TAC Infosec coming with IPO to raise upto Rs 30 crore

TAC Infosec 

• TAC Infosec is coming out with initial public offering (IPO) of 28,29,600 shares of Rs 10 each in a price band Rs 100-106 per equity share.  
• The issue will open for subscription on March 27, 2024 and will close on April 2, 2024.
• The shares will be listed on NSE Emerge Platform.
• The face value of the share is Rs 10 and is priced 10.00 times of its face value on the lower side and 10.60 times on the higher side.
• Book running lead manager to the issue is Beeline Capital Advisors.
• Compliance Officer for the issue is Sharon Arora.

Profile of the company

The company is engaged in the business of providing risk-based vulnerability management and assessment solutions, cybersecurity quantification and services of Penetration testing to organizations of any scale, size, and business through ‘SaaS model’. The company offers security software products and solutions both in India and internationally. Its end customers are Banks and financial Institutions, government regulatory bodies and departments, large-scale enterprises (including business offices) like HDFC, Bandhan Bank, BSE, National Payments Corporation of India, DSP investment Managers, Motilal Oswal Financial Services and NSDL e-Governance. The company’s flagship software product is ESOF (Enterprise Security in One Framework) which was launched in 2018. ESOF is a vulnerability management platform consisting of various product portfolio namely ESOF Appsec, ESOF VMP, ESOF VACA, ESOF PCI ASV, ESOF CRQ. All the products launched under ESOF Platform have wide range of applications ranging from vulnerability management solutions for web and application-based data, compliance assessment, and cyber risk quantification.

Vulnerability Management is the continuous process of identifying, assessing, prioritizing, mitigating, and remediating the vulnerabilities across the complete Information Technology infrastructure of the organization. Cybersecurity of the organizations needs to be monitored in real-time and remediated as soon as possible to avoid attacks, this activity is often overseen by organizations through vulnerability management tools or products. While, Risk-Based Vulnerability Management (RBVM) is the process of prioritizing vulnerabilities for remediation based on the level of risk each vulnerability discovered, poses to organization and IT Infrastructure. The RBVM method allows the organization to prioritize their vulnerabilities discovered on the basis of the severity, making it time and cost-effective while having a concrete cybersecurity process in place.

ESOF offers a robust vulnerability assessment mechanism that scans and identifies potential security loopholes within the IT infrastructure and along with configuration assessment, it ensures that IT systems are not only free from vulnerabilities but also configured optimally to resist potential threats. Also, ESOF’s auto-prioritization feature utilizes advanced algorithms to rank vulnerabilities based on their severity, potential impact, and exploitability, ensuring that critical issues are addressed promptly. Apart from above, ESOF also provides Asset Tiering, Business Unit Regrouping and Cyber score services. These services, coupled with risk quantification, provide senior management and board members with a well-informed and strategically planned approach to navigating the challenges and opportunities within their organizations. ESOF platform is more than just a vulnerability management tool as it provides comprehensive framework that empowers organizations to navigate the complex cybersecurity landscape.

Proceed is being used for:

• Acquisition of TAC Security Inc (Delaware, USA) and making it Wholly Owned Subsidiary thereon.
• Investment in Human resources and Product Development.
• General Corporate Purposes.

Industry overview

The IT & BPM sector has become one of the most significant growth catalysts for the Indian economy, contributing significantly to the country’s GDP and public welfare. The IT industry accounted for 7.4% of India’s GDP in FY22, and it is expected to contribute 10% to India’s GDP by 2025. As innovative digital applications permeate sector after sector, India is now prepared for the next phase of growth in its IT revolution. India is viewed by the rest of the world as having one of the largest Internet user bases and the cheapest Internet rates, with 76 crore citizens now having access to the internet. The current emphasis is on the production of significant economic value and citizen empowerment, thanks to a solid foundation of digital infrastructure and enhanced digital access provided by the Digital India Programme. India is one of the countries with the quickest pace of digital adoption. This was accomplished through a mix of government action, commercial innovation and investment, and new digital applications that are already improving and permeating a variety of activities and different forms of work, thus having a positive impact on the daily lives of citizens. India’s rankings improved six places to the 40th position in the 2022 edition of the Global Innovation Index (GII).

According to National Association of Software and Service Companies (Nasscom), the Indian IT industry’s revenue touched $ 227 billion in FY22, a 15.5% YoY growth and was estimated to have touched $ 245 billion in FY23. In 2022, the Indian domestic IT & Business Services market was valued at $ 13.87 billion and recorded a 7.4% year-over-year (YoY) growth as compared to 7.2% in 2021. IT spending in India is expected to increase to $ 110.3 billion in 2023 from an estimated $ 81.89 billion in 2021. Indian software product industry is expected to reach $ 100 billion by 2025. Indian companies are focusing on investing internationally to expand their global footprint and enhance their global delivery centres. The data annotation market in India stood at $ 250 million in FY20, of which the US market contributed 60% to the overall value. The market is expected to reach $ 7 billion by 2030 due to accelerated domestic demand for AI. India's IT industry is likely to hit the $ 350 billion mark by 2026 and contribute 10% towards the country's gross domestic product (GDP). As an estimate, India’s IT export revenue rose by 9% in constant currency terms to $ 194 billion in FY23.

Pros and strengths

Niche Brand Building: Niche Brand Building is potent competitive strength of the company as it is engaged in the business of vulnerability management solutions, cybersecurity quantification and services of Penetration testing. By focusing on a specific aspect of vulnerability management, company has increased its reach globally as well as in domestic market in this domain. TAC Security provide highly tailored solutions that cater to the specific needs and challenges of a niche market segment demonstrates a deep understanding of clients' requirements.

Easy to Use and High-Quality Solutions: The company provides High-Quality value-added solutions regarding vulnerability management and cyber risk security. The company offer a broad range of security software solutions under the brand names ‘ESOF’ and ‘TAC’. It provides various security software solutions to meet diverse user requirements which are spread across multiple price points. It is committed to providing high quality and timely solutions for its end users and hence place strong emphasis on product quality and efficient customer services. It seeks to drive greater user engagement with its security software solutions and, over the long term, building a relationship based on trust. 

Founder led company supported by a highly experienced and professional leadership team: The company is led by a Board of Directors with diverse expertise that will contribute to and participate in the organic growth of its business. In addition, many of its senior management have experience across a broad range of industries, enabling them to effectively operate the business. The strength and entrepreneurial vision of its Promoter and management have been instrumental in driving its growth and implementing its strategies. Its motivated team of management and key managerial personnel complement each other to enable it to deliver high levels of client satisfaction.

Risks and concerns

Intense competition: The company operates in an intensely competitive industry that experiences rapid technological developments, changes in industry standards, and changes in customer requirements. Its competitors include large IT consulting firms, captive divisions of large multinational technology firms, large Indian IT services firms, in-house IT departments of large corporations, in addition to numerous smaller local competitors in the various geographic markets in which it operates. The technology services industry is experiencing rapid changes that are affecting the competitive landscape. It may face competition from companies that increase in size or scope as the result of strategic mergers or acquisitions, which may result in larger competitors with significant resources that benefit from economies of scale and scope. These transactions may include consolidation activity among global technology majors, hardware manufacturers, software companies and vendors, and service providers. The result of any such vertical integration may be the greater integration of services and a larger portfolio of services on offer, in each case, relative to what was previously offered by such independent vendors. Its access to such services may be reduced as a result of such an industry trend and it may otherwise become disadvantaged relative to its potentially more circumscribed service portfolio. 

Operate in market that characterised by rapidly changing technologies and business plans: The company operates in a market that is characterised by rapidly changing technologies and business plans, which require users to adapt to increasingly complex IT infrastructures that incorporate a variety of software applications, operating systems and network protocols. As its users technologies and business plans grow more complex, it expect them to face new and increasingly sophisticated risks & threats. Although the market expects it to timely introduce improved solutions to respond to new threats, the development of these solutions can be challenging and time consuming. It may experience delays in the introduction of such new solutions, updates, enhancements and features. If it fails or is perceived to fail to respond to the rapidly changing needs of its end-users by developing upgraded solutions and introducing them on a timely, its competitive position, reputation and business prospects could be harmed.

Dependent on few numbers of customers: The company’s top ten customers contribute 96.10%, 96.09%, 90.87%, 77.13% of its total revenue from operations for the period ended on September 30, 2023, and for financial year ended on March 31, 2023, 2022 and 2021, respectively. The company is engaged in the business of risk-based vulnerability management and assessment solutions, cybersecurity quantification, cyber security, and services of penetration testing services. Its business operations are highly dependent on its customers and the loss of any of its customers may adversely affect its sales and consequently on its business and results of operations. The loss of one or more of these significant or key customers or a reduction in the amount of business it obtains from them could have an adverse effect on its business, results of operations, financial condition and cash flows. It cannot assure that it will be able to maintain historic levels of business and/or negotiate and execute long term contracts on terms that are commercially viable with its significant customers or that it will be able to significantly reduce customer concentration in the future. Any decline in its quality standards, growing competition and any change in the demand, may adversely affect its ability to retain them.

Outlook

TAC Infosec offers risk-based vulnerability management and assessment solutions, cybersecurity quantification and services of penetration testing to domestic and international organisations of any scale, size, and business through the SaaS model. The company launched Enterprise Security in One Framework (ESOF) Platform on SaaS (Software as a Services) Model in 2018 under the guidance and leadership of its Promoters and Directors. Under the umbrella of ESOF, the company has launched total of 5 Product by the name of ESOF Appsec, ESOF VMP, ESOF VACA, ESOF PCI ASV, ESOF CRQ. It also provides services of Penetration Testing, commonly known as pen testing, is a form of ethical hacking aimed at discovering and remedying security vulnerabilities in networks, systems, and applications. The company is a CREST (Council for Registered Ethical Security Testers) certified company offering assurance to clients regarding the security of their data. The company’s services align with regulatory requirements such as GDPR and ISO 2700. On the concern side, the company’s business requires it to obtain and renew from time-to-time certain approvals, licenses, registrations and permits, some of which have expired and for which it has either made or are in the process of making an application for obtaining the approval or its renewal.

The company is coming out with an IPO of 28,29,600 equity shares of face value of Rs 10 each. The issue has been offered in a price band of Rs 100-106 per equity share. The aggregate size of the offer is around Rs 28.30 crore to Rs 29.99 crore based on lower and upper price band respectively. On performance front, the company’s total income increased by 93.70% from Rs 523.63 lakh in FY 21-22 to Rs 1,014.28 lakh in FY 2022-23. The company recorded an increase of Rs 446.55 lakh being 735.07% in its profit after taxes for the period from Rs 60.75 lakh in the FY 2021-22 to Rs 507.29 lakh in the FY 2022-23. Meanwhile, to maintain and advance the company’s position in the market, it intends to continue to strengthen its Product Development capabilities, which shall enable it to innovate and develop solutions with the latest technology for existing and upcoming platforms. In addition to continued R&D and technology investments in development of new solutions, it may pursue acquisitions of, or investments in, or licensing of, technologies that complement its portfolio.