CY4GATE S.p.A. — Investor Presentation 2023

Jun 26, 2023

Cy4Gate Mid & Small - Virtual 2023

June 2023

TABLE OF CONTENTS

• Our Growth
• Strategic pillars
• Governance and Shareholders
• Portfolio and markets
• Financial performance
• ESG
• Q&A
• Solutions and Services

Fast growing and attractive group…

Delivery on track on all Strategic pillars

GROUP & SHAREHOLDERS

TEAM

Domitilla Benigni

CHAIRMAN Emanuele Galtieri CEO & General Manager

Marco Latini CFO & Investor Relations Manager

Board of Directors

CY4Gate is present in two main markets:

Cyber Intelligence & Cyber Security

PORTFOLIO OVERVIEW

CYBER INTELLIGENCE

online and generate added value insight thanks to AI

Double digit growth

Source: Markets & Markets, industry reports and expert interviews

9 ⁹

CYBER SECURITY

Source: IDC, industry reports and expert interviews

MARKETS

GEOGRAPHICAL PRESENCE AND MARKETS SERVED

The company mainly operates in Italy, is also active in Spain and is increasing its presence in Germany and France. It also has a global presence, with clients in the Middle East, South East Asia, and Latin America.

	10.7	86%	14.4	85%	41.2	63%
	1.8	14%	2.6	15%	24.2	37%
	12.5	100%	17.0	100%	65.4	100%

Note: Calculated on operating revenues, Cy4Gate 2022 pro-forma full year

4 new Cyber Security solutions

Financial performance

FY 2022 Key data1

Group (12 months of Cy4Gate + 9 months of RCS)

14

FY 2022 Revenues Breakdown

Note: Cy4gate Group results include 12 months of Cy4Gate + 9 months of RCS Note: Calculated on operating revenues

• Large increase of staff from acquisition (~x4 total FTE), playing a pivotal role in the Group strategy to access talent 442
  • Hiring focus on engineering to increase capabilities in core domains, with positive net effect on the organization post deal

Our comittment for a greater sustainability

UN Global Compact & SDGs

By joining the United Nations Global Compact, CY4GATE shares, supports and applies the fundamental Ten Principles of the Global Compact in its sphere of influence and actively contributes to the achievement of the United Nations Sustainable Development Goals.

CY4GATE has included in 2023- 2025 business plan investments to adopt its Social Report structured on the indications contained in the GRI (GRI 200, 300, 400) and GBS standards. And, we will contribute to the

achievement of the following 6 of the 17 goals of the 2030 Agenda for Sustainable Development.

Goal 4 Goal 8 Goal 9

To ensure inclusive and equitable quality education and promote lifelong learning opportunities for all

Goal 12 Goal 16 Goal 5

To ensure sustainable consumption patterns Relating to Peace, justice component of security, and security constitutes the prerequisite for peace, prosperity, international

decent work for all

cooperation, economic and social development.

To promote sustained, inclusive and sustainable economic growth, full and productive employment and To build resilient infrastructure, and to promote inclusive and sustainable industrialization and foster innovation

and strong institutions. Defence is a crucial To achieve gender equality and empower all women and girls, for operational efficiency and social inclusiveness, actively promoting the implementation of the Women

Empowerment Principles.

production and

18

Business ethic and human empowerment Governance Human rights Relationship and working

• Solid corporate governance
• Sustainability-oriented strategies and policies
• Responsible business conduct
• Information security and privacy
• Transparency of information towards investors
• Prevention to corruption
• Prevention on anticompetitive behaviour

• • products
  • ‒ in People management
  • ‒ in the gender equality and diversity empowerment
  • ‒ in the supply chain management

• People management and care
• People empowerment
• equality

• Energy efficiency and emissions reduction Waste management Leadership in innovation
• Use of water resource

• Customer relationship management
• Responsible management of the supply chain

community

• Protection and safety of the community
• IT security and critical infrastructure protection

19

THANK YOU

Solutions and Services

QUIPO Automation for Decision Augmentation

QUIPO DECISION INTELLIGENCE

The Right Information, At The Right Time, To The Right People, In The Right Way

QUIPO is a Decision Intelligence platform based on AI algorithms that transforms data into knowledge and provides Decision Support and Decision based on conventional IT technologies

analysis, dissemination and production possibilities

How Is It Different?

• for the efficient management of structured and unstructured data
• AI Technologies to automate and augment the analysis activities. Different modules (semantic module, image tagging/face recognition modules, "anomalous behaviour" module) which works on machine learning, cognitive computing and deep learning
• Multiyear experience in the intelligence domain and enterprises security transformed into a platform that supports analysts from A to Z

Observe – Orient – Decide - Act

Decision Intelligence = Decision Augmentation Use of predictive algorithms (what will happen) together with prescriptive algorithms (what to do) exponentially

RTA Real Time Analytics

Upgrade your threat detection tools

Drill down and Situation Awareness visualization tools allowing for a more accurate analysis of threats.

-

Solution Architecture (Processing)

RTA: Augmented Incident Management Process

Cyber Threat Intelligence

area defined objectives

Cyber Threat Intelligence
The Cyber Threat Intelligence (CTI) Fusion Model developed	Sharing Tactical Cyber Threat Intelligence across distinct protocols and services
by Cy4gate offers various advantages to a company with respect to a standard approach:	Benefit from a fusion (Collection, Data Feed Processing and Dissemination) of Benefit from a fusion (Collection, Data Feed Processing and Dissemination) of intelligence data that allows it to be used for Security Defence intelligence data that allows it to be used for Security Defence
	Sharing Contextualized Tactical and Operational Cyber Threat Intelligence Sharing Contextualized Tactical and Operational Cyber Threat Intelligence
Enable the company to approach CTI effectively while 	Using CTI Feeds related to specific industries Using CTI Feeds related to specific industries
avoiding high investment costs for platforms and	Daily CTI Report sharing with tactical type intelligence Daily CTI Report sharing with tactical type intelligence
specialized skills, growing gradually and consciously in this	Sharing CTI Report with operational type intelligence
area	Sharing the CTI Report with strategic type intelligence
Make daily use of qualified CTI data sources  (commercial and open source)	Dedicated on-demand support
Benefit from intelligence that is already processed and  immediately usable through an optimized, enriched, and contextualized data type concerning the client's
technological environment and its target market
Receive periodic reports of various types with well  defined objectives

Cyber Threat Intelligence Fusion Service Delivery

The Cyber Threat Intelligence, FUSION service, is delivered through both the

SENTRY Mobile APT-Detector

Sentry is a solution for the analysis and detection of malware on Android based devices in order to verify their compromise. Unlike an antivirus that analyzes threats against known items, Sentry detects by analyzing mis-configurations and anomalous behavior at the system level attributable to compromises by APT (Advanced Persistent Threath) agents. It is a physical device or one that can be managed centrally via app and WiFi network which, once connected/installed on the device to be controlled, returns an output (OK/KO). Sentry is structured in 3 main items: • License for "Sentry Core" • "Sentry Mobile Sweeper" Terminals

-

PRODUCT

WHAT'S A CYBER RANGE?

A virtual environment that enables organisations to simulate cyber combat training, system/network development, testing and benchmarking.

Learn more

DIATEAM Hands-on Cyber Twin Solution Hybrid Digital Twin

Solutions and Services Product Services

Virtual environment that enables simulated cyberattacks, systems development, testing and benchmarking

Emergency response for declared incident (e.g., ransomware, data leakage)

Cyber training

Skills development training, in particular, threat recognition and management

Virtual environment with Hardware and Software in the loop to test networks and OT infrastructure and cyber defense tools.

• Tailored environment • User-friendly PRODUCT FEATURES

-

-

• Open Platform API
• Remotely run actions within the Cyber Range
• USB Plug & Play
• Full content catalogue
• And much more

Learn more

WANT TO KNOW MORE?

Click below for further info about our product features.

TESTING

Cyber Range offers the capability to test new technologies before implementing these in real life scenarios.

• Is the technology secure?
• What effect will the technology have?
• Run different scenarios
• Real-life & simulations

DIGITAL TWIN FOR DECEPTION

Clone your real-life network to:

• Evaluate vulnerabilities
• Optimise performance
• Test without risk

THE HONEY NET

This cyber digital twin enhances the capability to prevent attacks by luring real attackers to the clone network – malicious cyber actions.

HYBRID DIGITAL TWIN FOR IT & OT INTEGRATION

Connect operations technology (OT) systems with information technology (IT) to prevent attacks on industrial sites.

• Crises simulation
• Test validation
• Safeguard the operation

WANT TO KNOW MORE? Click below for further info on our IT & OT Connection.

MARITIME AND NAVAL ACTIVITES

cybersecurity needs:

• military operations.
• Cyber Lab, comprising experimentations and simulations of IT and OT assets for analysis, prototyping or research for attack and defend purposes.
• Experience with DEFNET cyber trainings, virtualisation of ports IT/OT systems, custom design of realistic APT scenarios, ashore and on-board cyber training for shipowners.
• Over a dozen scenarios enable a wide range of training on all aspects of cyber security.

TRAINING

Experiencing real-world threats in a safe environment is the key to cyber security within IT & OP. • Recognise and handle threats

• Team building & process validation
• On site & online
• HR tool
• Understand employee behaviour
• Offensive ops

WANT TO KNOW MORE?

Click below for further info about our training.

• Tailored environment • User-friendly PRODUCT FEATURES

-

-

• Open Platform API
• Remotely run actions within the Cyber Range
• USB Plug & Play
• Full content catalogue
• And much more

Learn more

WANT TO KNOW MORE? Click below for further info about our product features.

SERVICES

• Incident Response
• Technical Audit
• Research & Development
• CTF Builder

43

iSOC-CSIRT

Monitor, Withstand And Mitigate Cyber-attacks Against Your Network

Our Security Operation Center (SOC) mission is to continuously monitor and improve our customers' cyber security posture giving a full MDR (Managed Detection and Response) experience. Value drivers and response capabilities

We can setup a full outsourced service sized according to the Customer infrastructure or support the Customer to deploy and integrate our technologies for a local Security Operation Center (SOC) Full Outsourcing With Full Visibility (minimum involvement and controlled cost). This model supplies competent and operational people available 24/7

How Is It Different?

• 24/7 hardworking forces dedicated to preventing, detecting, assessing, and responding to the cyber threats and vulnerabilities. Highly skilled and organized team with the mission of continuously monitoring and improving the security posture of an organization
• IT/OT ecosystem
• technologies for maximizing our security analysis.
• Your SOC is our SOC. We use the same SOC we offer for defending our network

The SOC is a structure that centralises all information on the security status of a company's IT, offering an integrated MDR (Managed Detection & Response) service MDR (Managed Detection & Response) Service

The SOC, delivered 'as-a-service' solution, leverages the skills of the team of operators and security analysts and the best security technologies, including the proprietary RTA solution

ProntoCyber: a Fast and Ready-to-Go Cyber Solution

DELIVERY

PROCESSES

TO REDUCE

TIME AND

COSTS

INDUSTRIAL SALES AND

CY4GATE ACADEMY

Advanced knowledge, skills, capability

How Is It Different?

• Becoming prepared about threats and the best techniques to face them, will make it harder for a cybercriminal to access • Some (successful) cybersecurity expert skills simply cannot be taught in a traditional classroom. This is why we always offer Modern vocational training and skills education programs through interactive scenarios, "cyber arenas" where to simulate real cyber competition, and challenges to solve real-world business and human competitions
  • "Learning elements, contents, and skills" together. Bringing together all the best cyber security and cyber intelligence elements, from those who are doing it, those who did it, and those who learned from it, and delivering to your organization
  • CY4GATE Academy offers an innovative method for assessment inside and outside your organization

Value drivers Capability Oriented Creating better staff More Readiness Better Security your data

DIGILAB

Prepare Your Cyber Mission!

Value drivers Tailored around the Customer Focused on Teamworking

(Penetration Testing team, Intelligence Team , Malware reversing and exploiting team, Reversing team, Cryptoanalysis team and so on) to understand how to approach a cyber mission and identify the right tools for each specific task

How Is It Different?

• We own full penetration testing and validation capabilities against complex systems to check the HW, SW, firmware. Also the wireless level
• We create laboratories and services for malicious code analysis and define a valid counter-strategy
• We can reverse engineer things to catch how a device or algorithm works

CFO & IR MANAGER

Marco Latini marco.latini@cy4gate.com

IR ADVISOR

CDR Communication Silvia Di Rosa silvia.dirosa@cdr-communication.it Luca Gentili luca.gentili@cdr-communication.it

FOLLOW US: FOLLOW US: