- Adjusted operating profit guidance slashed by 40%

- UK cybersecurity space looks subscale

- Shares warned of ‘significant risk’ to earnings in mid-January

FTSE 250 cybersecurity consultancy NCC (NCC) lost 40% of its market value after slashing annual guidance for the year to 31 May 2023. The company had anticipated ‘adjusted operating profit’ of around £47 million, it’s now looking at between £28 million and £32 million.

That’s a cut of 32% to 40%, so no wonder the share price has been hammered in Friday (31 Mar) trading. At 10.15am, the shares are down roughly 60p to about 94p.

The warning signs had been there. Shares flagged the ‘significant risk’ to NCC earnings in mid-January, and the stock had fallen 22% or so since, before today’s plunge.

HOW BAD IS IT FOR NCC?

‘Revenue growth on a constant currency basis to be low single digits compared to the high single digit growth outlined in our full year 2023 interim results,’ the NCC statement read today. ‘The Software Resilience (Escrow) business remains on track to perform as set out in our interim results, with revenue growth in the second half offsetting most of the decline seen in the first half, with a full year outturn of circa 1% revenue decline still expected.’

NCC claims that ‘market volatility has materially increased’, which is fairly obvious, and that this has slowed decision-making among customers, existing and new, which seems understandable. NCC also claims that tech industry layoffs and turmoil in the banking sector post-SVB has seen cybersecurity projects canned or delayed, while inflation and higher interest rates continue to pressure IT budgets. Hmmm.

Investors would do well to ask why NCC seems to be getting it in the neck when many of its US peers are flying. Newsflow has been largely upbeat year to date from the likes of Palo Alto (PANW:NASDAQ), Crowdstrike (CRWD:NASDAQ) and Fortinet (FTNT:NASDAQ), with the latter pair both beating forecasts in recent weeks.

SUBSCALE UK CYBER SPACE

The suspicion is that UK cybersecurity specialists are sub-scale, suppliers nowhere near as integrated into the nuts and bolts of their clients in the way that the big guys are. Consider that NCC had been worth about £500 million at the start of the year, or about $620 million.

Palo Alto, Fortinet and Crowdstrike are worth roughly $59 billion, $52 billion and $31 billion respectively.

It is interesting that Shearwater (SWG:AIM), an obscure cybersecurity microcap, also warned on profits today, spouting much the same excuses as NCC. As analysts at Megabuyte said today, ‘we wonder if on top of some macro softening, Shearwater and NCC are simply subject to market share reductions, with more agile, more technically developed, and PE-backed competitors increasingly taking share.’

Find out how to deal online from £1.50 in a SIPP, ISA or Dealing account. AJ Bell logo

Issue Date: 31 Mar 2023