Earnings call transcript: SSH Q3 2025 stock rises 6% on strategic moves

SSH Communications Security reported Q3 2025 earnings with net sales reaching €5.5 million, a 4% year-over-year increase. The company’s stock surged by 6.28% in pre-market trading, closing at €4.40, buoyed by strategic partnerships and product innovations. Despite missing revenue forecasts of $6.9 million, the market responded positively to the company’s growth in subscription ARR and PrivX sales, alongside a new partnership with Leonardo S.p.A. According to InvestingPro data, the stock has delivered remarkable returns, with a 276.92% YTD gain and 223.97% over the past year. Current analysis suggests the stock is trading above its Fair Value.

Key Takeaways

• SSH’s stock rose 6.28% following the earnings call.
• Revenue grew by 4% year-over-year but missed forecasts.
• Strategic partnership with Leonardo S.p.A. and $20 million investment announced.
• Continued growth in subscription ARR and PrivX sales.

Company Performance

SSH Communications Security demonstrated steady growth in Q3 2025, with net sales increasing by 4% compared to the previous year. The company’s focus on product innovation and strategic partnerships has bolstered its competitive position, particularly in the subscription and PrivX sales segments. InvestingPro data reveals the company maintains a strong gross profit margin of 99.67% and has achieved a 9.74% revenue growth over the last twelve months. InvestingPro subscribers have access to 11 additional key insights about SSH’s financial health and market position.

Financial Highlights

• Revenue: €5.5 million, up 4% year-over-year.
• Subscription ARR Growth: 7.7%
• PrivX Sales Growth: 14.4%
• EBITDA: €0.8 million, down from €1 million last year.
• Deferred Revenues: €9.7 million

Market Reaction

SSH’s stock price rose by 6.28% to €4.40, reflecting investor optimism about the company’s strategic direction and product advancements. This movement positions the stock below its 52-week high of €5.66 but shows a positive recovery trend.

Outlook & Guidance

SSH expects continued net sales growth in 2025, with positive EBITDA and cash flow projections. The company is focusing on expanding its €20 million opportunity pipeline and leveraging its "land and expand" strategy to drive future growth. InvestingPro analysis indicates the company operates with a moderate debt level and maintains a Financial Health Score of 1.94 (FAIR). For detailed insights into SSH’s valuation and growth prospects, investors can access the comprehensive Pro Research Report, available exclusively to InvestingPro subscribers.

Executive Commentary

CEO Rami Raulas stated, "We aim and aspire to continue to grow and to accelerate the growth," highlighting the company’s commitment to expansion. CFO Michael Kommonen noted, "These deals are all initially medium-sized. Many customers nowadays also start kind of small," emphasizing the potential for scaling customer engagements.

Risks and Challenges

• Revenue shortfall compared to forecasts could indicate market challenges.
• Slight decline in EBITDA suggests potential cost management issues.
• The U.S. market shows only initial turnaround signs, posing a growth challenge.
• Competitive pressures from market leaders like CyberArk remain significant.

Q&A

During the earnings call, analysts inquired about the PrivX deal pipeline and growth strategy, the certification processes for NQX, and customer deployment timelines, which typically range from 9 to 18 months. These discussions highlighted the company’s focus on strategic growth and technological advancements.

Full transcript - SSH Communications Security Oyj (SSH1V) Q3 2025:

Aino Virolainen, Investor Relations, SSH Communications Security: Welcome to SSH Communications Security’s investor call for Q3 of 2025. My name is Aino Virolainen. I am a part of the SSH Finance team, and I handle our investor relations. The results will be presented by our CEO, Rami Raulas, and our CFO, Michael Kommonen. After their presentations, we will have a Q&A session, and you can ask questions by posting in the chat. The call is hosted with our own solution, SalaX Secure Messaging. The call will be recorded, and we will share the recording as well as the presentation slides on our investor pages later. I think we are good to start, so I will give the floor to our CFO, Michael. Please go ahead.

Michael Kommonen, CFO, SSH Communications Security: Thank you, Aino, and good morning also on my behalf. In the third quarter of this year, our net sales grew by 4.0%, and our EBITDA was €0.8 million. Sales reached €5.5 million, it’s up from €5.2 million in the third quarter of last year. The subscription ARR growth was 7.7%. PrivX overall sales growth was 14.4% in the third quarter. EBITDA, as mentioned, was €0.8 million. This is broadly in line with the comparison period, slightly down from the €1 million a year ago. If you adjust it for our R&D cost recording, that is in this year more cost-based than investment-based, it’s actually very close to the previous year number. We continued to see headwind from the weakened U.S. dollar, so the 4.0% growth would have been 6.6% at constant currencies.

In the third quarter, we announced the strategic partnership deal and the financial investment agreement with Leonardo S.p.A. This happened actually on the first day of the quarter, July 1. At that time, we expected the deal to close in the third quarter. It actually took slightly longer than we anticipated due to regulatory reviews, something that was basically outside the hands of us. We’re very happy to announce that a few days ago, on October 21, the deal finally closed. This happened in the fourth quarter. Looking a bit more at the numbers in the third quarter, subscription sales overall grew nearly 10%, 9.8%. Deferred revenues were down somewhat. They were at €9.7 million. This has to do with the timing of a few renewals of our products. These are contracts that have not been discontinued, but in some cases, we have been negotiating up sales with customers.

For these reasons, these renewals have slipped a bit from the third quarter into the fourth quarter. These are major invoicing contracts, and these slight delays then reflect on the deferred revenues as that invoicing did not come in in the third quarter. EBITDA, as mentioned, €0.8 million. EBIT very close to the last year’s number at €0.0 million. Cash flow for operations was slightly better than last year, €0.2 million negative. With this, I would hand over to our CEO, Rami, to elaborate on the third quarter.

Rami Raulas, CEO, SSH Communications Security: Thank you, Michael. Good morning, everybody. Today, we will have a little bit shorter presentation because in the afternoon, as I hope you’re all aware, we have our Capital Markets Day, where we will go a bit deeper into the actions and activities which have been putting in place and are putting in place to find ways to execute the acceleration of our growth. Michael mentioned already what we talked about in July, when the agreement was signed, and now it has been approved by the government officials about the strategic partnership agreement and $20 million investment into SSH Communications Security from Leonardo S.p.A. Let me say just a few words about where that strategic partnership plays a role, what we expect from it, and where Leonardo S.p.A. is actually known. Leonardo S.p.A.

may be most known for the defense market, but there’s much more than that in the group and company. About $18 billion revenue, good growth, good profitability, highly increased valuation of the market, like for most defense operators in Europe. Leonardo S.p.A. plays in different spaces: space, air, land, and sea. The strategy has been to enforce those and further develop those next generation, for instance, sixth generation fighter jet or next generation tank in partnerships with other European or global players to expedite the development times and to share the risk. You see some of those partnerships there. The most recent announcement was the establishment of a company called LBO, which is a 50/50 between Leonardo S.p.A. and the Vikar, and that would result in five or six manufacturing sites building in Europe for drone manufacturing. The important part is that this is all multi-domain.

The next generation tank, as an example, is just a computer that shoots. Everything is electronics. It’s controlled remotely. Command and control systems are integrated into the military vehicles. Cyber and cryptography and secure connections become more vital in those environments. That’s kind of the mid-term to long-term strategy that we are working on now. Not that immediate, but longer-term strategy, which certainly will play a role for our future. On the bottom right corner, you see the cyber and security division. It plays a role in cyber and security on its own, but also as a multi-domain source for all the other five divisions within the Leonardo S.p.A. group. Let’s have a bit closer look on what the cyber and security division entails because that’s where these partnerships, acquisition, and strategic partnerships have taken place.

Acquisition of Axiomatics out of Sweden, the strategic partnership with us, SSH Communications Security, and then strategic partnerships with Canary Bit in Sweden for high performance and AI computing, and Arbit in Denmark for secure network and connections, which perfectly complement our secure network encryption technology. What are the elements of operations and offering from the cyber division or cyber and security division of Leonardo S.p.A.? It’s about services, resilience, consultancy, advisory, and services on global cybersecurity. You know, identify, protect, detect, correct, and recover. You know, the usual model for cybersecurity, the so-called NIST and MITRE models. That’s called GCC, Global Cybersecurity Center. The other big part is the transition from kind of legacy applications to cloud-based computing and cloud-based applications. There’s a big shift, for instance, in the Italian government to move from just data center operations to private clouds, hypervisors, and public cloud usage.

That requires elements in software security and in operational security and cloud security. That’s where Leonardo S.p.A. is really strong. There’s also a complete portfolio for secure mission-critical environments, secure communication platforms. Like here in Finland, we have Virve and Virve2 networks, so Stimiren network technologies actually around the world. Now moving more to network to quantum-safe encryption. Quantum-safe encryption and our role with our solution, NQX there, is a key driver. There’s a lot of governmental regulation, standards, and mandates to move to quantum-safe being built into all the solutions and being implemented in customer environments, whether they are network connections, servers, databases, applications. It’s a big journey. We will talk more about that in the afternoon. It’s all about Europe made in Europe, based European, helping European strategic autonomy and sovereignty in the area of cyber security.

Our solutions now, the outcome of the strategic agreement, is that our solutions are integrated within Leonardo S.p.A.’s industrial capability and domain-specific knowledge to all the markets that are there. The last but not least is also an area of common interest, which is high-performance computing and leveraging the technologies of AI, generative AI, agentic AI, and older AI technologies and also in cybersecurity. We’ve been focusing on, I’ve been talking about in the earlier quarterly reviews, we’ve been focusing on growth opportunities into new segments for us, starting from five years ago or so to defense, which you saw here, to OT security, manufacturing, and supply chain security, which is nowadays in Europe, governed also by new legislation, these two. There is a mandate for organizations to be better equipped and prepared.

I mean, we don’t want to see the JetBlue and Land Rover type of billion dollar or billion euro losses on the market. And critical infrastructure. Here’s an example just to give you an idea of where Leonardo S.p.A. plays in critical infrastructure markets. Transportation, high-speed trains, digital twins for watching that roadworks and railways are intact, ports and logistics, oil and gas and energy altogether. Our first common customer is in the energy, one of Europe’s largest energy grid operators. That’s already taken place. This is a perfect match to where we’ve been focusing as well if you think back to what we’ve been announcing and talking about customer cases in the past. The work is now starting, has already started. It’s moving our solution suite into those customer bases together with Leonardo S.p.A. Just a few words about where we are. Global company, continue to do so.

Of course, now we have a strengthening opportunity, especially in Italy, Poland, UK, but globally as well. Leonardo S.p.A. is actually very strong in the Middle East and Asia as well, which is where our growth predominantly has been the highest. In Q3, we grew in ABAC 15%, in Europe nearly 7%, and in the U.S., I mean, the United States or Americas has been a turnaround game. With the lead of Sean McAllister, young and energetic, and energy there, we have now built a new team. I think we’re beginning to see signs of a turnaround now in Q3. The sales in the U.S. actually grew 3.5% measured in local currency, United States dollar, but in euros, because of the weakened dollar, not so. We want to really have a balanced growth in all the regions and are putting our efforts in all the regions.

Of course, now the immediate benefit and cowork with Leonardo S.p.A., we have people already in Rome working together with Leonardo S.p.A. I expect that the biggest growth opportunity is moving forward together in this partnership, both being predominantly in Europe, but also in Asia, Middle East, and in Americas as well. We’ve been in the past couple of years not only developing new products and adding products to our portfolio. New to our portfolio is file encryption. I mean, there are actually five ways of doing file encryption. You know, encrypted file transfers with TechTIA or managed file transfers for patch management, for instance, updates into industrial systems through PrivX, making sure that there are no viruses or malware in the files.

A lot of government organizations and public organizations and finance organizations use SalaX Secure Messaging, secure mail, turvaviesti in Finnish, and turvahuone, secure rooms to share critical sensitive information, also large volume, large files which don’t go through normal Microsoft mail at all. We’ve added functionalities to our PrivX, which is the core growth engine. The subscription sales in PrivX grew 17% in Q3. We’ve added more functionalities and new use cases for network encryption as well, which is now picking up the whole notion of post-quantum encryption. We see large banks looking for alternatives to segregate their routing and firewall networks from encryption networks. We’ve been having some initial tests and trials there. We see some telecom operators also segregating networks like that.

For instance, we have really good test results from a non-European defense organization for NQX in post-quantum encryption, where the throughput using all the latest post-quantum technologies is 97% of the line speed. Hardly any degradation of performance, whereas a major, another European competitor can only throughput 20%. Massive performance benefit and advantage over some competition. This portfolio becomes part of Leonardo S.p.A.’s made in Europe zero-trust quantum-safe offering. Let’s have a few words about each of the three product segments. By the way, what we have also done, we have integrated these together. When you think about an OT environment, everything has to be secure and segregated. No openings, no connections are open by default. Everything is not permitted until it is permitted.

We have integrated now our solutions so that when the access is controlled by PrivX for a service engineer, for instance, to do maintenance work or update, PrivX will command NQX to open a tunnel, which is only valid for the duration of the work. Then it’s done, gone. Really, really unique and advanced way of not having any ports, not having any connectivity open for wrong people to get into the right place from their side. Really fighting against these ransomware threats that we see so much nowadays in OT and critical infrastructure. I think the business opportunity for us is that, like I said earlier, the firewall networks and encryption networks are separating. There is also a standard for that from the National Institute of Standards and Technology in the U.S., which many U.S. organizations are following. There’s a crave for high-performance networks with modern encryption as well.

Indeed, the reason why this segregation is happening, we’ve seen, maybe you remember, we’ve seen a hack to AT&T. That was a state-orchestrated attack getting access to the backdoors of firewalls. We don’t have a backdoor in our solution. Most recently, now F5 has been hacked and customers are in a vulnerable situation. Relying on the connectivity just on one network and one vendor can be vulnerable. We announced for NQX, we announced an additional deal in Q3 as well in the defense space.

SalaX Secure Messaging, we decided two years ago, roughly, to modernize and have kind of the next step to secure mail and secure rooms by beginning to offer also a secure messaging platform like Slack type of or Teams type of a solution, but in a secure way, in a way that customers can have their own sovereignty, managing the data and encryption keys in their own hands, that not being in the public cloud or American clouds for potential shutdowns like we’ve seen for some cases or other risks or access, for instance, AI training access like we’ve seen from some players in the U.S. We’ve also integrated SalaX Secure Messaging now into a couple of things. We’ve integrated it with the kind of legacy public safety networks like Virve, which is Tetra-based networks. We have now integrated into modern 5G public safety networks as well.

We have further customer engagements in Finland, in the Nordic market, in Central Europe, and in Asia. There is also interest from the U.S. for out-of-band communication solution. Here’s an example of how we actually use our own. This is a picture of, I hope I’m not revealing anything sensitive here. I am not. How we did our due diligence with Leonardo. Certainly, we wouldn’t put all the material that is required in a due diligence into a SharePoint or Google Drive. Come on. It has to be encrypted. It has to be available only for those people who have granted access and who are identified and authenticated very strongly. Only then dare we share the information. That’s indeed what we did. A massive project and went really smoothly. Everything was protected, well guarded, and only the relevant people had access to the relevant information.

This is how you need to do it. We also, by the way, our own board communication, board meetings are done on our SACS platform, not on WhatsApp or Signal or God knows what. Finally, our main growth engine, as I said, PrivX. We introduced a new version again, PrivX 41. PrivX is a really complete solution, our 41 version since 2017. In the afternoon, I will talk more about that and some analyst views, very positive analyst views that we have just received recently in the past two weeks and in the coming weeks as well. I already did mention that we’ve also taken the effort to integrate PrivX and NQX together. That makes our offering unique. None of the network vendors can offer a similar solution, and none of the PAM or privileged access management vendors can offer the same solution.

Not really even the market leader now, the Palo Alto by CyberArk. They still have years of integration work ahead of them. I wanted to share a few new customer wins that we announced through a press release some weeks back or a month back, just to give you a flavor of what kind of new customers we are engaging with and are able to win. This is just kind of a sample of some customer cases. Here’s one customer case. This is another one, which is a public reference as well, the Ministry of Interior in Estonia, when we went through a competitive bidding process and won it. It’s about access to sensitive data, whether it’s on databases, servers, files for the Estonian government agency for handling data that is related to police, border guard, rescue board, emergency response center, supporting both legacy environment and modern cloud environment.

Estonia is very advanced in digitalization, like Finland, and very much using private cloud and generic cloud with secure protection and secure processes around it. It just gives a lot of benefits, not only the security and auditing that the critical work can be monitored. It can be recorded. There’s an output of audit data from that, but also for the high performance and ease of use for administrators and developers to use the system. We have a really exciting new customer win. I actually ordered even more in Q3. One of the top five trading or asset management trust fund management companies globally. Very modern IT architecture. There’s some legacy in there, but mostly everything is fully automated and in a hybrid private cloud and public cloud environment, utilizing a lot of high-performance computing and AI in automating things.

Actually, they needed a lot of AI capability, calculation capacity, which means NVIDIA H200 chips, couldn’t get the resources enough from cloud service providers. They built their own data center in Iceland and equipped that with NVIDIA HPC. The first use case was the access to that data center through PrivX. I was expanding to other areas as well. The reason why we were able to win that against the market leaders like CyberArk and BeyondTrust or some other newcomers like Teleport is the modernity and scalability and high level of automation of PrivX. We, of course, aim to repeat that use case with similar kind of companies and continue to work with that company more in global as well. In Americas also, we were able to win a new service provider in the telecom area.

It’s about access to virtual machines and applications, integrating the user data from identity management solutions. Once again, the performance and quick access to environments was important. This customer is one of quite a few that have actually dropped and changed from the market-leading solution and replaced that with PrivX because they found that legacy system, which is about 20, 25-year-old software already, found it too cumbersome, too expensive, too complicated to deploy, maintain, and run. The total cost of ownership and return of investment was a real benefit in the case of PrivX. These were some of the examples of cases. Of course, where we aim to work on now, the effort we’ve been putting in the past couple of years in building our channel, building our partners, now getting the partner, Leonardo, partnership together, changing now our marketing activities to create more demand and awareness for our solutions.

We aim and aspire to continue to grow and to accelerate the growth as well. With that, Mika, maybe you want to join me and you can say a word about our forecast, which doesn’t really say that much. Yes. For the outlook, we are restating what we have said this year previously. We expect net sales to grow in 2025 compared to the previous year. We estimate EBITDA and cash flow from operating activities to be positive for 2025. Here you can see the numbers from the comparison period on the slide. Thank you, Michael. I know I think it’s time for Q&A and my questions.

Aino Virolainen, Investor Relations, SSH Communications Security: Let me check the chat for questions. All right. We do have a question from our Red Eye analyst. Good day, Rami and Michael, and thanks for taking my questions. I guess I will get a lot of answers during the CMD later today, so I’ll be a bit brief and ask some quarterly specific questions here. You recently announced several PrivX deals with a lot of different customers, so congrats on that. Should we interpret this as some kind of turning point in terms of growth acceleration, or was it more of a one-off in this specific quarter?

Michael Kommonen, CFO, SSH Communications Security: Yeah. Thank you, Jakob. Excellent, excellent question. We’ve been putting a lot of effort in building our pipeline because we need opportunities that we could win and turn into deals. I mean, you win some deals and eventually the question is how many of the deals that we’ve been able to develop from events or marketing or peer referencing can we actually turn into real cases and win them. We have built a pipeline of over €20 million worth of cases and won quite a substantial part of that already. These are part of that real pipeline of new established potential cases. Opportunities have just materialized. Of course, they don’t show in Q3 revenue because they are all subscription-based. They will be visible in the coming months based on that way of recognizing revenue.

Maybe in addition to that, because I know you might probably be asking that, what are the size of these deals and what can we expect from that for the future revenue then? I would categorize our business so that when we talk about, for instance, PrivX type of a kind of an access management, larger access management solutions, there are small deals which are below €50,000, and there are medium-sized deals which are €100,000 to a quarter of a million or €300,000. We also have larges, which are half a million and beyond, up to a couple of million. These deals are all initially medium-sized. Many customers nowadays also start kind of small. They have a big landscape, but they take a use case. Maybe it’s a DevOps use case or database access use case. They prove the point and then they expand.

Like I mentioned, that one company actually expanded after two months, which is kind of record quick, but maybe a bit unusual as well. In some of these customer environments, we start a bit smaller and then there’s an opportunity to grow. By the way, with that ISP vendor, we’re also negotiating now a continuation or addition to that. Sorry for a bit longish answer on that one.

Aino Virolainen, Investor Relations, SSH Communications Security: All right. Thank you. Regarding the EU and NATO certification process for NQX, is that going according to plan, and what will happen once certified? For example, do you already have dialogues with potential customers within NATO or the EU that are waiting for you to get certified, or can you start actively working towards these prospects once the certification process is over?

Michael Kommonen, CFO, SSH Communications Security: Thank you for the question. The certification process is ongoing with the National Cybersecurity Agency and is scheduled, expected to be on time, toward the end of the year. We have, of course, discussions ongoing already on that. Some of potential customer cases will be pending on those approvals, but it doesn’t stop us from moving forward. Of course, now with the partnership with Leonardo S.p.A., which is a really strong player in NATO, obviously opens us new opportunities to have dialogues in that space, which would have been a bit more difficult for a small player like ourselves, even having the certification. We’re not waiting for the certifications to come to push forward. By the way, there’s also going to be another certification that we have started to work on now recently. It is obviously, for instance, for the Italian government and defense.

Aino Virolainen, Investor Relations, SSH Communications Security: All right. Thanks for the color on the PrivX deals. A follow-up on that land and expand strategy. Can we have a ballpark figure of how long the cycle is from land to expand to full rollout across large customers? Two years, three, five?

Michael Kommonen, CFO, SSH Communications Security: Yeah, very, very, very good question. First of all, the reason why this finance company, the trading or funds asset management company, chose us was that they said that they won’t be able to deploy in two years, which is the norm for these massive legacy monolithic applications, of which I’ve mentioned a few names earlier. They needed to deploy in months or weeks. Indeed, after the automation scripting and testing was done, they actually rolled out in production in three days. There were weeks ahead of that work of preparation for it. The deal, through the throughput time to win deals, is in the average, I would say, between nine and 18 months. We have some cases, but they have taken.

Rami Raulas, CEO, SSH Communications Security: Sorry, months?

Michael Kommonen, CFO, SSH Communications Security: Months, yeah. Sorry. What did I say?

Rami Raulas, CEO, SSH Communications Security: Years.

Michael Kommonen, CFO, SSH Communications Security: No, okay. Not that long. Nine to 18 months. Some have even taken some customers two years, but I would say that’s the average. I mean, these two deals that I mentioned in the slides here took less. They were about five to six months time. The reason for that, I would say, is that we were able to get into the dialogue at the right time. Customer, they had a problem, they had a need, they were looking for solutions, and we were able to enter and entertain the dialogue early on. Now, what comes to then potential landing and expanding from that? Surprisingly, positively surprisingly, a couple of these new customers have started to do it after a month or two already, once they have communicated the benefits and deployment model to their peers and other divisions in the organization.

I would say typically, after the first rollout, kind of completion of the whole estate, will take typically for customers between six to 12 months. As an example, as a proof point for that, we have two of the top six paper and pulp companies in the OT space with PrivX. Both started deployment in a few sites, a few factories, the biggest ones. Then they roll out to 40 sites, 70 sites, even in the other case, of course, four geographies in nine months. To me, that’s a good performance and a bit unusual in the industry. Normally, these projects would have taken with the legacy type of solutions a year and a half, two years.

Aino Virolainen, Investor Relations, SSH Communications Security: All right. Thank you very much for your questions, Jakob. I do not see any other questions in the chat, so we will close the call. Thank you very much for everyone who joined. We, as Rami mentioned, have the Capital Markets Day later today. Our next investor call will be in February when we publish our results for Q4 and full year 2025. Thank you again for joining us, and we hope to see you later.

This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.