Corero Network Security plc

Corero Network Security plc

The Stock Market Show

13 September 2014

Overview



_{AIM listed company (AIM: CNS)}

•

Share price £0.21

(market value £

18

M)

•

Shareholders: directors 42%, BlackRock 9%, Herald 9%, 40% other institutions/individuals



Key stats

•

Revenue FY 2013 $10m (NAM 50%, Europe and ROW 50%)

•

70 employees



_{Cybersecurity software company focused on DDoS and cyber threats}

•

Launched new next generation product SmartWall® Threat Defense System (TDS) in H1 2014

•

Target market: Service Providers and large enterprises



Significant market opportunity

•

Cyber security one of the fastest growing IT sectors

•

DDoS a growing threat – market will grow to over $1.5B in 2018 (66% increase) (Infonetics Research)



_{Well positioned for growth}



Experienced management team

1

© 2014 Corero www.corero.com

Corero goes to market as a First Line of Defense that

What are DDoS attacks



Distributed Denial of Service (DDoS):

•

An attack that sends unusually large number of requests to Internet facing servers in an attempt to

slow down or completely stop their ability to serve legitimate clients



_{DDoS attacks have become a widely used cyber attack weapon}



DDoS or DoS (denial of service) describes a wide range of cyber attacks



DDoS an increasing threat

•

Businesses of all sizes are being targeted

•

2x # companies experienced a DDoS attack in 2013 (from 35% in 2012 to 60% in 2013) *

•

87% of companies attacked multiple times *

•

55% of DDoS attacks are distractions to confuse or overload security protection equipment (such as

firewalls) and IT staff, while data theft is undertaken *

“As a result of high profile attacks in the last two years, DDoS has gone from a relatively sleepy market, undergoing only

vegetative growth, to being a rapidly expanding sector.”

Ovum Research (May-14)

Firewall has

no inbound

holes open

Inbound Service Requests

Blocked by firewall

Firewall – Locked down: No Service Access

Unwanted Traffic

Internal Network

Buffer Overflows

Application Layer DDoS

Code Injections

Brute-Force Password

Specially Crafted Packets

Firewall – Service Ports Open

Buffer Overflows

Application Layer DDoS

Code Injections

Brute-Force Password

Specially Crafted Packets

Unwanted Traffic

In order to allow incoming Service Requests inbound

“holes” must be opened on the Firewalls

Web TCP Port 80, 443 FTP/SSH TCP Port 21, 22 Mail TCP Port 25 DNS TCP/UDP Port 53

Internal Network

All Firewalls

work the exact same

way!

All Attacks pass right through the Firewall because that is what it

thinks it is supposed to do.

Corero – Inspect Open Service Ports

Buffer Overflows

Application Layer DDoS

Code Injections

Brute-Force Password

Specially Crafted Packets

Unwanted Traffic

The Corero First Line of Defense is located in-front of the Firewalls

and blocks DDoS attacks and cyber threats

Web TCP Port 80, 443 FTP/SSH TCP Port 21, 22 Mail TCP Port 25 DNS TCP/UDP Port 53

Internal Network

Good user

traffic is allowed to

pass

Firewalls and downstream servers are protected

and never see the unwanted traffic

Snapshot of DDoS attacks and impact

Attack Bandwidth Gbps

Data shown represents the top ~2% of reported attacks

JUN 1 JUL 1 AUG 1 SEP 1 OCT 1 NOV 1 JAN 1 2014

FEB 1 MAR 1 APR 1 MAY 1 JUN 1 JUL 1 100 200 300 400 DEC 4 2013 MAR 17 2014 JUNE 23 2014 HONG KONG VOTING SITES JUNE 21 2013 AUG 9 2013 DEC 1 MAR 29 2014 DEC 31 2013 MAJOR HOSTING SITES

Source: Network Computing/Ponemon Institute

© 2014 Corero www.corero.com

6

20%

of data center downtime

is caused by a DDoS attack

86

minutes is an average of data center

downtime due to DDoS attacks

$700K

per incident is the average

cost of a DDoS outage

$8K

per minute is the average

cost of unplanned data center

downtime

What we do - Stop DDoS attacks & cyber threats



Patented DDoS defense technology



Suite of security products & services



Multiple routes to market - security distributor/reseller channel, (OEM and SIs) and direct

Corero goes to market as a First Line of Defense that stops DDoS Attacks and Cyber Threats

DDS - DDoS Defense System

(mid-size Enterprise)

•

Previous generation product

•

1 - 10 Gbps performance

•

On premises in-line device

•

Always-on protection appliance

SmartWall TDS

(Service Providers and large Enterprise)

•

Next generation product

•

n x 10Gbps @ ~30M pps

•

Security services platform

•

Always-on managed service

Next Generation

New

Previous Generation

Corero addressable market

Peer point

Hosting Data Centre Corero SmartWall Network Threat Defense Existing

product

Secure Internet

Market opportunity for Corero



Challenge: DDoS & Cyber Threats

•

Online Enterprises, Hosting Providers, Service Providers and

their customers are increasingly being impacted by DDoS

attacks and cyber threats

•

Customers are looking to Service Providers and Hosting/Cloud

providers for protection against DDoS and cyber threats



_{Double digit growth market (Infonetics Research)}

•

DDoS mitigation (products and services) to increase 66% to

over $1.5B in 2018

•

Strong growth in period 2013-2018 in DDoS products for data

centres (CAGR 13.2%) and mobile providers (CAGR 20.8%)

“The data centre and mobile DDoS prevention segments are projected

to maintain healthy double CAGRs from 2013 to 2018.”

Jeff Wilson, principal analyst for security at Infonetics Research (Jun-14)

Data centre Government Carrier transport Mobile 2013 Total $348M Data centre Government Carrier transport Mobile 2018 Total $563M Source: Infonetics Research

DDoS product market 2013-2018

Summary



_{High growth market opportunity}

•

Cybersecurity one of the fastest growing IT sectors

•

Impacts all businesses and governments

•

DDoS a growing threat – market to increase 66% to over $1.5B in 2018



Corero has a significant opportunity

•

SmartWall launched in H1 2014 and first customer sales

•

Target market – telco’s/ISPs, Cloud providers, data centre operators and large

enterprises

-

Significant increase in addressable market



Well positioned for growth



Experienced management team

© 2014 Corero www.corero.com

Customer Testimonial: Hosting Provider

“The most important thing is that Corero protects our customers’ networks and their data. That is critical to our clients, which makes it critical to us. The second thing is that it helps our security department run more smoothly. We now have we have less unwanted traffic coming in, allowing us cut our bandwidth costs, and we have a faster network with reduced latency. And not only do we save money, but the added security that Corero provides helps us generate revenue through new solution offerings.”

PROBLEM:

SOLUTION:

Proactively planning for security needs is one thing, but this Hosting Company felt the pain of being unprepared for a DDoS attack. Experiencing 24 hours of downtime at one point, impacting their customers and SLA

agreements. Initially, they tried to work with their providers to block IPs to fend off the attack, but that was totally ineffective. The company was only able to get out from under the attack by temporarily

redirecting its DNS to an outside filtering company. Once the attack ended, the Company vowed to never lose control like that again.

The Company wanted an on premises solution to

control and manage themselves. The Corero First Line of Defense solution was quickly identified as the best overall solution. Other products and services were not or purpose-built for the DDoS challenge. Multiple

solutions were evaluated and none compared to the advanced DDoS protection and comprehensive

visibility into the network traffic. In addition to the advanced protection they receive, the Company plans to offer value-added services around security based on the Corero reporting capabilities.

Hosting Hosting

✔

✖

Customer Testimonial: Banking Institution

“The Corero First Line of Defense solution was installed in 45 minutes, and it was like shutting off a water faucet. Hackers

stopped, traffic delays were gone, and the firewall was back down to single digits. System downtime frequently results in lost productivity, lost revenue, lost customers and lost opportunities. If a system is down, the staff cannot work and goals cannot be accomplished. Since we now know and understand this, we know we can call on Corero to prevent downtime.”

PROBLEM:

SOLUTION:

This High Profile Wall Street firm experienced

relentless DDoS attacks. The firewall was taking the brunt of the attack traffic causing overload at 95% utilization, shutting down all network traffic. It would re-boot, and traffic would flow for a few minutes, then grind to a halt again. The attempt at a

resolution was to perform reverse lookups to

attempt to manually block the attacking source IPs. That was time-consuming, labor intensive and, worst of all, ineffective, as the firm was hit by 10,000

attackers from almost every country in the world.

The First Line of Defense solution was deployed, and almost instantly removed the attack traffic from the equation. The power of the Corero device is in its design, ease of use and single purpose to provide the First Line of Defense to proactively stop attacks while moving legitimate traffic without delay. With the firewall and other downstream IT security

devices back to functioning as intended, this Wall Street Financial Institution was quickly back to delivering online banking services to their customers. Large enterprise Large enterprise

✔

✖