WHK Expands its Cyber Risk Program, Delivers Huge Lift in Revenues

For our latest update on this stock see: A Wave of Cyber Attacks has Whitehawk (ASX: WHK) Primed to Run

Located in Alexandria Virginia, the heart of the US Government and Defense industry, ASX-listed cybersecurity company WhiteHawk Ltd (ASX:WHK) has developed the first global online cyber security exchange and continues evolving its portfolio of cybersecurity systems and services.

Having secured contracts with key US federal government departments, along with Fortune 500 companies, top US financial institutions, major insurers, manufacturers, utilities providers and a top Defence Industrial Base (DIB) company, WhiteHawk is now seeing its investment pay off.

WhiteHawk was last year added to our long-term investment portfolio when we picked up a significant shareholding in the company, after awarding it the Next Tech Stock’s top 'Pick of the Year'.

Since then, WhiteHawk has continued to sign new partnerships and bring in new revenue streams.

As revealed today in its quarterly report for the three months to March 31, WhiteHawk grew revenues by 55% from the previous quarter, rising to US$516K (A$787K) in Q1, from US$333K (A$508K) in the December 2019 quarter.

This is a huge increase on the year, a 282% lift from US$135K (A$205K) in Q1 2019 to US$516K (A$787K) a year later.

Revenues include US$263K (A$401K) for a renewable SaaS subscription.

With a market capitalisation of just A$8.4 million, WhiteHawk finished the quarter with a strong cash position of US$1.5 million (A$2.3M) and a strong pipeline of sales contracts.

It continues to ensure a lean approach to expenses, further reducing cash burn to US$227K in first quarter 2020, down from US$447K for fourth quarter 2019.

Gross margins were increased too, a result of the automation of product lines.

The company is now moving forward with two strategic Sontiq/WhiteHawk Small Business Suite offerings via managed service providers and financial institutions to 4,000 to 140,000 current small to mid-sized enterprise (SME) customers, as an annual subscription service.

Additionally, a new comprehensive task has been scoped for current quarter based on a current contract in place with US Department of Homeland Security (DHS) CISA, as sub-contractor to Guidehouse (formerly PWC Federal).

WhiteHawk’s Cyber Risk Program has also been expanded from three to eight business groups, having been executed via its recent sales-enhancing partnership with a global consulting company. On 15 April, WhiteHawk reported that the partnership has already generated annual software as a service (SaaS) subscriptions of more than US$400,000 (A$628K) in 2020.

The company has also received and is finalising a sole source US Federal Government Request for Proposal (RFP) for Cyber Risk Radar across 150 Suppliers, with options for an additional 150 suppliers each year for a base year and four option years.

Further, WHK have showcased live demos of the WhiteHawk Cyber Risk Radar for current Top 12 US Defence Industrial Base (DIB) Company customer, to four US Federal government departments and agencies, proposing a proof of value kick-off in the second quarter of 2020.

That partnership has opened an additional sales channel for WhiteHawk through which it is selling its Cyber Risk Program that incorporates WHK’s online Cybersecurity Exchange platform, its automated Cyber Risk Scorecards, and virtual consultations.

The Cyber Risk Program is a software as a service (SaaS) product that can be remotely delivered to any organisation in the world with speed, efficiency and impact. Available to any company, anywhere in the world, it allows for rapid scale remotely during the current pandemic related lockdown.

This comes as COVID-19 has provided the perfect opportunity for cyber hackers to mount potentially devastating campaigns against organisations, their employees, and their supply chain partners.

Added to our long-term portfolio last year as our 'Pick of The Year', we remain confident of WhiteHawk’s future as it continues to accrue contracts and partnerships and its revenues rise. With a sub-$10 million market capitalisation, there remains huge potential upside on offer here...

Share price: 5.3 cents (at 29 April 2020)

Market capitalisation: A$8.43 million

Cash & cash equivalents: US$1.47 million (A$2.3M)

Here’s why I like WhiteHawk:

Launched in 2016, WhiteHawk (ASX:WHK) began as a cyber risk advisory service with a vision to develop the first online self-service, cyber security exchange.

It wanted to simplify how companies and organisations discover, decide, and purchase cyber security solutions to directly mitigate their key cyber business risks.

Today, WhiteHawk is the first global online cybersecurity solutions marketplace, based on an AI-driven platform architecture, with a focus on identifying, prioritising, and mitigating cyber risks for businesses of all sizes.

The cloud-based cybersecurity exchange platform delivers virtual consultations, AI-based Cyber Risk Profile’s that match customers to tailored solutions on demand. It helps US companies to connect to content, solutions, and service providers.

Further, WhiteHawk also provides cyber-risk consulting to multiple US federal government departments, Fortune 500 companies and other large institutions, continuously monitoring, prioritising, validating, and mitigating their cyber risks.

The company connects its clients to state-of-the-art, industry-leading solutions and service providers as it continuously reviews best-of-breed cyber and analytics solutions.

Quarterly activities:

Cyber risk radar annual subscription contract with top 12 US DIB company

During the first quarter, WHK continued to execute on its Cyber Risk Radar contract with a top 12 US Defense Industrial Base (DIB) company for 150 suppliers and vendors.

It has been implemented as a scalable, repeatable and effective approach for monitoring, prioritising and mitigating DIB supplier business and cyber risks.

WhiteHawk is providing online platform Software as a Service (SaaS), an annual recurring subscription augmented by consulting risk services.

This program builds upon the lessons learned from two smaller contracts, for a total of over US$700K, incorporating a flexible tiered approach to Digital Age risk identification and mitigation.

Progress during the quarter included:

• Business and Cyber Risk Monitoring for 30 tier 1 suppliers, with quarterly Cyber Risk Scorecards
• Cyber Risk Monitoring for 35 tier 2 suppliers and quarterly Cyber Risk Scorecards
• Providing initial impact of COVID-19 analytics to some key suppliers
• Providing live demonstrations of Cyber Risk Radar platform to US federal government supply chain cyber risk leads.

New Cyber Risk Program contract with major manufacturer

WhiteHawk’s signed a new Cyber Risk Program contract with a major US manufacturer via a global consulting firm partner.

This independent risk assessment subscription for eight Business Groups includes: continuous monitoring and prioritisation of cyber risks; quarterly executive level scorecards and reporting; and bi-annual risk validation by real-time Red Team assessment.

The Cyber Risk Program is tailored and delivered to the company’s Chief Information Officer (CIO), executive team, Chief Executive Officer (CEO), and Board of Directors.

During the first quarter WHK completed cyber risk monitoring and scorecards for three business groups; initial scoping and cyber risk monitoring for an additional five business groups; and planning and coordination for real-time red team initial assessment in the second quarter of 2020.

Contract with US Department of Homeland Security (DHS) CISA, as sub-contractor to Guidehouse

WhiteHawk is a sub-contractor on a contract won by the prime contractor Guidehouse (formerly PWC Federal) with the US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). The contract is for 7 years (1 year with 6 option years). WhiteHawk’s development project is scoped to be between US$150K to US$300K annually.

In its sub-contractor role under the prime contractor, WhiteHawk will provide cybersecurity marketplace architecture and development work.

During the quarter the cybersecurity online marketplace was scoped, architected and mapped to customer initial requirements for phase 1 completion in 2020 and phase 2 in 2021. Due to project kick-off delays, initial invoice is April 2020.

Execution on 2nd contract with US federal government department CIO

During the first quarter WHK continued to execute its Cyber Risk Policy and strategy projects on its second sub-contract with a US federal government CIO — a 5 year contract (1 year with 4 option years).

Revenues commenced in August 2019 and the first full year revenue to WhiteHawk is expected to be between US$300K to US$600K and is subject to final scoping by the prime contractor and customer.

Execution on 1st contract with US federal government department CIO under prime contractor

WhiteHawk's sub-contract length is 5 years (1 year with 4 option years) and includes Cyber Subject Matter Expertise and Cyber Risk Solutions. The contract execution has been in ramp up phase until now with first meaningful tasks assigned and executed. First six months revenue reflected the ramp up phase only, totalling US$45K in 2019.

During the quarter, WHK completed its first Cyber Risk Policy and strategy project. The second and third Cyber Risk Policy and strategy projects were scoped but were delayed due to customer changes in priorities and new tasking requirements for 2020 currently under discussion.

WHK partners with global consulting firm

WhiteHawk is evolving an increasingly impressive portfolio of systems and services leading to cybersecurity contracts with key US federal government departments along with top US financial institutions, insurers, utilities providers and a top Defence Industrial Base (DIB) company.

On the company’s recently established partnership with a major (unnamed) global consulting firm, as announced on 15 April, has already secured several subscriptions for its new Cyber Risk Program.

The partnership provides an additional sales channel and has already generated annual software as a service (SaaS) subscriptions of more than US$400,000 (A$628k) for 2020.

I took a closer look at that partnership in my previous report on WHK two weeks ago:

The news was also covered on multiple news sites including Finfeed, ITWire and ITBrief:

The need for cybersecurity is on the rise in 2020

Taking into account the impact of the global COVID-19 pandemic on the dramatic growth of cybercrime and fraud on our current and potential customers, WhiteHawk is doubling down on the more economically resilient sectors of the US federal government and the US Defense Industrial Base for the remainder of 2020.

It will continue the sale of Cyber Risk Radars across the supply chains of US Department of Defense services and agencies.

This comes in light of new Federal Contractor Cybersecurity Regulatory policies, the Cybersecurity Maturity Model Certification (CMMC) in particular which WHK’s Cyber Risk Radar is focused on.

WhiteHawk will focus on its online company customer Cyber Risk Journey as an efficient path for federal and DIB contractors to achieve CMMC in 2020 and beyond.

WHK recently responded to quick turn CMMC advisory board continuous monitoring RFP, to phase in across the 330,000 DIB contractors.

It is positioning the Cyber Risk Program as an enabler for DIB prime (large) companies to achieve CMMC level 5 in 2020 and beyond.

The company continues its integration with the Sontiq Business Suite SaaS service as an effective means for small to mid-sized enterprises to mitigate cyber risks during the pandemic.

There’s now money to be made in cybersecurity like never before as the current global COVID-19 pandemic presents an array of opportunities.

WhiteHawk is positioned to benefit from government and enterprises’ need for greater cybersecurity protections. Even prior to the COVID-19 pandemic, WhiteHawk was in a strong cash position and well-funded into 2021 with existing contracts and a strong sales pipeline.