Acquisition

14 October 2010

NCC Group plc

Acquisition of leading US security testing business for £14.4m

NCC Group plc (LSE: NCC, "NCC Group" or "the Group"), the international, independent provider of Escrow and Assurance Services, has acquired US-based iSEC Partners Inc. (iSEC Partners), a security testing services provider, for a maximum consideration of £14.4m ($22.8m) in cash.

Highlights

·      iSEC Partners is a leading US security testing services provider with numerous Silicon Valley blue chip organisations and international financial institutions as clients

·      Provides a range of manual, automated and managed security testing services to secure applications, networks, websites and databases against IT security threats

·      Substantially increases NCC Group's presence across US and will enable the Group to provide customers with one stop testing services across US and Europe

·      Consideration £14.4m - initially £8.1m, two further payments up to £6.3m over next 26 months against performance related targets

·      Immediately earnings enhancing

·      Year to 30 July 2010, iSEC Partners audited EBIT $2.4m on revenue of $7.8m.  The order book at July stood at $3.2m - much of future revenues derived from recurring contracts with blue chip corporations

·      Financed from existing debt facilities and internally generated cash flow 

·      The Group has increased its revolving credit facility to £35m from £25m.

Rob Cotton, NCC Group Chief Executive, said:

"The acquisition of the highly respected iSEC Partners is a key strategic development for NCC Group. It substantially increases our presence and profile in the US, considerably widens our capabilities and industry IP and brings a number of leading blue chip technology customers.

"Furthermore, the acquisition will enable us to provide our UK customers with US security testing services whilst iSEC Partners' customers will now have access to our European capabilities.

"We are delighted that the very experienced and successful management team is staying with the Group.  We are confident that they will continue to enhance further their reputation as well as excellent financial track record of growth, supported by our resources and the Group's wider international client base."

ENDS

Enquiries:

NCC Group 0161 209 5200

Rob Cotton, Chief Executive

John Gittins, Finance Director

College Hill 020 7457 2020

Adrian Duffield

There will be an analyst conference call at 3.00pm - please contact Lucy Moseley at lucy.moseley@collegehill.comor on telephone 020 7457 2020 for details.

Acquisition of iSEC Partners

Strategy

Over the last 10 years the Group has secured a leading position in security research, testing, advice and forensics as well as web site performance and load testing through a combination of organic and acquired growth. 

This is the Group's fourth acquisition in the network testing and software security space, but is the first in the US.  It will substantially strengthen the Group's position in the US where iSEC Partners enjoys considerable success by supplying its security testing services to US based customers. 

The earnings enhancing acquisition will enable NCC Group to provide both wider geographical coverage in the US and Europe as well as a broader range of information security assurance services as iSEC Partners complements the Group's existing capabilities. 

iSEC Partners

iSEC Partners provides to US based customers, manual, automated and managed security testing services that enable them to secure their applications, networks, websites and databases against current and future  IT security threats.  In addition it carries out training, software development lifecycle services, instant response services, forensics, and research and software tool development.

iSEC Partners, which was established in 2004 by the current management team, is based in San Francisco, California employs over 30 full time staff, most of whom are testers and also has offices in Seattle and New York. 

Its clients include numerous Silicon Valley blue chip organisations and international financial institutions.  The business will be managed autonomously within the Group's Assurance Division by iSEC Partners existing management team and will trade as iSEC Partners, an NCC Group company.

Financing

The initial consideration payable is £8.1m ($12.8m) in cash, subject to balance sheet adjustments, with two further cash payments of up to £6.3m ($10m) in total against performance related targets over the next 26 months. For the year ended 30 July 2010, iSEC Partners reported an audited EBIT of $2.4m on revenue of $7.8m. 

The order book as at 31 July 2010 stood at approximately $3.2m with much of the future revenues being derived from recurring contracts with blue chip corporations.

iSEC Partners has net liabilities of $0.5m and has gross assets of $2.0m.  The Group will provide $1.6m of working capital facilities. Transaction costs which are expensed are about £0.75m.

The acquisition will be financed from NCC Group's existing debt facilities and internally generated cash flow.  The Group has taken this opportunity to increase its revolving credit facility from £25m to £35m, with a £2m overdraft facility, in consideration of future acquisition opportunities.

NCC Group expects to publish its Interim Management Statement on 19 October 2010. 

End

Note to editors

NCC Group Assurance Division consists of the following operating business all focused on the delivery of Information Security and Testing solutions.

Site Confidence - Testing and monitoring relevant aspects of system, network and web site performance to ensure the technology used can deliver optimum performance.

NGS Secure - Expert led security assistance, covering forensics, vulnerability research and the development of expert software to aid organisations in their on-going battle with information security breaches. Including penetration and security testing of networks and applications and security policies in practice, to ensure organisations are safe from the constantly evolving threat of unauthorised access.

Information Security Advisory - Protecting organisations against a variety of risks through the development and implementation of effective strategies and compliance with relevant Information Security standards and guidelines.

Meridian International - Specialising in payment card certification audits, Payment Card Industry Data Security Standards (PCI DSS) compliance and global strategic advisory services for card manufacturing, data preparation and personalisation vendors.

SDLC - providing a complementary range of software testing services, including business analysis, project management, test resourcing, network and application performance analysis, functional and non-functional testing, test automation, software testing and tools training.