems like productivity is still low.
So if you could explain about a bi-region strategy or what ideas you have in terms of workforce, that will be helpful.
Okay. Yeah. From an Americas standpoint, so if you look at the Americas geography and then you're specifically asking about the U.S., we have made substantial changes, and we saw tremendous growth in Q1, 40% growth in Q1. We are getting the model settled in terms of driving the top line. And I fundamentally believe you're going to be very surprised whenever you look at the annual number of how the Americas finish at the end of the year. So getting the right rhythm is what we're focused in on. And we will finish. I'm confident. Actually, in the U.S., we continue to drive for double-digit growth. So we will finish well.
In terms of when you just take the revenue and divide it by the number of employees in that region, that can be a little bit tricky because we have research and development campuses across the globe, and in particular, we have one in the U.S., so if you're trying to measure sales productivity, it's not a great metric to be using to actually doing the math that way. We happen to have a very powerful R&D organization in the U.S., so we don't look at it that way. We look at the productivity globally, about how are we doing, and like Eva and I were saying earlier, it's the right people in the right roles, and we don't really know geographic boundaries. Other than a salesperson who owns a territory, everybody else is completely fixated on global.
And so, as Kevin mentioned, if it's a simple division, it's difficult to understand the reality. So of course, in the U.S, in Americas, of course, it has R&D, which means there needs to be adjustment. And if we look at just the sales per head count sales, we track that. So productivity of sales and by development, we follow that by division. Okay. Thank you very much. It doesn't have to be the exact number, but maybe like a chart or graph, that will be helpful if you could share those information with us. Thank you very much.
Tha nk you very much. In the interest of time, we can entertain only one more question.
Okay. So I am asking him. Yeah. Yes. Unmuted. Yes. We can hear you already. Ueno from Daiwa Securities, can you hear me? Yes, we can hear you clearly. Okay. Very simple question.
The medium-term business plan was announced, and I think labor cost is fluctuating in different parts of the world. And R&D ARR is declining, but then R&D ratio is at a certain percentage. And in terms of an absolute value, maybe you run short. Considering the AI developments, maybe you need to increase the R&D budget. So since the time of the medium-term business plan, one year after, the external environment has changed. So what about the guidance for next year's midterm plan? I think it will come out in February next year. And is there a possibility that you will make adjustments there, or do you keep it intact? In other words, do you keep it as you have stipulated in the previous medium-term business plan? Okay. So let me comment on the first one first, and then others can follow. So the thinking, we want to reflect the reality.
Kevin talked about this a little bit as well. 2024, profit margin, operating margin is improved, and that was our target. Therefore, the sales of the new customers that we want, we're focusing on there. Therefore, there will be some adjustments there. 2027, the road to 2027, we are working towards that. And so maybe it would be difficult to really have the exact same number. In other words, adjustments on the way, along the way, it would be necessary, but we will still try to reach th e target. Okay. Please.
May I? Yes. Okay. So for the final year of the medium-term plan, you want to make commitments, but you're saying that the external environments will change. Therefore, you will have to look at the situation next year, fiscal year, and you will make necessary adjustments. But we should keep that in mind.
Yes, the environment is changing and will change. And so we have to look at that situation. Okay. Very clear. So yes, I asked this question because we have to come up with certain numbers towards next fiscal year. That's why. Thank you. Thank you very much. There is no further hands up. So we would like to close the Q&A session at this time.