Falanx Group cyber security services demand continues to grow

Falanx Cyber Security

Falanx Group Limited (LON:FLX), the AIM listed provider of cyber security services, has announced its audited results for the year-ended 31 March 2022.   

Financial highlights

Revenues £3.54m (2021: £3.12m), an increase of 14%
Closing Monthly Recurring Revenues (“MRR”) 25% greater than prior year
Gross margin increased to 41% (2021: 33%) following the rationalisation of cyber security monitoring technology platform and much improved professional services utilisation
Reduction in adjusted EBITDA* loss to £1.27m (2021: £1.35m)
Loss per share from continuing operations 0.37p (2021: 0.75p)
Overall profit of £1.48m (2021: loss £3.55m) following the disposal of the Assynt Strategic Intelligence division (“Assynt”) in October 2021
£2.5m of debt raised from BOOST&Co 
Cash balances at 31 March 2022 £3.5m (2021: £0.55m), the vast majority of HMRC COVID-19 backlog paid down in the year
Shareholders’ funds £4.35m (2021: £2.73m)

Operational Highlights

Strategic focus on the high growth cyber security market including expansion of sales and marketing capabilities, product development and automation capabilities
Restructured sales function with the creation of dedicated team focussed on winning new clients, channel growth and creation of further recurring revenue streams
Initial launch of mass market Cyber Security Assessment tool – f:CEL (Cyber Exposure Level)

Post Period Highlights

Strong growth in sales pipeline (**) to £6.0m as at 22 September 2022 (1 April 2022: £4.1m), including MRR pipeline increasing in the same period from £1.7m to £4.0m
18% growth in sales orders for core offensive and defensive services in the first five months of FY23 compared to FY22
Ongoing investment in focussed and controlled sales growth
Launch of new Retained Incident Response (“R-IR”) and Continuous Vulnerability Scanning (“CVS”) services

Mike Read, Falanx Group Chief Executive, said:

“We are delighted that the demand for our cyber security services continues to grow. In addition to the recent high profile cyber security concerns, we are seeing even more attacks on Small to Medium size Enterprises (“SMEs”). These SMEs often receive initial support via their trusted IT providers (who are not Cyber Security specialists) and hence these are the channel for our cyber services. Therefore, we have added some key new partners to our existing base to expand our reach into these IT providers. This, together with strengthened marketing, increased PR and hard work from the sales and marketing team, has resulted in a significant increase in our pipeline and today it is in excess of £6.0m – 2/3rds of which is for our MDR Services.

“Within the Company, it has been a challenging backdrop as we came through the pandemic, sold our Assynt strategic intelligence business and raised our first significant round of debt. This has allowed us to focus on the cyber business and reposition accordingly. The Falanx team is very focused on growth in a buoyant market and, whilst H1 of FY23 revenues are expected to be similar to the same period in FY22, orders for our core services are already up by over 18% and we are expecting further growth in orders for the second half of FY23, and with ongoing significant growth thereafter.

“We are well financed and expect our existing financial resources to be sufficient to see us through to profitability.”

(*) Adjusted EBITDA is a non-IFRS headline measure used by management to measure the Group’s and divisional performance and is based on operating profit before the impact of financing costs, IFRS16, share based payment charges, depreciation, amortisation, impairment charges and highlighted items. IFRS16 is excluded so that the underlying rental costs of the premises are reflected in this metric.

(**) Pipeline is the total contract value of all current sales prospects with a potential to close in the current financial year.

The Company will post its report and accounts onto its website (www.falanx.com) for the financial year ended 31 March 2022 together with its notice of AGM shortly and these will be available to download in accordance with AIM Rule 20.

Chairman’s Statement

I am pleased to present your Company’s Annual Report & Accounts for the year ended 31 March 2022 (“FY22”).  

I am delighted to report that the high growth cyber sector market became Falanx’s sole focus through the successful disposal for cash of our non-core Assynt business intelligence division in October 2021 for an enterprise value of £4.6m. I am also pleased to report that our cyber revenues have resumed their growth trend in the period under review, along with improved gross margins.  We are also now well financed with the cash resources needed to fund our organic growth plans.

In last year’s annual report, I highlighted the enormous opportunity for Falanx in cyber security, with its powerful social, technological, economic and regulatory drivers, especially with the growing threat of ransomware attacks and data thefts. Cyber security attacks have increased by over 30% in the last year and are showing no signs of receding. These factors, combined with recessionary pressures, create an environment where cyber-attacks and cybercrime will become even more prevalent, and organisations must step up their defences or suffer the potentially devastating financial and reputational consequences. Whilst inevitably exposed to the issues of the wider UK economy, we expect that this growing threat will require organisations to further invest in cyber security services and technologies.

Falanx is very much a service, as opposed to a technology development, company. Our focus is therefore on delivering client solutions as opposed to investing in the development of new technologies.

Falanx has become a trusted cyber security corporate advisor. This has been achieved by providing incisive and objective assessments of an organisations’ cyber resilience position. In turn, this often results in us providing clients with monitoring services on a recurring basis under long term contracts thereby increasing the Company’s contractual monthly recurring revenues.

The successful disposal of the Assynt division has provided us with the capital to fulfil our expansion plans for our cyber security business, specifically investing in our sales and marketing capabilities, product development and infrastructure to support this high growth opportunity. Our cash position has been further strengthened by the £2.5m loan received from BOOST&Co in October 2021, and all of this has been achieved without shareholder dilution.

Whilst our underlying cyber business is fundamentally solid, the significant investments we have been making and will continue to make, as outlined above, are already making a difference in terms of additional sales, creating a wider and more effective partner base as well as innovative service developments. We are optimistic that this investment will generate significant growth in the next year as sales momentum builds.

Approved by the Board on 28 September 2022 and signed on its behalf by

A Hambro


Chief Executive Officer’s Report

Falanx is a provider of Offensive and Defensive cyber security services, which protect around 400 customers worldwide. Customers include Managed Service Providers (“MSPs”), IT providers, public sector organisations, large multinationals and SMEs.


These are our Offensive Services and are primarily centred around Penetration Testing / ethical hacking (“PT”). Our comprehensive portfolio of PT services covers a wide range of skills and techniques which we use to emulate potential attackers looking for vulnerabilities in our client’s infrastructure. These services are provided under a traditional professional services business model with a mix of day rate and fixed price contracts. This service benefits from a high level of repeat business, long term relationships and has negligible churn. We have provided these services to nearly 400 customers over the last four years, many on an annual repeat basis.


Our Defensive managed services are provided by our Security Operations Centre (“SOC”) based in Reading. The SOC operates a 24/7/365 service, continually watching our customers’ IT estates, looking for unusual items which may be a sign of a cyber-attack or data theft. To achieve this, we monitor billions of client’s log events, such as a user logon, each week and distil this down, via AI and our assembled skills, to the few actionable items which must be alerted to the client. Our growing client base, and the move to the online world has grown the number of log events by over 150% compared to previous years. This service is supplied on a monthly recurring basis and has a largely fixed cost base of people and infrastructure with some licence fees as a function of client volumes.

You might also enjoy reading  Falanx Group report progress in sales with good order growth


Through both our Offensive and Defensive services, we help our customers to protect themselves against cyber-attacks. Through the use of either or a combination of both Attack and Defend, we inform our customers as to their strengths and weaknesses, so that they can be better protected against hostile threats. To help SMEs understand their exposure to these threats, we introduced our Cyber Security posture scoring, f:CEL (the falanx Cyber Exposure Level). Through this self-service evaluation tool, customers can understand their weaknesses and see recommendations as to what they can do to improve their posture, all in a matter of minutes.

Sales performance

Our sales performance in FY22 was achieved with a smaller team than in previous years, and despite this, sales orders were broadly similar at £3.3m (2021: £3.4m). Individual sales productivity increased by over 15%, and average spend per customer grew by 5%. In total, the Company received 369 (2021: 384) individual sales orders from 205 customers (2021: 225) out of a wider active client base of around 400. This includes 45 new clients won in the year. We have increased the number of clients who have been using both Offensive and Defensive services, and this remains an opportunity for significant further contract wins for monthly recurring revenue (“MRR”) generation. The team was expanded towards the end of the financial year, and this is discussed below in the sales execution strategy.

Operational performance

Following the development of our XDR / MDR service (“Triarii”) last year, we migrated our client base to it from previous platforms during the first half of FY22. This, combined with a stronger sales performance and much improved utilisation levels, enabled our cyber security business to record an adjusted EBITDA profit in the first half of FY22 following a loss in FY21. Since then (and as a result of the proven baseline profitability model for cyber) we are carrying out our planned investment in the cyber business.

The SOC experienced some managed churn during the year, typically from older contracts which required on-premises solutions as opposed to our cloud-based strategy. This technology consolidation enabled both a much more efficient service and a greatly enhanced client experience.  We have now moved to a predominantly cloud-first environment, and we continue to develop our offering as the market evolves. We are now both well aligned with the market and able to push ahead with our high growth plans.

Cyber security growth strategy

The solid base that we have built for future growth is fully supported by the financial resources generated from the disposal of Assynt in October 2021 and the facility provided by BOOST&Co. This has allowed us to invest in the high growth phase, with significant additional resources across the business, but particularly in sales and marketing. Our goal is to more than double the size of our business organically, and we have adopted the strategies set out below to achieve this goal.

Sales execution strategy

We have operated two functional sales areas – the pre-existing team as Business as Usual (“BAU”), which is predominantly direct business, and a new team assembled under the Net New Names (“NNN”) designation. This team is dedicated to winning new clients via both channel and direct models and their key task is to grow our Defensive SOC services leading to enhanced MRR. Nicola Hartland, an established cyber security entrepreneur, joined us towards the end of the financial year, to lead the NNN team and they have been solidly building an incremental pipeline of opportunities.

Our Partner Engagement Model has been restructured with the objective of generating regular deal flow across the mix of our Tier 1 and Tier 2 partners. Tier 1 partners generally require a higher level of attention, and our aim is to target £1m business per annum from each such client, limited to six overall. Tier 2 partners provide us with similar sales opportunities, but these are likely to be smaller in volume. We are actively trialling the use of co-funded resources within partners to demonstrate their commitment to expanding Falanx, thereby creating a larger and more diverse sales team dedicated to selling Falanx services. Through this restructured partnering model, we are no longer dependent on a single channel opportunity to drive our growth, instead spreading that opportunity across a broader network.

NNN’s focus on partners is specifically to grow MRR from SOC and associated services with an approximate 75% / 25% emphasis on Defensive (SOC & MRR) versus Offensive (i.e., Penetration Testing) services – almost the exact opposite (and therefore complementary) to our BAU team.

The use of f:CEL as an on-ramp tool, as well as a revenue opportunity in itself, is being well received for its completeness, ease of use and digestible output and recommendations. We have begun development of f:CEL ‘2.0’, in which we will bring together all customer feedback from engagements so far. This will create an even more complete product and compelling use-case across a variety of industry sectors, including insurance and IT services and the sale of our cyber security offerings through channel partners.

As we focus in on our core offerings (SOC and PT), we have chosen to exit from any low-margin, non-core legacy consulting contracts and we expect to replace their margins from further SOC sales.

Service Innovation Strategy

As a service business, we focus on service innovation and delivery excellence and not on the development of proprietary technology. This allows us to use the most appropriate technology to deliver for our clients, whilst not carrying the development overhead. This means that we can invest in client delivery as opposed to developing solutions which are already provided by (often much larger) technology companies. We will develop functionality in certain niche areas (for example f:CEL), although this is built on standard technologies. As we are technology agnostic, we can explore additional managed services with new, strategic partnerships as well as opportunities to generate significant returns.

We are further expanding our services portfolio based on customer demand and feedback to drive incremental revenues. This includes the previously announced Continuous Vulnerability Scanning (“CVS”) service and the Retained Incident Response (“R-IR”) services. These complement our ad-hoc IR service and provide SLAs and guarantee our availability to support our customers when an incident occurs.

Our targeted MRR growth is planned to move the SOC to being cash generative on a stand-alone basis, and this will improve our overall margins. Our SOC currently has the necessary infrastructure (typically with a fixed cost), and therefore significant operational leverage, and we expect incremental sales to further improve performance. We are looking to make further automation investments aimed at improved client delivery and margin improvement.  

As a knowledge-based business, we continue to attract and retain experienced and expert resources across all functions of the business. All attracted by the attractive growth opportunities in front of us as well as our excellent culture which offers support, training and career progression opportunities to people with much sought-after skills. 

Post Period update

The NNN team is now established and consequently the overall cyber sales pipeline is now building on a weekly basis, and it is already at a record value of £6.0m (£4.1m on 1 April 2022). This also represents growth of 46% in the current financial year, and very significantly the pipeline is now 66% MRR compared to 40% in April 2022 (and 17% in April 2021). Our team has a high energy level and a strong execution focus and as well as building new partnerships, our existing relationships have been revitalised and expanded. Sales orders for our core services in the first five months of FY23 were 18% ahead of the same period in FY22. This includes five new MDR deals which we sold, with a total minimum contract value of over £0.2m, with the potential for significant expansion and extension beyond this. Three of these MDR deals were signed in August 2022 when we also signed up two new Tier 1 partners. Furthermore, we have also won our first four clients for CVS and also sold more than 1000 f:CEL licenses.


Our previous investment in Triarii has transformed our customer delivery in the SOC. We have a highly relevant set of services which are well aligned to client needs in a growing market. Our focus is now on growing market share, and we are achieving this through indirect and direct routes. Since Falanx became a pure play cyber business in October 2021, we have invested in an expanded sales and marketing capability, and this is now starting to deliver results. We have new partners on board and they are already generating sales from a strong pipeline of potential business.  Our penetration testing business remains strong, and we have a growing customer base of around 400 organisations, which provides us with a good basis for cross selling of MRR generating services. With the conversion of this pipeline, which is now underway, and the planned cessation of certain spends incurred in the first half of FY23, we expect an improving financial performance in the second half of FY23.

Falanx is now firmly in growth mode, and our objective, which we are confident we will achieve, is to generate very significant, organic growth over the coming months and years. We are well financed and expect our existing financial resources to be sufficient to see us through to profitability.

Approved by the Board on 28 September 2022 and signed on its behalf by

M D Read                                                                                                                                                             

Chief Executive Officer   

Find more news, interviews, share price & company profile here for:

Good news travels fast (but only if you make that happen). Share on:


AIM All Share Index