Last week ArchTIS announced its annual results, an acquisition and a capital raising!

The team has been busy, FY25 results were not great but they weren’t bad either. A drop in revenue from lumpy Services revenue was offset by AR9 demonstrating good cost control and prudent balance sheet management.

The acquisition of Spirion and capital raise is of more interest and not just because their logo  is so much better than AR9’s .

I’ve been an AR9 shareholder for 5+ years now and every time there is a major cyber breach I think to myself... why doesn’t (say) Qantas buy AR9’s Attribute Based Access Control technology? Actually, why doesn’t anyone buy it but the DoD? The answer being AR9’s tech requires some heavy lifting to implement. An organization needs to know where all its sensitive data is before they can decide what Attributes a user should have to access it.

I assume the Defense industry buys it because they have a heightened understanding of the capabilities required to protect the secret squirrel stuff. EVERYTHING is Defense is sensitive; it all needs to be protected and only 007 can read it when his iPhone has the correct GPS coordinates… The downside trying to sell into Defense is that procurement is wrapped in massive bureaucracy, so uptake has been very VERY slow.

Spirion on the hand does the Data Discovery piece (hence the sniffer dog). Its software helps mostly industrial customers, locate sensitive data within the myriad of technology platforms companies use. I’d be willing to bet, within your organization, some junior accountant has a copy of spreadsheet that was extracted from the main operating system with all customers’ names, contact numbers and revenue generated. It was no doubt extracted for good reason, like doing some analytics the operating system isn’t capable of, but now that spreadsheet is sitting on a shared drive and multiple copies are sitting in various people’s inboxes. Spirion helps companies find their sensitive information, so they can then protect it.

This acquisition is about combining those capabilities, so that the ArchTIS and his new blue dog can offer the end to end process to both sets of customers.

However, all acquisitions come with risk, this is an asset sale, i.e. AR9 are about to try move physical assets, Customers, Suppliers and Employee contracts over to AR9. All of those things require willing 3^rd party participants.

The headline read AR9’s are buying Spirion’s ~$45m investment in its technology stack for ~$16m, hmmm that sounds too good to be true, because it is. The delta lies in the pro-forma combination balance sheet where we are also taking on negative ($14m) cash on hand (The bank account is in overdraft I presume) and a $7m deferred revenue liability, i.e. the customer has paid, but Spirion/AR9 haven’t yet delivered.

Whilst the combination of adjacent Cyber capabilities sounds wonderful, Revenue Synergies are much harder to achieve than Cost Synergies. Bringing these two organizations together will require skillful execution and a bit of luck.

This could be the greatest thing since sliced bread, enabling AR9 to sell this combined tech into a much wider spectrum of customers OR… AR9 have just been convinced to catch a falling knife…. time will tell!

Tomorrow the cap raise offer opens and is priced at 15 cents per share, I will participate!

Cheers

JM

On Monday @Magneto and I are holding a Strawman Rest-of-World meeting.. We're not going to compete with Melbourne or Sydney but we'll have fun. Turns out Magneto lives in Dubai but is in Singapore for a few days. 

We plan to meet for lunch at Maxwell Hawker Centre if anyone else is randomly passing through you're welcome to join!! My shout for Popiah, Char Kway Teow and Chicken rice. 

I’m looking forward to my first SM catch up and discussing all things Investing..

disc.. it wouldn’t let me post a straw without selecting a company.. might as well park this under AR9!!

My consolidated notes from today’s meeting. Thanks @Strawman for hosting and organsing!

Problem solved:

Ensuring data can be shared with only the right people at the right time. ArchTIS seeks to secure user data via attribute-based access control (ABAC) security. @Strawman can view file X or Y based on a defined list of attributes; the device being used, the type of network access, his internal security settings etc. These attributes also move with the file. Send/move the data to another user, same attributes check applies. This way if the network boundary is comprised, the damage remains limited to the user access utilised. It operates in the background – a user never sees the policy implementation occurring.

Industry drivers:

Geo-politics and military strategy and policy. This looks like western military and government alliances driving uplift of security spending globally. Daniel also gave a kill chain example of joint force integration; Where if I understood it, an ADF sensor, passes data to a US command system, who then uses a third nations military platform to shoot at the target – the data centric security across that must be complex!

Growth reasons:

Most organisations have a low level of maturity in this space.

Some governments have mandated moves to data centric architectures by 2027.

Daniel spoke to the network effect. Noting they are B2B (not B2C), and that they have customer credibility now to grow (US DoD, Australian DoD, and some NATO stuff and JSDF stuff?) This will lead into the Defence Industry as well as these nations grow their defence capabilities. ‘Social proof’ as @Strawman put it nicely.

Three (four?) products:

Trusted Data Integration (TDI) – I missed what this does.

NC Protect – used for M$ applications and cloud things.

Kojensi – is middleware that sits on any platform and can achieve attribute-based security.

He spoke to a recent acquisition Direktiv – this also enhanced their backward compatibility of the diverse data environments that are seen in large government departments (such as a DoD). He gave examples of a mix - windows 11, windows 10, cobolt, c++ etc.

Overall – I got the sense they can integrate any existing data set and so the customer can choose to avoid additional upgrades if they wanted to.

Threats/Competitors:

Daniel mentioned examples; PaloAlto, Microsoft, VMWare, etc, and said yes, everyone is into data centric security – but they are often network or application bound. And if they aren’t, not many other companies go to level to make commercially applicable software for military use and standards. He said some of them even come to ArchTIS to do the last mile for their software?

He also seemed comfortable with having competitors, as it creates a market and proves the requirement for ArchTIS existence. Makes sense that a CEO would say this.

AI implementation:

Daniel gave a round-about answer. More of a question to the question. He spoke broadly to a ViaSat data spill where a user uploaded data to a LLM AI. He spoke to the complexity of securing AI in a container/classified environment but not impact its productivity. At least he didn’t try and sell AI!!

2024 Revenue split:

I asked about ~50/50 revenue split of integration/consulting and licences in FY24. Daniel said that won’t be here this year. The consulting was the positioning/credibility/convincing phase last year, and expects that to be significantly lower compared to licences revenue, and whilst consulting it will stay, won’t be the driving revenue generator. Integration will stay (installing their platform).

Company goal:

Daniel spoke to targeting 100mil then 150mil revenue and then ‘seeing where they go form there’. He spoke to shifting into other verticals (banking, etc). It gave me the impression he is targeted and focused on the Defence vertical. It would an orange flag if ArchTIS started drifting or chasing other verticals too soon. I also wouldn’t be surprised if ArchTIS was bought-out by another player – not sure who would though (I haven’t done research) – it just felt like his answer was ‘grow because that’s what you do’.

TAM/User licences:

Daniel artfully dodged my question about TAM and licences. Or perhaps I didn’t ask it clearly. It relates to not everyone in an organisation having/needing a licence. I’m told not everyone in the ADF has secret and top-secret clearances, which means there won’t be 57k user licences to sell to the ADF (which has a workforce of 57k people).

Another example is the US agency that Daniel said has 1000x licences with ArchTIS. That agency has 450k employees. He did and did not say that there would or would not be a licence for each person, and spoke broadly to enterprise licencing.

My concern remains that calculating estimates off department total staffing appears to be inaccurate in the military context – which is their primary vertical. This makes it hard to estimate growth.    

This was an interesting chat. I'd never really looked at archTIS before, but a few things peaked my interest. Mainly the fact that they seem to be steadily gaining traction across some notable refence clients.

Some key points from the discussion, which i used AI to summarise from transcript: AR9 Transcript.pdf

Big picture / what archTIS does

• Provides secure, data-centric collaboration software that controls who can access what data, when, and under what conditions.
• Customers include governments, military, defense contractors, and law firms.
• Addresses the problem that data is often only protected at the network boundary (firewalls, antivirus), leaving it exposed once breached.
• Their approach protects the data itself using attribute-based access control (ABAC), combining factors like user identity, location, device, network, and security clearance to set dynamic access rights.

How it works

• Example: A user may access secret information on a corporate laptop in the office but only unclassified info on public Wi-Fi.
• Access controls travel with the data — forwarding a document doesn’t bypass restrictions.
• Integration is invisible to end users and works inside platforms like Microsoft 365, Teams, and SharePoint.
• Supports both new and legacy systems, strengthened by the acquisition of Direktiv, which adds integration and middleware capabilities.

Market and growth drivers

• Zero-trust, data-centric security is the fastest-growing area in cybersecurity.
• Geopolitical tensions (US, NATO, Taiwan, Middle East) are driving demand for secure joint force integration across allied militaries.
• US Department of Defense (DoD) and other defense agencies are mandating zero-trust architecture adoption by 2027.
• Strong network effects: winning one department or country opens doors across allied forces and industries.

Business strategy

• Founded in 2006 as a consulting and systems integration firm; transitioned to product focus after listing in 2018.
• Revenue is shifting from roughly 50% services to more software licensing and recurring revenue (ARR).
• Main products: Trusted Data Integration (TDI), NC Protect (for Microsoft business apps), and Kojensi (original flexible platform).

Scaling challenges and opportunities

• Company is at an inflection point, moving from early reference customers to large-scale deployments, such as within the US DoD.
• The US defense market is the largest in the world, accounting for about 40% of global defense spending.
• Plans to expand the US team, including additional hires and 24/7 support, to capture this opportunity.

Financial goals and profitability

• Targeting gross margins of 80–85% in line with SaaS business models.
• Recent $7.5 million capital raise will fund US expansion, global strategic partnerships, and continued product development.
• Intentionally moving away from low-margin service work toward high-margin software licensing.

AI integration

• Using AI internally to help customers simplify policy management and improve usability.
• Exploring how to help clients deploy AI securely in classified or sensitive environments, preventing data leaks.

Competitive position

• Big players like Microsoft, Palo Alto, and Cisco focus on network and application security, but archTIS specializes at the data level.
• The company has a defensible niche in high-value, security-critical markets and partners with larger firms to extend reach.
• Strategic focus on alliances and OEM opportunities to accelerate adoption.

Key takeaways

• archTIS has moved through the long early phase and is positioned for non-linear, S-curve growth.
• Management is focused on repeatability, profitability, and scalable growth.
• Leadership emphasizes staying disciplined and focused, avoiding distraction from its core mission.
• The company aims to become the dominant player in secure, data-centric collaboration for defense and critical industries.

Yesterday the CEO of ArchTis did an Investor webinar to explain the recent contract wins with the U.S. DoD and the UK. https://vimeo.com/1096773365

The excitement is how this business can scale now that it has its foot in the door with both the U.S. and NATO. Dan does a great job of explaining the tech and the opportunity.

At the 21 min mark Dan addresses a question about the ASX trading suspension, he was….. very polite about it. “Just the ASX doing its job”. The suspension did however take the wind out of the run up.

But that’s OK, I first bought shares in June 2020 at 5 cents, hopefully we don’t need to wait another 5 years for some decent contract wins.

A nice contract win for Archtis.

• is pleased to announce that the Company has received an award for up to $430k (including GST) from the Australian Department of Health to advise on architectural changes toward the creation of a data-centric organisation.

The contract is to be delivered this financial year.

There are a couple of important aspects to this contract.

1. It is for a more mainstream agency, outside of the national security agencies
2. They are being paid for their advice to design the future IT architecture, which will undoubtedly include installing their products. THere is a good chance that the agency understands this and is predisposed to doing so.

• archTIS Awarded $7M Contract with the Australian Department of Defence
• Largest sale in company history for Kojensi to secure information collaboration across the agency
• Total contract value is $7.03M (inc. GST) over two years which includes $3.44M in recurring revenue over a two-year period and $3.59M for services, support and hardware for the expanded growth and implementation of Kojensi (payable on delivery)
• Follows the recent OneDefence win with KPMG to deliver the overall data security strategy for Defence.

Obviously a nice win and they are clearly strong in AUS Defence. It's a bit of a stretch to include GST and the ARR is over 2 years - so the ARR kick is $1.56M - which is a really good boost.

I think the future of the company is with their NC Protect in the US. They have a partnership agreement with Microsoft for joint marketing and MS have introduced them to sales. That product now on a general purchase list for US Govt. No significant announcements for sales for a while though.

archTIS Continues to Expand Customer Base with Key Global Wins

Highlights

•  Key customer wins validate secure collaboration portfolio of products including:
•  Flinders University selects Kojensi SaaS
•  A Dubai based mobile communications provider selects NC Protect o Key renewals and license expansion of NC Protect in the US market, including a large Manufacturer, a Health Insurance provider and a Life Sciences company

archTIS Delivers Strong 1H FY2021 Results

1H FY2021 Financial Performance and Operating Highlights

•  Total revenues of $1,111,763 delivered vs $242,877 in comparative period, up 358%
•  Recurring revenues of $459,235 vs $100,843, up 355% on comparative period
•  Gross Margin of $809,946 vs $118,041, up 585% on comparative period
•  Strong financial position to support future growth initiatives with cash balance of $12,104,531 at 31 December 2020 following an $8.4 million capital raising during the period
•  Landmark Australian Department of Defence contract awarded with a value of $4.2 million 
• Transformational Nucleus Cyber merger completed in December 2020