June 26, 2019 - 12:50pm EST by
2019 2020
Price: 26.00 EPS 0 0
Shares Out. (in M): 9 P/E 0 0
Market Cap (in $M): 231 P/FCF 0 0
Net Debt (in $M): -10 EBIT 0 0
TEV ($): 241 TEV/EBIT 0 0

Sign up for free guest access to view investment idea with a 45 days delay.



Cyan AG is a very attractively valued European provider of white-label IT security solutions. The shares have multi-bagger potential over the next few years. Cyan will profit from strong industry tailwinds, but the main growth driver will be the ramp up of the recently won Orange tender (French telco, ca EUR 37bn market cap). Successfully executing this contract, Cyan could comfortably reach EUR60m revenues in 2021 at >55% EBITDA margins. Incl. generated cash (Cyan has very little debt) and assuming a 17x EV/EBITDA multiple (sector currently trades at 22x ‘19), this implies a money multiple of 2.7x over the next 2.5 years. Valued at a sector multiple of 22x (I expect EBITDA will continue to grow >20% pa), this is 3.5x over the next 2.5 years – and this still excludes plenty of other opportunities in the pipeline. 

This opportunity exists given the small size of this company, management’s (at first sight) lack of track record and the significant and rapid change the company went through; only 3 years ago the company employed 10FTEs, compared to ca 130FTEs today. Also, (financial) disclosure to date has not been shareholder friendly, though this is about to change. 

Some history

Cyan is a Munich based provider of white-label IT security solutions. The group is specialised in the protection and optimisation of mobile networks (MNOs and MVNOs) and focuses on B2B2C business (more on this later). In addition to network operators, Cyan services banks, insurance companies and several governments. 

Cyan has been operating for more than 15 years in the field of cyber security. Historically, the company worked closely with clients to develop products. Often, Cyan would set up a separate entity with clients/researchers. As a consequence of this strategy, over the years Cyan ended up with lots of entities throughout the world, most of which were however not 100% owned. This was one of the reasons for the Cyan IPO in March 2018; not only to raise money to pursue growth, but mainly to buy-out the minority shareholders of these entities and to consolidate (read: clean-up) what had become a bit of a messy corporate structure for such a small company. 

The company’s first major contract was with T-Mobile Austria in 2013 which included internet security solutions. Growth continued in the years thereafter with other major contract signings with Deutsche Telekom (covering various countries) and T-Mobile Poland in 2015. Though Cyan continued to expand its business in the years thereafter, growth accelerated substantially in 2018. Cyan IPOed in March and in May 2018 it announced the acquisition of I-New, a global systems provider for MVNOs (basically a one-stop-shop solution for launching and operating an MVNO platform). I will not delve much into the details of I-New’s product offering, suffice it to say that with the acquisition of I-New Cyan significantly expanded its product portfolio, customers base and number of employees. I-New was struggling to grow business though had contracts with over 40 MVNOs serving 5,5m clients. In addition, with the acquisition Cyan expanded its number of employees from 35 to ca 160 (of which 100 IT engineers), which were strongly needed to achieve critical mass to win and service much larger clients such as Orange. With the I-New acquisition, Cyan basically bought client relationships (strongly increasing cross sell opportunities), a new product offering (data-optimisations solutions, which was combined and repackaged into a new successful product) and engineers. 


As a result of the I-New acquisition, the company is now able to execute large projects for telecommunications companies, thereby increasing its attractiveness. This is very helpful in view of the company's extensive project pipeline and, according to management, has brought Cyan at least a good two years forward in operational terms. During October and December 2018, the company carried out two capital increases, aimed at financing the I-New acquisition (which was completed in two stages) and further improve its balance sheet. 


A game changer and one of the main drivers of growth is Cyan’s win of a global tender with Orange. In December 2018, Cyan and Orange agreed on a long-term contract to offer Cyan’s solution to all of Orange’s subsidiaries globally. The contract covers 28 countries with the potential to reach 260m Orange customers over time. After a two-year tender process, Cyan was able to secure this deal against a wide range of incumbent competitors. This deal will not only strongly accelerate the company’s growth but it also further underscores Cyan’s attractive product offering and potential to win other contracts.


As a result of the above, Cyan now operates along 5 business units: Carriers (which includes Orange), I-New, GVG, Banking and Insurance, Cyan Networks. All segments are expected to grow, though basically all growth will come from Carriers and I-New (incl sales from data compression) – more on this later.


Product offering and technology




Cyan’s product portfolio can be summarised as follows:

  • OnNet Security. This is Cyan’s network-integrated security solution which is offered as a white-label solution to MNOs and MVNOs. This product is installed / integrated in the existing infrastructure of the network. The customer (i.c. the network operator) then offers the product to consumers who can choose to opt for it (hence B2B2C). OnNet Security protects the consumer by blocking malware, phishing, viruses, etc before they reach the consumers. This can perhaps easier be understood as ‘data connection’ security. It is important to now that consumers do not have to download and install anything; they are simply offered the option to opt-in via a text message from the network operator. Furthermore, once the product is installed onto the network, tested and ready to be rolled out, it is very easy and fast to scale. Revenues for Cyan are dependent on the number of total consumers, the take-up rate of the product and the ASP of the product. Consumers are charged eg EUR 2.50 per month of which eg 40% is passed to Cyan.

  • Endpoint Security. This product is basically an extension of the previous product and is often offered and sold in combination. While OnNet Security protects the consumers of threats before they reach the end-device (at the network level), Endpoint protects the device itself. This product can also be sold on a stand-alone basis. The look and feel of the product can be customised by Cyan. Revenues for Cyan are earned based on the same model as the OnNet Security offering.

  • DNS data optimisation. The third main product is basically a filtering system offered mainly to MVNOs. This product filters traffic from trackers, suspicious malware/ads, etc in order to provide ‘clean’ traffic to the consumer. As a consequence, total data traffic can be strongly reduced, which improves efficiency (saves purchased data volume by the MVNO) up to 15%. Bear in mind that this does not require large investments by the operator. Revenues for Cyan are based on a cost-sharing model, where 30% to 50% of the cost savings by the operator are shared with Cyan.

Source: Company reports


  • Other products such as Child Protection and Personal Protection & Authentication. These solutions target parents who wish to protect their children from malicious content as well as banks and insurance companies (just the PP&A for these of course). Note that PP&A is currently in a sweet spot as European regulation is becoming stricter and institutions such as banks and insurance companies have to adhere to new PSD2 regulation.



In discussing Cyan it is important to have a clear picture of the difference between endpoint vs network security. Endpoint security provides security of devices by installing an app or program on a device (a smartphone or computer for example). In contrast, network security software is installed directly onto the network of the operators. The objective is to protect consumers by filtering the traffic data and assuring that no malicious content reaches the endpoint device. 


Cyan is the only white-label solutions provider of network-based solutions. Providing network integrated security solutions has several benefits: it is mass-market appropriate and easy to add onto existing infrastructures of telcos. Also, as previously explained, end users are not required to make any additional downloads; the cyber protection is directly offered through the network provider. Customers merely have to opt-in/out.


Cyan’s cyber security technology processes >500m data requests per hour and is provided by hundreds of IT centres searching the internet for potential threats. The software checks traffic with cyan-patented algos (buzzterm: artificial intelligence system) and updates its filter system (the list of threats) every four hours. Updating endpoint software generally takes much longer. 


Source: Company reports


I’m not an expert in cyber security technologies, though my research and discussions with industry experts suggest the following unique selling points / key differentiators of Cyan’s technology:

  • The combination of servicing endpoints with a white-label easy to scale onnet solution is unique.

  • Cyan was specifically built to be mass-market focussed and hence easily scalable to millions of consumers (without adverse effects such as slowing down traffic). Once the technology is installed, practically no additional capex/opex are needed. 

  • Additional product offerings can effortlessly be added on.