Check Point® Software Technologies Ltd. (NASDAQ: CHKP), today announced its financial results for the second quarter ended June 30, 2020.
Second Quarter 2020:
- Total Revenue: $506 million, a 4 percent increase year over year
- Deferred Revenues: $1,338 million, a 4 percent increase year over year
- GAAP Operating Income: $221 million, representing 44 percent of revenue
- Non-GAAP Operating Income: $253 million, representing 50 percent of revenue
- GAAP EPS: $1.38, a 14 percent increase year over year
- Non-GAAP EPS: $1.58, a 15 percent increase year over year
- Cash flow from operations: $252 million, an 8 percent increase year over year
“We delivered solid second quarter results driven by strong sales execution despite the rising impact of the COVID-19 pandemic. Sales increased across multiple categories and segments, including our advanced technologies such as cloud, endpoint, and high performance network security. We extended our Infinity platform with new Quantum appliances and newly expanded CloudGuard family,” said Gil Shwed, Founder and CEO of Check Point Software Technologies. “The new CloudGuard provides Cloud Native Security, a fully-automated platform that enables customers to leverage the speed and agility of the cloud, while utilizing a single pane of glass security management to protect their deployments and workloads.” continued Shwed, “In closing, I would like to thank our customers, partners and employees for their commitment to elevating the level of cyber security and achieving these results in such times.”
Financial Highlights for the Second Quarter of 2020:
- Total Revenue: $506 million compared to $488 million in the second quarter of 2019, a 4 percent increase year over year.
- GAAP Operating Income: $221 million compared to $213 million in the second quarter of 2019, representing 44 percent of revenue in the second quarter of 2020 and 2019.
- Non-GAAP Operating Income: $253 million compared to $242 million in the second quarter of 2019, representing 50 percent of revenue in the second quarter of 2020 and 2019.
- GAAP Taxes on Income: $43 million compared to $48 million in the second quarter of 2019.
- GAAP Net Income: $196 million compared to $186 million in the second quarter of 2019.
- Non-GAAP Net Income: $225 million compared to $211 million in the second quarter of 2019.
- GAAP Earnings per Diluted share: $1.38 compared to $1.21 in the second quarter of 2019, a 14 percent increase year over year.
- Non-GAAP Earnings per Diluted share: $1.58 compared to $1.38 in second quarter of 2019, a 15 percent increase year over year.
- Deferred Revenues: As of June 30, 2020, deferred revenues were $1,338 million compared to $1,286 million as of June 30, 2019, a 4 percent increase year over year.
- Cash Balances, Marketable Securities and Short Term Deposits: $3,959 million as of June 30, 2020, compared to $4,110 million as of June 30, 2019.
- Cash Flow: Cash flow from operations of $252 million compared to $233 million in the second quarter of 2019, an 8 percent increase year over year.
- Share Repurchase Program: During the second quarter of 2020, the company repurchased approximately 3.1 million shares at a total cost of approximately $325 million.
For information regarding the non-GAAP financial measures discussed in this release, as well as a reconciliation of such non-GAAP financial measures to the most directly comparable GAAP financial measures, please see “Use of Non-GAAP Financial Information” and “Reconciliation of GAAP to Non-GAAP Financial Information.”
In the past few months we expanded the Infinity Platform and delivered the following products and technologies:
We announced the transformation of our appliance security gateways into the new Quantum Security GatewaysTM delivering premier security. The new line of 15 security gateway models extends the Infinity architecture from the branch office to the data center. All Quantum models out-of-the box deliver our highest level of threat prevention using the Sandblast Zero-day Protection, providing more than 60 security and threat prevention services. We believe it offers a higher level of security with lower TCO than competing products. Quantum is highly scalable with up to 1.5 Tera-bps of threat prevention performance using the HyperScale technology, high port density and half the energy consumption of rival high-end appliances.
The COVID-19 pandemic has accelerated organizations’ rapid migration to the cloud. Current security controls cannot cope with the speed, scale and complexity of cloud deployments, leaving them vulnerable to attacks and breaches. Check Point CloudGuard Cloud Native Security is a fully-automated cloud platform that enables customers to protect their cloud deployments and workloads, and manage security through a single pane of glass. It streamlines and simplifies cloud security, is designed to prevent advanced cyber-attacks from impacting organizations’ cloud environments, and enables organizations to take full advantage of the speed and agility of cloud.
During the pandemic, attacks have increased against the OT networks and ICS/SCADA systems that manage critical infrastructure for energy, manufacturing, transportation, and utilities. To address this threat we announced the new 1570R rugged security gateway to protect networks in critical infrastructure, Industrial Control Systems (ICS) and SCADA systems. The 1570R delivers threat prevention security technology, ease of deployment and control, and reliability to the most demanding industrial settings such as power plants, automated factories and maritime fleets.
With the increase in cyber-attacks, Security Operations Centre (SOC) teams struggle to identify and mitigate malicious activity on their complex network estates. We launched Infinity SOC to help security teams cut through the daily overload of alerts, and reduce network blind spots to expose, and shut down cyber-attacks with best-in-class speed and precision. Infinity SOC is used daily by the Check Point research cyber analysts, to expose and investigate the world’s most dangerous and sophisticated cyber-attacks.
The impact of COVID-19 on cyber security continued in the second quarter of 2020 and was evident in new and sophisticated cyber threats, taking advantage of organizations’ and employees’ shift to a “new normal”.
Earlier in the quarter we conducted a survey with 270 IT and security professionals to examine how organizations managed their cyber-security during the Coronavirus pandemic. Over 86% of respondents said their biggest IT challenge during the pandemic was moving to mass remote working, and that their biggest security concern was maintaining VPN capacity for staff. As we move to our ‘new normal’, 75% of the surveyed professionals fear further increase in cyber-attacks and exploits as they start to re-open offices, while also maintaining mass remote working.
In April, attacks were taking advantage of the new normal with people working from home, looking for jobs and turning to relief packages and stimulus payments. This trend continued in May where our researchers documented 192,000 coronavirus-related cyber-attacks a week, marking a 30% increase when compared to previous weeks.
With unemployment on the rise, Check Point Research uncovered CV-themed campaigns in the US, where malicious files masquerading as CVs, were sent via email with subject lines: “applying for a job” or “regarding job”, and were designed to lure victims into giving up banking passwords, enabling hackers to make illicit financial transactions from a user’s legitimate device.
Our researchers also examined coronavirus contact tracing apps that became a central tool in trying to mitigate the pandemic spread. After initial review, we highlighted numerous cyber risks in those apps including device traceability, personal data compromise, app traffic interception, and fake health reports. We also discovered security flaws in WordPress plugins, serving as central platforms for E-Learning, which became a central tool in the corona era. The vulnerabilities enable students, as well as unauthenticated users, to steal personal information, siphon money and/or attain teacher privileges.
In June, while organizations started getting back to business, cyber criminals searched for new angles to exploit through hijacking other breaking news. As global protests related to the ‘Black Lives Matter’ movement reached their peak, we discovered a malicious spam campaign related to the movement were spam emails with subjects such as “Vote anonymous about ‘Black Lives Matter’” distributed the infamous Trickbot malware.
Malware and Campaigns Research:
SIGRed – Resolving Your Way into Domain Admin: Check Point researchers recently discovered a critical vulnerability in Microsoft Windows DNS, the domain name system service on Windows OS. The vulnerability, named “SigRed” is tracked as CVE-2020-1350 and was awarded a CVSS severity score of 10.0 which is highest severity score. The vulnerability is designated as wormable, which means it can propagate itself across devices with no human intervention and has the ability to compromise the entire organization. Microsoft has delivered a patch for this CVE and Check Point IPS blade and Sandblast Agent already provide protection against the threat.
First seen in the wild – Malware uses Corporate MDM as attack vector: Check Point researchers discovered a new Cerberus variant which is targeting a multinational conglomerate, and is distributed by the company’s Mobile Device Manager (MDM) server. This malware has already infected over 75% of the company’s devices. Once installed, the variant can collect large amounts of sensitive data, including user credentials, and send it to a remote command and control (C&C) server.
Bringing VandaTheGod down to Earth: Exposing the person behind a 7-year hacktivism campaign: Researchers at Check Point uncovered the identity of a lone hacker responsible for the defacement of thousands of official government websites, globally. Active since 2013, the hacker self-identifies as ‘VandaTheGod’, targeting a number of countries including the USA, Brazil, Dominican Republic, Trinidad and Tobago, Argentina, Thailand, Vietnam, and New Zealand, among others.
IR Case: The Florentine Banker Group: A sophisticated cybercrime gang, which researchers have dubbed “The Florentine Banker”, targeted transactions of three British private equity firms. For months, the Florentine Banker focused on its target, manipulating email correspondences, registering lookalike domains, and cashed-out immediately in phases. All in all, four separate bank transactions attempted to transfer £1.1M to unrecognized bank accounts.
Naikon APT: Cyber Espionage Reloaded: Check Point Research discovered new evidence of an ongoing cyber espionage operation against several government entities alongside the Asia-Pacific region. First reported in 2015, the group, called Naikon, was responsible for attacks against top-level government agencies and related organizations in countries around the South China Sea, in search of political intelligence. Our research team confirmed that the group has not only been active for the past five years, but has also accelerated its cyber espionage activities in 2019 and Q1 2020.
We continued our focus on security through innovation, industry research and recognition including:
Check Point Partners with Coursera to Deliver Free Online Courses: Check Point announced a new partnership with Coursera, a world-leading online learning platform with over 62 million learners globally. The partnership delivers a series of free Check Point cyber-security courses and content, helping cyber-security professionals develop their skills.
Check Point Software Receives Frost Radar Best Practices Award: Check Point received this year’s Frost Radar Best Practices Award for Growth, Innovation & Leadership in the European Mobile Threat Defense Market (MTD). The Frost Radar Award recognizes the competitive positioning of MTD solutions in Europe, and Check Point SandBlast Mobile was rated as “one of the most comprehensive mobile threat defense solutions”.
Cutting Complexity to Strengthen Security: Check Point, through Dimensional Research, conducted a survey with 411 IT and security professionals to examine security leaders attitudes towards consolidation. These findings show that non-integrated, point solutions make enterprise security more challenging. Roughly 69% of respondents agree that prioritizing vendor consolidation would lead to better security.
Conference Call and Webcast Information
Check Point will host a conference call with the investment community on July 22, 2020, at 8:30 AM ET/5:30 AM PT. To listen to the live video cast or replay, please visit the website: www.checkpoint.com/ir.
Third Quarter Investor Conference Participation Schedule:
- Oppenheimer 23rd Annual Virtual Technology, Internet & Communications Conference
August 11-12, 2020 – Virtual Fireside Chat & 1×1’s
- BMO 2020 Virtual Technology Summit
August 24-28, 2020 – Virtual Fireside Chat & 1×1’s
- Citi 2020 Virtual Technology Conference
September 8-10, 2020 – Virtual Fireside Chat & 1×1’s
- Deutsche Bank 2020 Technology Conference
September 14-15, 2020 – Virtual 1×1’s
- Morningstar Management Behind The Moat Conference
September 29-30, 2020 – Virtual 1×1’s
Members of Check Point’s management team are expected to present at these conferences and discuss the latest company strategies and initiatives. Check Point’s conference presentations are expected to be available via webcast on the company’s web site. To access these presentations and the most updated information please visit the company’s web site at www.checkpoint.com/ir. The schedule is subject to change.
About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Check Point offers a multilevel security architecture that defends enterprises’ cloud, network and mobile device held information, plus the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes.
©2020 Check Point Software Technologies Ltd. All rights reserved
Legal Notice Regarding Forward-Looking Statements
This press release contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. Forward-looking statements generally relate to future events or our future financial or operating performance. Forward-looking statements in this press release include, but are not limited to, statements related to our expectations regarding our products and solutions, expectations related to our new channel initiatives, and our participation in investor conferences during the third quarter of 2020. Our expectations and beliefs regarding these matters may not materialize, and actual results or events in the future are subject to risks and uncertainties that could cause actual results or events to differ materially from those projected. These risks include our ability to continue to develop platform capabilities and solutions; customer acceptance and purchase of our existing solutions and new solutions; the market for IT security continuing to develop; competition from other products and services; and general market, political, economic and business conditions. The forward-looking statements contained in this press release are also subject to other risks and uncertainties, including those more fully described in our filings with the Securities and Exchange Commission, including our Annual Report on Form 20-F filed with the Securities and Exchange Commission on April 2, 2020. The forward-looking statements in this press release are based on information available to Check Point as of the date hereof, and Check Point disclaims any obligation to update any forward-looking statements, except as required by law.
Use of Non-GAAP Financial Information
In addition to reporting financial results in accordance with generally accepted accounting principles, or GAAP, Check Point uses non-GAAP measures of operating income, net income and earnings per diluted share, which are adjustments from results based on GAAP to exclude, as applicable, stock-based compensation expenses, amortization of intangible assets and acquisition related expenses and the related tax affects. Check Point’s management believes the non-GAAP financial information provided in this release is useful to investors’ understanding and assessment of Check Point’s ongoing core operations and prospects for the future. Historically, Check Point has also publicly presented these supplemental non-GAAP financial measures in order to assist the investment community to see the Company “through the eyes of management,” and thereby enhance understanding of its operating performance. The presentation of this non-GAAP financial information is not intended to be considered in isolation or as a substitute for results prepared in accordance with GAAP. A reconciliation of the non-GAAP financial measures discussed in this press release to the most directly comparable GAAP financial measures is included with the financial statements contained in this press release. Management uses both GAAP and non-GAAP information in evaluating and operating business internally and as such has determined that it is important to provide this information to investors.