Next Investors logo grey

WHK returns with US$1.185M cybersecurity contract with US federal government department.


Published 19-AUG-2021 15:22 P.M.


8 minute read

One of our early investments, Whitehawk (ASX:WHK), is a US based cybersecurity technology provider servicing US Federal Government agencies, large corporations, right through to small businesses.

We introduced WHK to the Wise-Owl portfolio in May 2020 at 5.8 ¢ , and have been holding it for nearly three years over in our Next Investors portfolio.

We believe cybersecurity will be a huge theme over the next decade, we really like the WHK CEO Terry Roberts and fully back her to deliver on the WHK company strategy.

WHK came out with a bang in 2019, had a good run through 2020 and earlier this year before reaching a peak in January. But the share price has come off recently while the company has been quietly working on signing more big deals.

We think COVID, plus a US president change, has slowed down spending decisions in WHK’s key markets. This has seen WHK take a long time to launch new announcements... Until today when they announced a US$680k contract with an option for an additional US$505k.

This is the re-signing of an EXISTING US federal government client (WHK isn't allowed to reveal who) that demonstrates that WHK’s services are valuable to big government.

We have noticed an increased number of serious cyber attacks in the media over the last few months, which we think will spur interstate in WHK’s services.

We are long term holders of WHK and continue to follow. We expect things to start moving faster for WHK given they’ve been heads down for most of the past year, working on progressing their deal pipeline. One thing we do know is that WHK is aiming for big deals with big organisations. These can take time, but once in are very sticky.

Our investment in WHK

It’s been a while since we’ve heard much from our favourite cybersecurity technology WHK. And given the lack of material news, the share price has been dropping off since peaking in January as impatient holders left the building.

The Virginia, USA based company seems to have been slowed down by COVID-19. Executive Chair, Terry Roberts, explained that, "During COVID we have seen procurement and contracting paperwork delays of months, to a year or more."

We’ve been investors in WHK since adding it to the Wise-Owl portfolio back in May 2020 , initiating coverage at 5.8¢. And even while it’s been a slow year on the news front, we’ve maintained our position.

Our strategy is to hold our position long term as the company executes on its business plan, which can sometimes take longer than expected. And as far as we see it, nothing has changed around the reasons we are holding WHK.

WHK has historically taken time to deliver news and secure contracts with major US federal government departments and large public companies. But when it does, it is usually in the form of large, long term revenue generating contracts.

The good thing about big deals with big organisations is that they are sticky, and the incumbent is usually "rusted on" given the difficulty in changing cyber security providers. We also like that there’s strong demand for Cyber Risk Solutions globally, as supply chain vendor risks remain at high levels.

We know that the deals are hard to get, but can be very lucrative over the long term if WHK can secure them.

Finally, things are looking to be getting back on track...

The company today announced a contract extension with a US federal government Chief Information Security Officer (CISO). This not only locks in another year of revenue, but demonstrates the US federal government’s endorsement of the capability and value of WhiteHawk’s Cyber Risk Radar product line.

Prior to this, in late July, it was announced that WhiteHawk Cyber Risk Scorecards have been added to the Amazon Web Services Marketplace.

With newsflow seemingly back on, we look forward to more deals to come.

But what does WHK do?

WhiteHawk defines itself as "the first global online cyber security exchange enabling businesses and organizations of all sizes to take smart action against cybercrime, fraud, and disruption".

The way we see it: WHK’s cybersecurity technology basically allows huge organisations (think government, Defense, Fortune 500 companies) that have large sprawling supply chains to push cyber risk monitoring and mitigation technology across all of their suppliers.

The company’s Cyber Risk Radar is an annual SaaS subscription service consists of quarterly services that include Cyber Risk Scorecards, Cyber Risk Portfolio Reports, and ongoing conversations with a professional Cyber Analyst to include:

  • Risk Research and discovery — Collect, analyse, and correlate publicly available data into actionable intelligence.
  • Continuous Monitoring and Alerts — Understand an organisation’s security performance and be alerted to impactful changes.
  • Focused Analytics — Perform deep dives in the areas that need focus rather than the entire dataset.
  • Ecosystem Maps — Visualise the enterprise by understanding the supplier and vendor interconnections.
  • Risk Prioritization & Mitigation — Prioritise mitigation and business actions based on levels for impact and performance.
  • Integration into a Centralized Risk Management Dashboard — Continuous situational awareness, tracking, mitigation and management of the SCRM/VRM program.
  • Portfolio Assessments — Understand an organisation’s portfolio of all suppliers and vendors.

WHK also has its global online Cyber Security Exchange (the first of its kind) — a marketplace for cybersecurity solutions — enables businesses and organizations of all sizes to take smart action against cybercrime, fraud, and disruption.

The company has already delivered a number of multi-year deals with US federal government departments, Defense Industrial Base companies, and some big enterprise customers. These are multi-million dollar deals, but they do take time to secure and finalise.

US Federal Cyber Risk Radar contract renewed

As announced this morning, option year 1 of a 4 option year Cyber Risk Radar Contract has been signed with (an undisclosed) US federal government Chief Information Security Officer (CISO) for US$608k, with the option for an additional US$505k.

The exercise of this first-year option demonstrates the U.S. federal government’s endorsement of the capability and value of WhiteHawk’s Cyber Risk Radar product line.

The annual subscription contract involves WHK providing continuous monitoring, identification, and prioritisation of cyber and business risks of a key US federal government IT team’s supply chain vendors.

WHK will oversee the supply chain’s cyber risks over time and identify and prioritise risk mitigation strategies. It will provide its Cyber Risk Scorecards, virtually and remotely, for 150+ vendors to this US federal government CISO via an integrated risk management dashboard.

This annual Software as a Service (SaaS) contract has three remaining option years with the potential to generate revenues of US$2M and up to an additional US$1.753M, for a total of US$3.753M over the remaining three option years of the contract.

Today’s contract renewal comes after WhiteHawk was first contracted by the US federal government CISO to implement its Cyber Risk Radar in July 2020. That five-year contract was the result of a Proof of Value that was implemented early in 2019 across 10 vendors for the same US Government agency.

WHK now on Amazon Web Services

On July 29, WHK reported that its Cyber Risk Scorecards can now be purchased via the Amazon Web Services (AWS) Marketplace. This allows it to market and sell to both industry and government clients without requiring contract vehicles.

For company clients, it means that they can now go beyond the Cybersecurity Maturity Model Certification (CMMC) compliance to accelerate performance and resilience at scale, seamlessly. (The CMMC is the US Department of Defense’s security framework used to assess its contractors and subcontractors' security and capabilities).

WHK says it is also developing joint go-to-market opportunities with AWS Federal, which provides cloud computing for the US federal government.

Terry Roberts, Executive Chair of WhiteHawk, said, "During COVID we have seen procurement and contracting paperwork delays of months, to a year or more. By being vetted and onboarded to the AWS Partner Network (APN), we decided to fully leverage the proven and accessible AWS Marketplace for APN cloud-based product lines and services.

"Most importantly the sale is streamlined and seamless, with no additional contract vehicle being required. At last our sales approach can scale along with our automated Product Line delivery. In addition to selling our Cyber Risk product lines, we can bring in and sell our most innovative cloud-based partners."

What we are watching for next:

WHK has guided the market that it has a strong pipeline of partnership deals and contracts, so we are waiting for them to land a few which we believe will cause the share price to rerate after stagnating for a while as investors chased other hot market opportunities.

General Information Only

S3 Consortium Pty Ltd (S3, ‘we’, ‘us’, ‘our’) (CAR No. 433913) is a corporate authorised representative of LeMessurier Securities Pty Ltd (AFSL No. 296877). The information contained in this article is general information and is for informational purposes only. Any advice is general advice only. Any advice contained in this article does not constitute personal advice and S3 has not taken into consideration your personal objectives, financial situation or needs. Please seek your own independent professional advice before making any financial investment decision. Those persons acting upon information contained in this article do so entirely at their own risk.

Conflicts of Interest Notice

S3 and its associated entities may hold investments in companies featured in its articles, including through being paid in the securities of the companies we provide commentary on. We disclose the securities held in relation to a particular company that we provide commentary on. Refer to our Disclosure Policy for information on our self-imposed trading blackouts, hold conditions and de-risking (sell conditions) which seek to mitigate against any potential conflicts of interest.

Publication Notice and Disclaimer

The information contained in this article is current as at the publication date. At the time of publishing, the information contained in this article is based on sources which are available in the public domain that we consider to be reliable, and our own analysis of those sources. The views of the author may not reflect the views of the AFSL holder. Any decision by you to purchase securities in the companies featured in this article should be done so after you have sought your own independent professional advice regarding this information and made your own inquiries as to the validity of any information in this article.

Any forward-looking statements contained in this article are not guarantees or predictions of future performance, and involve known and unknown risks, uncertainties and other factors, many of which are beyond our control, and which may cause actual results or performance of companies featured to differ materially from those expressed in the statements contained in this article. S3 cannot and does not give any assurance that the results or performance expressed or implied by any forward-looking statements contained in this article will actually occur and readers are cautioned not to put undue reliance on forward-looking statements.

This article may include references to our past investing performance. Past performance is not a reliable indicator of our future investing performance.