CSP Inc. (CSPI) Q1 2021 Earnings Report, Transcript and Summary

Good day, everyone, and welcome to the CSPI First Quarter 2021 Conference Call. [Operator Instructions] Please note that this call is being recorded. And now it is my pleasure to turn the conference over to Michael Polyviou with EVC Group. Please go ahead, sir.

Thank you, Pasila. Hello, everyone, and thank you for joining us to review CSPi's first quarter -- fiscal first quarter ended December 31, 2020. With me on the call today is Victor Dellovo, CSPi's Chief Executive Officer; and Gary Levine, CSPi's Chief Financial Officer. After Victor and Gary conclude their opening remarks, we will then open the call for questions. Statements made by CSP Inc.'s management on today's call regarding the company's business that are not historical facts may be forward-looking statements as the term is identified in federal securities laws. The words may, will, expect, believe, anticipate, project, plan, intend, estimate and continue as well as similar expressions are intended to identify forward-looking statements. Forward-looking statements should not be read as a guarantee of future performance or results. The company cautions you that these statements reflect current expectations about the company's future performance or events and are subject to a number of uncertainties, risks and other influences, many of which are beyond the company's control that may influence the accuracy of the statements and projections upon which the segment and statements are based. Factors that may affect the company's results include, but are not limited to, the risks and uncertainties discussed in the Risk Factors section of the annual report on Form 10-K and the quarterly report on Form 10-Q filed with the Securities and Exchange Commission. Forward-looking statements are based on the information available at the time those statements are made and management's good faith believe as of the time with respect to the future events. All forward-looking statements are qualified in their entirety by this cautionary statement, and CSP Inc. undertakes no obligation to publicly revise or update any forward-looking statements, whether as a result of new information, future events or otherwise, after the date thereof. With that, I'll turn the call over to Victor Dellovo, Chief Executive Officer. Victor, please go ahead.

Thanks, Michael, and good morning, everyone. Our first quarter performance continued to demonstrate our success navigating the challenging business climate. Specifically our key objective of migrating to higher-margin products and services is delivering improved gross margins, and we remain well positioned to execute our long-term operating strategies. Despite being nearly a year into the pandemic, the entire CSPi team remains focused on achieving the primary objective of transforming our company into a cybersecurity, wireless and managed service company. CSPi is a nimble company, a distinct advantage that allowed us to develop exciting new offerings from scratch and ensure order, so we can compete with much larger companies. The awards, the accolades in the industry recognition reflects purposeful approach to develop much needed and valued offerings. I also believe that this nimbleness is inherent to our DNA and is why I believe our culture will allow us to emerge from the pandemic a much stronger company with a full complement of offerings to grow top line and deliver a disproportionate level of profitability. Our managed service has continued to perform well as we added new customers in the level of interest in our UCaaS and ARIA offerings is encouraging. Total revenue for the quarter was $11.4 million, down year-over-year, but in line with our internal projections. I also wanted to add that last year's Q1 was the last full quarter prior to the COVID pandemic. Further, the revenue mix and pursuit of higher-margin offerings allowed us to report our fifth consecutive quarter of year-over-year gross margin improvement, nearly 5.8 percentage points over fiscal Q1 2020. Given this gross margin performance, I would anticipate a steady improvement in the coming years as the portion of new higher-margin offerings contribute more heavily to the top line. As I have repeatedly said on these calls, the pandemic has exposed the weakness and limitations of network infrastructures. The pandemic did not create the issue, it only accelerated and exacerbated the underlying concern of security experts. We have already experienced record ransomware and phishing attacks. In this past December, 18,000 organizations were potentially impacted by some burst-enabled cyber attacks. The cyber infrastructure security agency classify the attacks that impacted a dozen agency, 3 states and hundreds of commercial organization as the advanced persistent threat or APT. For those of you that are not familiar, once penetrating the organization or agency via SUNBURST, hack to the Orion Code, the bad actor actively uses the network to access as many vulnerable systems as possible while using techniques to try and hide their actions. The ARIA advanced detection in response to our ADR solution was designed to detect such attacks as well as ransomware and malware, which is a constant threat to all organizations. Out of the box ARIA ADR requires no special configuration in is purpose-built to automatically find and stop all forms of attacks, including APTs. With over 73 models preloaded into our solution, it can detect any attacker's action and behaviors, making a highly effective threat detection and response solution. The ARIA ADR leverages advanced machine learning to pick up these behaviors by monitoring all network data, the security and IT architecture in deployed applications. It uses artificial intelligence to find bad actors, verifies their activities and correlates their actions before declaring a confirmed threat. Today, ARIA ADR has been targeted at midsized organizations. This market has been -- budget has been -- budget heavily impacted by COVID pandemic restricting budgets and lengthening sales cycles. Just when these customers most need a solution. In response, we had just released our latest version of ARIA ADR called ARIA Cloud ADR. ARIA Cloud ADR solution helps in 2 ways: first, it allows us to sell the solution to companies that are cloud centric. Second, it creates a lower price point for entry for midsized customers prospects as we can protect their premise, remote workers as well as their cloud presence. Cybersecurity threats us serious issues and cost organizations, valuable time and resources to remedy and keep secure. Midsized customers are finding that ransomware attacks typically cost $100,000 or more to clean up. At the end of the spectrum, several articles placed the cost to clean up the SUNBURST hack as high as $100 billion, it could take months to fully resolve the issue. So I no longer believe it's a matter of if, but when companies will set aside budgets and commit resources to avoid such issues in the future. For the quarter, our technology solution, our TS revenue was $9.8 million, we continue to receive orders from some of our larger customers. However, the COVID-related impact has caused some budget delays in our current and potential small and midsized customers. Our managed service practice has remained a bright spot and continues to expand as we sign new cloud-based and UCaaS customers, including in Latin America as customers are seeking to expand their bandwidth to meet the growing demand in the region. The cruise ship industry remains an important market for CSPi. Of course, it's still feeling the effects of the pandemic, and they continue to push out the expected return of operations. We have been told the large investor may start operations in the second quarter. While gaining access to the ships remain an obstacle, we continue to have regular scheduled communication with the operators. We are maintaining some of the team members so we can move forward quickly when the operators give us the green light. We continue to add new UCaaS customers during the fiscal first quarter. We have been increasing the number of virtual product demonstrations, and each quarter, the new business opportunity pipeline is higher than the previous quarter. We are confident that we will continue converting these opportunities and capture our pieces of the pie, which is expected to grow from $15.8 billion in 2019 to $24.8 billion in 2024. Moving to our high-performance product, or HPP. Revenue for the quarter is $1.6 million. We remain excited about ARIA and earlier this month, we signed a new customer, SPE, a managed IT service provider for the health care and telecommunication industries, selected the ARIA microHSM solution as a key management server for securing its internal VM environment. For those that are not familiar, the ARIA microHSM generates hundreds of encryption keys per minute and gives SPE a powerful, low cost, zero footprint and highly scalable KMS solution. It also enables SPE to expand its managed IT service portfolio to offer its customers critical asset remote encryption services. While we remain well positioned within the leading cable companies, and have created other OEM opportunities for ARIA, the pandemic is delaying physical deployment evaluation and decisions. I believe the recent hack and the SPE engagement will help raise the awareness of our brand, which will be critically important as we move forward. In addition, our direct sales team, we continue to vet potential partners for the official channel program, and during the quarter, we added 3 in the U.S. and EMEA market. We currently have over a dozen partners and we are speaking to several others to ensure the robust channel program and increase our channel -- chances for success. To summarize, the markets we serve are enormous opportunities for CSPi, and the recent external factors reinforce our transition to cybersecurity, wireless and managed service company. We have a solid base of recurring revenue and a diverse customer base and portfolio of products and services that ensure we are positioned for success. Our goal is to increase the pipeline, close customer transactions and deliver stellar performance. With that, I will now ask Gary to provide a brief overview on our fiscal first quarter financial performance.

Thanks, Victor. As Victor mentioned in his opening remarks, our fiscal first quarter revenue was $11.4 million. We reported gross margin profit of $3.4 million compared to gross profit of $4 million in last fiscal year, despite the year-over-year revenue decline, reported gross margin of 29.7% compared to gross margin of 23.9% last fiscal year. This is an improvement of 5.8%, an outstanding achievement. Our engineering and development expense for the fiscal first quarter was $729,000 compared to $672,000 in the year ago period, due to the increase in headcount, offset by reductions in consulting. Our SG&A expenses in Q1 was $3.2 million, approximately $575,000 decreased from the $3.2 million in last year's fiscal Q1 due to the decrease in variable compensation, payroll and travel-related costs, due to the ongoing pandemic limiting on-site meetings and -- with customers and prospective customers. The fiscal 2021 fiscal year first quarter included a onetime income of approximately $2.2 million due to the forgiveness of the Paycheck Protection Program, the PPP loan, under the CARES Act, which we received in the third quarter of fiscal 2020. We reported a net income of $1.2 million in the fiscal first quarter compared to a net loss of $540,000 in the year ago fiscal quarter. The company's income tax expense for the fiscal first quarter was $110,000. The tax expense is primarily related to the write-off of deferred taxed assets as a result of the change in the tax law, allowing for the immediate deduction of covered expenses incurred through the PPP loan associated -- and with the associated change in the valuation allowance against our deferred taxed assets from the prior period, offset by the forgiveness of the PPP loans for which the income is excluded from tax for cash purposes. We believe the measures we've implemented during fiscal 2020, including a suspension of our quarterly dividend in stopping our stock buyback program along with the PPP loan proceeds has enabled us to preserve our cash. We ended the first quarter with cash and short-term investment of $19.9 million approximately $660 higher compared to the cash at the end of fiscal 2020. We will maintain a similar cash preservation process for the foreseeable future, allowing us the resources to execute our business plan. Our objective is to be positioned to benefit from the investments that we've made over the past couple of years and leverage our business development efforts. With that, I will turn this over to the operator to take your questions.

[Operator Instructions] And we will take our first question today from Jonathan Hodnik with [ Compound Partners ]

It's been a long time with investors. Obviously, we've met with you in the past, you're executing on all fronts. The market is realizing it. We've seen it and I just want to salute you on your accomplishments for investors. So thank you so much.

Thank you.

Thank you.

Appreciate it.

And we will go next to Joseph Nerges with Segren Investments.

I'm going to ask you a loaded first question. It's an easy one. This is real simple. That you guys -- or either of you guys know of a CEO or a CFO or whoever is responsible for the cost of security, IT security, who's happy with paying the money that they're paying for the -- or the increased cost for them to maintain security?

No.

The answer is nobody is happy to pay that. .

Not at all.

So let me follow up. Point 2, and this comes from your website. On the ARIA ADR program. ARIA ADR gives your SOC, or security operations center, in a box that costs 90% less, requires 1/100th of the manpower and is 100x faster. Now I've been in sales all my life, but any one of those 3 -- if any one 1 of those 3 existed, I should be able to sell this thing. I should have a lineup or people ready to implement it. And I understand that pandemic has caused a lot of turmoil for people to get around. But you're offering so much advantage to incorporate this. It's hard to believe it hasn't taken hold more earlier. And do you have any other reason for why, with those type of advantages?

No, Joe, to be honest with you, we would think it was -- with everything you said, it popped -- the only thing is -- we've always said this, it's a crowded space with other products and name recognition is the only thing that we're building on. Building in the customer base, getting referenceable accounts, because you do compete with some other players that have been doing it for 10, 15, 20 years or longer. So that's the only time if we -- when we struggled to close a deal, it's because of name recognition, and that's it, to be honest with you.

But again, of course, I go back to -- it's so compelling the -- what you're at least alluding to, the advantages of incorporating and ability to -- I mean, the key there is demand power. I mean that's got to be the biggest thing today where even finding people to hire in that area is got to be pretty expensive. So I just think you should be moving faster, but I guess everybody thinks that. You probably think it also?

I agree with you.

Yes.

On the -- I think you've answered the question on ARIA Cloud. It's basically slightly less expensive way of implementing the ARIA platform with almost all the same capabilities of the ARIA platform. In other words, there's a few areas where you don't cover it as well through the cloud than you would on the standard ARIA ADR platform. Is that correct?

That's correct. It's the remediation piece that when you don't have the appliance -- in a complete cloud environment, there's no difference. But if it's on-prem, in-cloud, if you want the full remediation, then you would have to put our clients in line.

So there's people out there that could qualify. They wouldn't need the full ARIA platform? And they fit in perfectly with the cloud?

Yes. But if their infrastructure is in one of the major cloud players, then it would fit in perfectly.

Great. Great. That sounds good. On the PR that you issued just recently with the SPE microHSM product line. You've had the microHSM product line out for a couple of years. I mean it -- what's different with the recent news on either this -- by SPE and as well as the StorMagic product?

That's -- you mentioned it the StorMagic piece of it. So there was a smaller company that had helped with our integration and development of the product, and they got purchased by StorMagic. And at that point, the relationship kind of got paused while they integrated it. And now that, that has been done, that relationship is basically kicked back off again. And where we're working different leads and marketing events and trying to...

So is the product more robust with the StorMagic software as opposed to I guess, what is it? Nexus? KeyNexus.

Yes, KeyNexus. Correct.

Has it been upgraded to any extent? Is it better?

The majority of the product is the same, but there is a few things that have changed, but nothing major. At this stage, there is other talks about growing that product and developing it more, but the core is the same.

Well, one thing that -- I looked up StorMagic that -- they have a fairly large customer base.

Absolutely.

Here you have over 1,300 customers.

Correct.

So I would assume -- I don't know, is there a possibility of incorporating some of this into that -- or hope into some of those 1,300 plus customers that they have?

No. We're excited about the relationship. We've got to know the upper management, and there's a lot of things going on in the marketing and talking about working with that customer base, and there's been training with their salespeople to educate them on how the 2 products are joined together where the value is, and that will continue. Salespeople, they don't -- they only listen to a small portion. So there will be multiple trainings over a period of time.

But it would seem that, that market opens up to some areas that they weren't addressing previously?

We definitely -- our product definitely filled a gap in their product line. So yes, that's where the relationship started. But like I said, basically, 6 to 9 months kind of went on pause just due to them integrating the company they purchased.

Okay. And did you say you added 3 channel partners? Is that what you said you added this last quarter or the last...

Yes.

Is that -- okay. I wasn't sure I caught all of that. I appreciate. It sounds like you're moving forward good here. Just the speed of implementation, that's the key.

We're working on it.

[Operator Instructions] We'll go next to Terry Keratsopoulos with Upstream Investment.

Yes, my question was -- you mentioned cloud-centric companies that you were going to be targeting. What do you think the market potential of that particular markets all would be?

It's a tremendous opportunity for us. There's a lot of small, mid-sized companies that have their full infrastructure into an Azure or an Amazon and -- or a Rackspace that we're going to go after.

And would this be something that's a recurring revenue type? Or is it a onetime?

It just depends on whether they just purchased it and they manage it themselves or whether they allow us to manage it full-time for them, and it's an option that we give our customers. If you want a fully managed solution, we have our stock, we can take care of that. But if you just would like to purchase either -- whether it's cloud, the licensing or if you want the ARIA hardware also with it. And then there's maintenance and support that goes along with that.

And we will move next to Brett Davidson, private investor.

I got a couple of questions. I'm sinking in all of these acronyms. So you're going to have to bear with me or I may twist a couple of these around. But the ARIA HSM, if I'm not mistaken, doesn't that address the largest issue with that SolarWinds hack being able to get in the network and issue keys, more or less to gain access at free will?

Yes. Part of it is that. Not the full thing, but part of it was that. And that's the biggest thing that we're touting, that a lot of these companies are using keys inside a VMware infrastructure, where it's a stationary key, you get in, where we're constantly changing. There's definitely value in what we're positioning. It's just the methodology that the IT people are used to doing it one way.

And you guys detach it from that -- I guess the sort of VMware. So it moves to a separate architect -- a separate hardware?

Well, it's just the keys are constantly changing.

Yes. Yes. All right. The SPE, I gathered they're a foreign entity?

Correct.

Yes.

And it's kind of hard to get an idea of the size of them. I mean, are they like a medium sized business? Are these guys a beginners? Or...

No, they're a medium sized business.

And is there, I mean, potential to follow-on with them? Or this kind of like just...

Yes. So what they did, they adopted internally and now they're making it an offering to all their customers or potential customers, especially the ones that they're targeting are the ones up for renewal of their contracts, that this is an added feature that they would like to add on to it. So it's an early relationship right now, but they believe in the technology that they adopted, the technology for their internal purposes right now.

Now is this strictly SaaS? Or is this hardware also?

No, it's both. In that particular case, it's a -- it's hardware and software and support that goes along with it.

And they'll be providing the support? Or you guys will?

Well, we provide the support for the product that they purchase, and the licensing and everything that goes along with that. But they're in MSSP, so they would be providing their own support and maintenance to their existing account base.

So it would be kind of like a layered thing. They come to you for support for their purchase and their...

Right. Correct.

So I mean, the next thing that leads me to is the revenues. So how are the revenues accounted for this? So is there a hardware and a software portion of this, and it's going to be accounted for differently? Or -- I'm trying to get a hand around how the revenues are going to show up from this?

Well, you're pretty much -- it's a bundle. So it's an end package, you're recognizing it under the revenue rules as a -- at that point. And then we'll have the breakout of the maintenance and items like that, that could be spread. And these would be longer-term contracts. So depending how it's set up with each of them. Is there an out or not an out within it. Most of them don't have outs as we're setting them up initially.

So does the revenue component change depending on how many of their customers adopt this? Or that has no factor in this?

That would have a factor. Yes.

It would. Yes. If we're doing the support, then we could recognize it over a period of time, and then if we don't, they're doing everything, then I think it's a onetime event.

Got it. So you -- again, going back to that press release that I'd asked about last call, the one where you guys put out the free service for the time period. Have you had any hits on that? Has anybody actually taking you up on that?

We've had some conversations with some clients right now.

I'm going to have another direction here. Government, USDA, PSA, it appears a lot of these have been hit by SolarWinds. Have you guys had any contact with any of the government agencies? Or do you have somebody who can exploit context they had previously dealing with some of the government agencies?

No. We don't really -- we're not focusing on the government or state right now. There's something that we've talked to, but it's -- you know the cycle with the government, it -- everything is years. So if something occurs, we'll work on it, but it's not a focus right now. We're trying to stick in the commercial space.

All right. I think that's pretty much all I have. And I'm still going to be study in all those acronyms. So...

We'll send you our glossary.

Speaking of that, is there something like that on the website? Is there...

No. There isn't. But if you have any questions, Brett, feel free to call.

[Operator Instructions] We'll go next to James Stewart from Investment Group.

Yes. Congratulations to both Victor and Gary. Boy, you're really knocking the lights out. I think the cloud business seems to be particularly exciting. I assume that it requires less manpower to implement from your standpoint? I know you're poised for explosive growth, but it seems like this is one area where you can really accelerate. And secondly, I had another question. Are there industry meetings or conventions in the IT area where you can get your name spread around quickly, that you plan on attending?

Well, to your first question, yes, we're excited about the cloud-based product, just because we're able to have more conversations. And we're hoping that the adoption will be a lot faster, not -- getting inside of people's data centers has still been a big, big challenge. So we're hoping the POCs will occur and we're able to close at a faster rate. As for shows, we are currently still doing shows now. They're all virtual, but we've been averaging 1 to 2 a month, and we -- the audience is some tire kickers, to be honest with you, and then some that -- there's 1 or 2 leads that do come up to at least have some interesting conversations and having a -- the proof-of-concept moving forward with those. And Gary Southwell, which I know you've met, has talked and has -- they give them a half hour or 50 minutes or half hour to talk to the audience who shows up in -- about ARIA and the technology. So yes, we've done a couple of those. I would -- I don't know if it's 1 a month, but it's 1 every other month or so that he's done these virtual presentations.

Well, that sounds great. Also, I'm one of the -- I'll let you know, I'm going to be pushing real hard to get our group of companies to start looking at your product because we're always faced with people trying to hack into our systems. So again, congratulations. I really appreciate the work you're doing.

We will go now to Elizabeth Millet, a private investor.

Just a couple of questions. I'm curious about it seems like you have a wonderful relationship with your managed service customers. So since you have that trusted relationship already in place, if the barriers -- one of the barriers to entry is name recognition, wouldn't that be -- how many of them have taken on ARIA? Or is there a natural sales cycle within that group of customers? Is that...

We are targeting all our MSP customers right now and various conversations that happen to each one. Some of it is still because they're in the small to mid-budget constraints. And then some of them, they're ready to move forward with adoption.

So then gets me to a question on sort of your sales cycle and your competition. I mean when you get to the point that you're speaking with people, are they deferring the purchase because of the budget? Are they going with someone else? Are they -- who are you seeing as your most likely competitor if they're going with someone else? Like what -- can you explain that sales cycle to us a little more?

It's a little bit of everything, to be honest with you. Some of them have -- they go back to management and they're looking for budgets, and budgets have -- there's 2 or 3 opportunities right now that the budgets were supposed to be in January, they got pushed off. And they're saying that it could be this month or next month for the constraint of budgets and whether the amount that they ask for, they're going to get. Some of them have gone with a lower, cheaper, it doesn't do as much. But they only had cents on the dollar that we offer. We have a very good product at a very good price, but there are other products out there that -- endpoint protection, for instance, right? They just want endpoint protection. Well, we're more than endpoint protection. So they found money at $2, $3 a user. And while we were selling the suite of a product to cover more than just endpoint protection, so we were -- either lost those or they've been put on the back burner to when they get more money, they can get a true sim that they know they need, but they just don't have the budget for right now. And then in a couple of cases, we lost against some of the big players that were out there. I'd rather not mention them, but some of the big PC manufacturers that have their own product, that came in and on the cut significantly, something that it was just really bad business to take the deal.

And this idea that -- I understand the COVID effect, but at the same time, I don't quite understand why you need to be in-person to make these sales because it's a software play. So can you talk to that a little bit?

It's not strictly a software play. Up until just recently, on the cloud ADR, it was a hardware play with software, and we had to be in line to do the full remediation. So we had our appliance that would go in line with taps, and we'd have to get inside the network to get in line, to do the remediation as the traffic was passing and so that -- they have.

My last question is on SPE, I googled them and also their CEO, and I can't find anything about them. could you point us to their website so that we can learn a little bit more?

Sure. We can put something on our website. I don't have it right now, right this second. We're going to put it on our message board or on LinkedIn.

Okay. Just curious -- because if it's a good -- it's a good recognition, but we can't find anything about them. Then I don't know how good a recognition that is.

And I am showing that we have no further questions at this time. I'll turn the call back to you, Victor for closing or additional remarks.

Thank you. And as always, I want to thank our shareholders for continued interest and support. We will continue to manage the business and leverage our opportunities where and when they exist. We remain excited about CSPi's long-term growth prospects and the industry dynamics will prompt increased interest in our offering. Gary and I look forward to sharing our fiscal second quarter results in May. Until then, stay safe.

This does conclude today's program. Thank you for your participation. You may disconnect at any time. .