KNBE (2021 - Q2)

Ladies and gentlemen, thank you for standing by. And welcome to the KnowBe4 Second Quarter 2021 Results Conference Call. Please be advised that today's conference is being recorded. All lines have been placed on mute to prevent any background noise. After the speakers' remarks, there will be a question-and-answer session. [Operator Instructions] Thank you. Now, it is my pleasure to turn the call over to Ken Talanian, KnowBe4 Vice President of Investor Reporting. Ken Tala

As a reminder, our commentary today will include non-GAAP financial measures. Information regarding our non-GAAP financial results, the limitations and reconciliations of our GAAP and non-GAAP results can be found in our earnings release, which was furnished with our Form 8-K filed today with the SEC and may also be found on our supplementary financial information available on our Investor Relations website at investors.knowbe4.com. In addition, some of our comments today, including those related to our guidance, may contain forward-looking statements that are subject to risks, uncertainties, and assumptions. Should any of these materialize or should our assumptions prove to be incorrect, actual company results could differ materially from those projected or implied during this call. These risks are described in our Form 10-Q that will be filed following this call. These documents can be found on the SEC's website sec.gov and on our Investor Relations website. During today's call, you will hear prepared remarks from our CEO, Stu Sjouwerman, and CFO and Co-President, Krish Venkataraman. Lars Letonoff, our Chief Revenue Officer and Co-President will join our question-and-answer session. And with that, I will turn the call over to Stu.

Thank you, Ken. And thank you all for joining us today. We are excited to share our results with you this morning. Building on last quarter's strong performance, we exceeded our guidance. We had a record quarter with over 40% year-over-year annual recurring revenue growth. As many of you know, I started KnowBe4 to help organizations manage the ongoing problem of social engineering. We are the only public company dedicated to securing the human layer. The emphasis in cybersecurity has traditionally been on legacy controls. However, the exponential growth in cyberattacks and their relative success proves we cannot solely rely on security software infrastructure. According to the newest Verizon 2021 data breach investigations report, 85% of breaches involved a human element. Ignoring the human element of this equation leaves organizations of all sizes vulnerable, which is why we are dedicated to helping our customers transform their employees into a successful last line of defense against cyberattacks. Over the last quarter, you have seen countless examples of the increased threat of social engineering attacks. This has security professionals around the world on edge. In fact, a recent survey from the IASCA found that two-thirds of companies surveyed plan to improve their cybersecurity defenses in the wake of recent attacks, such as the one on the Colonial Pipeline. We expect many of these organizations to look at securing their human layer with KnowBe4. The regulatory environment continues to evolve to match the growing threat landscape. In the US, on a federal level, we have seen executive orders from the Biden administration to improve security controls. On the state level, we have seen organizations, such as the New York State Department of Financial Services, mandate the use of security awareness programs. These actions help validate our market opportunity and provide a catalyst for new business growth. I will start by summarizing key results and activities for the quarter. Second quarter results exceeded our expectations across the board with continued growth and strong free cash flow generation. Our inside sales motion continues to win both new enterprise and SMB customers across all industry verticals. This resulted in $241 million in ARR, ahead of our expectations and up 42% year-over-year. We have established a market-leading position in the human centric cybersecurity space, which is enhanced by our focus on continuing to innovate to meet the needs of our customers. Our vision for the security awareness markets defines KnowBe4's product roadmap. This includes both exciting new features and new products. This quarter, we released a new product called Compliance Plus. Compliance Plus leverages the intellectual property acquired from MediaPRO, as well as new school training modules developed in-house to expand our reach into the important compliance segment. We believe there is a strong connection between compliance behavior and security behavior. This product will help users improve their compliance behavior, much like our platform already helps users improve their security behavior. This is a whole new $3 billion TAM for KnowBe4, which shows the power of our platform to reach additional adjacencies. While early so far, the ramp in Compliance Plus has greatly exceeded our expectations, given the ease of upsell. Our technology leadership is a key factor in the strong momentum in our new business wins, with further penetration in the enterprise market. We also see strength and best-in-class retention across our existing customer base. Customer growth remains strong across both SMB and enterprise, with our total number of customers reaching over 41,000. Our current customers are investing in our KMSAT platform and adopting our additional KKR, KCM GRC and now Compliance Plus products at record levels. As of the end of Q2, 17% of customers now have multiple products. Organizations across all verticals and sizes continue to see value in our free tools and thought leadership webinars, which we utilize to generate leads for our inside sales team. As in previous quarters, we also saw customers buy both KMSAT and PhishER together to leverage the immediate risk reduction that PhishER brings to their organization. Though we do not report the growth for PhishER, Compliance Plus and KCM GRC separately, the combined logo growth and revenue growth was triple digits for the quarter, a continuation of the cross sell success in Q1. In terms of new business, we saw a number of both greenfield wins as well as competitive displacements. The greenfield wins continue to show that the value of security awareness is resonating with customers, and our platform stands out from the competition. Our competitive wins are further proof that our platform and customer support ranks well above our competition. Additionally, we continue to see success in our enterprise segment, which had several big wins. To give you some examples of mega enterprise wins, we had a 69,000 seat greenfield win with a global insurance company based in UK. We displaced a competitor at one of the world's largest industrial companies with 62,000 seats. And this deal included both KMSAT and PhishER and the customer expects to save 25,000 man hours using PhishER in their SoC. A large gaming company swapped out a competitor in a 50,000 seat win, also favoring our automation and overall ease of use. We also had a 50,000 seat competitive displacement with a large medical technologies company that favored our platform's automation capabilities. These wins and others demonstrate that our customers continue to embrace not only the considerable risk reduction our platform brings, but also the thousands of hours we save the IT department in triage and security events. Given the shortage in skilled IT workers, our strategy of building time saving products into our platform has paid off. This also remains a critical focus for our product roadmap. Our support for over 34 languages continues to be a great selling point for our global customers. To give you a few examples, this quarter we won a 45,000 seat deal with a global automotive parts supplier in Japan, a 30,000 seat competitive displacement with a large multinational manufacturing company based in the US and a 25,000 seat greenfield deal with a multinational oil and gas company based in Austria. Outside of the commercial space, the government segment continues to be a strong vertical force. One US state that faced multiple breaches purchased 60,000 seats in a greenfield deal with the intent of using our platform as their primary new defense. We are seeing traction outside of the US as well. As an example, we landed a 20,000 seat greenfield deal with a police department in Australia. We also continue to see traction in the education sector. In a greenfield opportunity, a US public school system purchased 12,000 seats to upgrade their inadequate internal training. And across the pond, we sold a 5000 seat deal to the school system in New Zealand. Our cross sell motion is working well here too. As an example, this quarter, we saw a large public research university purchase PhishER for use in managing its 11,000 employee organization. Before I turn the call over to Krish, I would like to thank our employees and partners for the dedication, commitment and customer focus that has brought KnowBe4 to its market leading position today. I'm incredibly proud of not only our financial results, but the great group of people driving this company and contributing to our communities. We are as focused as ever on bringing high quality and diverse talent in the door. This has not gone unnoticed. We were recently included in Fortune's Best Places to Work for millennials and Mogul's list of the Top 100 Workplaces with the Best Diversity and Inclusion Programs. During the quarter, we also kicked off our sustainability program, including a climate pledge to increase our use of clean energy to 25% globally by 2025 and become carbon neutral as an organization by 2040. Within the first three weeks, 30% of our staff across 11 countries took the climate pledge. These are just a few examples of the great work we're doing behind the scenes. I look forward to giving you an update in the quarters to come. And with that, I would like Krish to discuss our financial trends.

Thanks, Stu. And good morning, everyone. As a quick reminder, unless otherwise noted, all numbers except revenue mentioned during my remarks are non-GAAP. As you heard from Stu, we definitely see strong performance across the business with AR for Q2 accelerating versus the first quarter to 42% year-over-year. This was actually driven by another strong quarter for new logo addition in enterprise and SMB, and continued cross sell to existing logos and global expansion. Our platform continues to perform well across all geographies, to customers of all sizes and industry. I want to remind everyone that a key pillar of our model is the ability to efficiently scale to customers of all sizes from organizations with less than 100 seats addressed by our channel partners to customers with several hundreds of thousands of employees served by a hybrid inside sales model. Since day one, we are focused on four pillars of growth – new logo expansion, cross selling to existing customers, international expansion, and finally, channel expansion. We saw success in each of these areas throughout the quarter. Our first pillar of growth is new logo expansion. Today, about 87% of our logos are in the SMB space, which we define as less than 1,000 employees and about 13% are in enterprise space which we define as greater than 1,000 employees. Both these segments saw significant growth over the past few years. To give you a sense of the magnitude, enterprise logos now represents 5,300 clients worldwide for our 41,000 customer base, up considerably just from a few years ago, where our enterprise customer count was well under 2,000 customers. In 2Q, we saw robust AR growth that was evenly balanced between enterprise and SMB customers. We are particularly proud of the success we have seen in the mega enterprise space of greater than 10,000 seats. This is a proof of not only our ability to move up market with our current go-to-market model, but the strategic importance some of the largest organizations the world now place in our platform. Stu provided a few of the many deals we close at the mega end of the enterprise market this quarter. This continues our trend of significant penetration of the enterprise market over the last couple of years. Our second pillar of growth is cross selling to existing customers. We continue to see strong interest among both new and existing customers in the power of our global platform. As of Q2, about 17% of our customers have [indiscernible] multiple products with strong interest among new customers in purchasing multiple products within the first purchase. To give you some perspective, in 2019, we had about 2,300 customers or about 8% of our 30,000 customers with multiple products. Today, approximately 7,000 customers or about 17% of our over 41,000 customers now have multiple products. As you can see, we have a tremendous progress here. We are committed to bringing innovative products to our customers and, ultimately, driving shareholder value. The launch of Compliance Plus in early June is yet another example of our ability to innovate on the human layer and add complementary products to our platform. Though it's still early in launch, Compliance Plus has surpassed the results we saw from PhishER in the first month of sales. Compliance Plus is seen by many customers as an easy add on to round out an organization's compliance needs. It's also adding approximately $3 billion to our global TAM. As a reminder, we don't bundle our products. We prefer to cross sell the product, as it results in premium pricing for add-on products versus discounting. As a result, PhishER represents approximately a 45% increase in AR for SMB customers and 35% for enterprise versus a standalone KMSAT sale. Our multi-product strategy is seeing considerable traction with the combination of PhishER, and KCM GRC and now the addition of Compliance Plus. Year-over-year PhishER, Compliance Plus and KCM GRC combined have seen both triple-digit revenue and triple-digit logo growth. Our third pillar of growth is expanding internationally. Penetrating international markets remains one of the key pillars of our growth strategy. Our international revenue growth reached 95% year-over-year to yet another record breaking quarter. Domestically, we also see strong momentum with about 36% year-over-year growth. On international expansion, we continue to focus our investment on hiring key talent in marketing, sales, content and customer support. We have made several key hires in the UK, Germany, Australia and Japan, laying the foundation of talent to scale across the globe. Lastly, our fourth pillar of growth is channel expansion. We also continue to focus on expanding our channel presence to accelerate growth both internationally as well as domestically. We are invested in hiring a number of key resources in our channel team and building marketing and distribution capabilities for our channel partner. Throughout the quarter, we have made great progress in growing both our number of channel partners and the deal volume generated through them. Now to give you some details on the quarter. Both new and existing customers have witnessed the ongoing problem of social engineering worsen over the last year. We currently support our customers with our platform reach, which includes integrated capabilities around security awareness, security orchestration and automation, and compliance. In the second quarter, total annual recurring revenue, or ARR, reached $241 million, up 42% year-over-year. Our ARR growth was driven by another strong quarter for new logo additions and continued expansion of cross sell to existing logos. Our total customer count for the quarter grew to over 41,000, up from about 33,000 in Q2 of last year. Lower churn and gross dollar retention for the quarter were both comparable with historical levels. Gross dollar retention, which in our case has been world class considering our mix of SMB and enterprise, reached the highest levels we have seen. In Q2, total GAAP revenue grew 43% year-over-year, reaching $59.4 million, which was well ahead of our expectations. We continue to execute at a high level and remain focused on our four pillars of growth. Geographically, the vast majority of our revenue was derived from North America. At the same time, we believe there is a sizable addressable market for KnowBe4 internationally, and we continue to invest in both the EMEA and APAC in both KnowBe4 personnel and expanding our channel relationships. Approximately 15% of our revenue is now derived from international markets, representing a 95% increase in international revenues year-over-year. While it's still early in our international expansion, which represents a very large and executable TAM, clearly, our strategy of investing in these markets is producing results. Since Q2 2020, we have added approximately 36 new heads to the KnowBe4 international team. Over the past two years, we have opened offices in Australia, Japan, Norway, and Dubai. We also completed building our shared service center in the Netherlands to help drive long-term support for our clients and sales teams. We have also accelerated our hiring plans to ensure we have the right resources in place to execute on our international expansion. As part of our philosophy of running the business, we remain focused on sustaining a high growth rate with strong margins. Second quarter non-GAAP gross margins improved to 85.9% from 85% a year ago, as we gain efficiency with scale. As we continue to scale our international businesses, we expect non-GAAP gross margins in the low to mid 80s long term. Total non-GAAP operating expenses for the quarter were about $46.5 million versus about $33.9 million for the same quarter last year. While we continue to invest in headcount across the business, our IPO in April drove the vast majority of expense increase this quarter. Sales and marketing as a percentage of revenue was lower year-over-year as we scale the business. As you know, we are still in the early stages of international expansion, and you should expect to see additional resources deployed to support that growth. As an example, we will be hosting our first KnowBe4 conference in EMEA in September. We expect to invest in both sales and marketing internationally over the upcoming quarters. G&A cost increase reflects our continued effort to support life as a public company and to assist our international expansion. We are investing across legal, finance, internal audit and HR teams. As you see, we have made considerable investment in our technology platform. Our launch of Compliance Plus is yet another example of our evolving product roadmap. Although still early on, we're seeing the strong demand for the product. In fact, we have already surpassed where PhishER was at the same time in its ramp up process. Non-GAAP operating income in the second quarter was about $4.5 million and non-GAAP operating margin was approximately 7.6%. Quarterly non-GAAP net income was $3.4 million. Our non-GAAP net income excludes stock compensation expenses, amortization of acquired intangibles, and acquisition and integration related costs. Turning to cash flow and balance sheet items. We finished June with cash and cash equivalents of approximately $257 million, representing our continued focus on maintaining a high level of capital efficiency and use of cash. No, this balance includes the net proceeds of approximately $156 million from our recent IPO. Free cash flow for the first half of the year was approximately $33.7 million, driven by strong cash collection as well as sales performances ahead of plan and an efficient go-to-market model. From our result, you can see that we have a highly resilient and cash generating SaaS model and strong balance sheet, supporting a balance of top line growth with expanding profitability. We continue to expand our resource pool, invest in new products and capabilities, while maintaining sustainable, profitable growth as we lead this new category in cybersecurity. And on to guidance. We entered the third quarter with strong customer and business momentum. This momentum is seen across all our segments and international markets. For the third quarter of 2021, we expect total revenue in the range of $60.5 million to $61.5 million or approximately 35% to 37% year-over-year growth. For the full-year 2021, we are raising our total revenue guidance to $237.5 million to $239.5 million or approximately 36% to 37% year-over-year growth. This revenue guidance is up from our original guidance of $229 million to $231 million issued last quarter. We expect free cash flow margins to be greater than 20% for the full year. This is also up from our previous guidance of 12% to 15% issued last quarter. As a reminder, there's seasonality in our free cash flow which can cause results to vary quarter to quarter. For modeling purposes, you can assume a non-GAAP diluted weighted average share count of between 178 million and 181 million shares for Q3. As a reminder, our Q2 GAAP weighted average share counts were impacted by the timing of the adaptation of our dual class structure and IPO. As we look forward to the rest of the year, we are seeing continued growth and momentum in the business, and we are laser focused on maintaining our market leadership is the most important layer in security dedicated to human endpoint.

[Operator Instructions]. Our first question comes from line of Rob Owens with Piper Sandler.

Stu, I want to unpack a little bit the new logo acquisition you talk about more specifically, but what you're seeing in the enterprise market? Just channels into those customers, some of the strength you're seeing overall. And my sense is those are most likely competitive displacements rather than greenfield, but if you can expand on that, that'd be great.

Rob, actually, that is a very good question for sales. I'll throw it over to Lars in a second. Let me just comment that there is still a significant amount of greenfield and enterprise as well, especially international. But Lars is in the trenches. He has a better view on those enterprise sales. Lars, could you hop in?

Question, are you talking specifically Compliance Plus and adjacent products? Or was it just in general?

I think it was in general relative to the whole product set. But the more you want to expand on Compliance Plus, that'd be great.

SMB for us is still pretty much greenfield opportunity, occasional competition with enterprise. There's really two areas that we go after. Our marketing team provides a ton of very strong A leads for our sales teams to go after. And then, part of that go-to-market is we're actively going after business from our competitors. With Compliance Plus, that's going to be probably more a competitive displacement than a greenfield in the enterprise space. I think in SMB, again, it will probably follow the same trends as being greenfield opportunity.

Maybe, Lars, since I've got you, could you touch a little bit on your SLED activity. It truly feels like there was a lot of momentum related to education and state, local governments this quarter. Thanks.

Obviously, in the news, there's been a lot of attacks against the SLED market, and that always helps us with our products. But our product is 100% horizontal. It's relevant to any size organization and then any vertical market. So, we really don't have any concentration in any specific vertical.

Your next question comes from the line of Joel Fishbein with Truist.

I just have one, Stu, on the – just talk a little bit about the new product, the Compliance Plus. If you can give us a little bit of color about the differences between KCM GRC and Compliance Plus? And also, what the go-to-market and cross sell opportunity looks like there?

KCM GRC really is a tool that you use to keep track of all the controls for a specific regulation. Let's take easy example, PCI, the payment card industry, they have 200 controls. It's check your firewalls once a month and you need to do that and a test is done, upload evidence, and so auditors can look at – yes, that was correctly done. That's what KCM manages. Compliance Plus, on the contrary, is essentially gives all employees in the organization the compliance training modules that they have to step through. And those are things like privacy, data protection, sexual harassment, there's a raft of different compliance training that these people literally by law need step through. So, Compliance Plus is super easy to sell and also deploy. You can literally within a minute, in the existing platform, turn it on and roll it out.

And then, in terms of the cross sell opportunities and go-to-market, that would be really helpful.

If you look at the existing customer base, which is now, as you just heard, 41,000 plus, it was relatively easy for us to go back to these people and say, hey, what are you currently doing for compliance training. And very often, that is an existing vendor who is quite expensive. Then it's not that hard for us to come up with a competitive bid. Compliance Plus pricing was based on a lot of market research and was positioned to be disruptive. So, it's very easy for an existing customer to look at that and say, wow, we're moving.

Your next question comes from the line of Brian Essex with Goldman Sachs.

Krish, I was wondering maybe if you can just touch on ARR for a bit. Given your comments on catch and cross sell, upsell, is there seasonality, I guess, embedded in that? And I was wondering if we could dig in maybe a little bit to some of the moving parts underneath it, whether it was revenue mix or linearity that might have – maybe not linearity, but customer size, large deals that might have affected that compared to last quarter.

Let me answer the latter part question first. So, if you look at our ARR growth, as I said, in excess of 42%. And if you look at the trend, especially in the last year, especially since Q2 COVID shutdown last year, you're seeing a real acceleration in our ARR. Now to unpack the ARR growth, I go back to our four key pillars of growth because each of them has been contributing significantly to that ARR growth. First, let's talk about enterprise. And within the enterprise itself, there are two real distinct stories that are emerging. One is, if you look at enterprise, in the last couple of years, as you can see, almost half of our AR now comes in the enterprise side. But especially in the last year-and-a-half to two years, the mega side of the enterprise world has significantly accelerated. And a couple of reasons for that, Brian. One is the international story, the power of the platform, the capabilities of the platform, the multi-language capabilities embedded now on the platform, of course, drive a lot more mega enterprise attraction towards the platform. And that has been a driver of our ARR. On the enterprise holistically, that itself is also a combination of our international growth, as we are now expanding significantly into EMEA as well as APAC. The second key part, I would say, of the ARR unpacking is really what you're seeing in this cross sell story. And just to remind everybody, just couple of years back, we were largely a single product tenant on the platform. And with the launch of KCM G RC, PhishER, and now Compliance Plus, we are really providing significant platform capabilities to our global clients, which of course, drives a lot more interest in the platform and the cross sell capability. And the other thing, we have done a great job, Brian, is really cross selling at scale. Right? Now, we've got 7000 plus customers now have multi product capabilities on the platform, which is an incredible testimony to not only the platform's strength, but our cross sell motion. And finally, I think the channel expansion, as well as international expansion has really contributed to that uprising of ARR growth that you're seeing in the last quarter. Now, the last part of your question is seasonality. Now, the way I think about seasonality is early on in KnowBe4's history, we were largely an SMB shop. So, there was very little seasonality in the business, given we were largely going after a greenfield opportunity, SMB. Lately, especially last year-and-a-half, two years, given they're evenly balanced now between SMB and enterprise, you will see some level of seasonality in ARR, but that's less got to do with KnowBe4, but more got to do with the overall software sales motion that companies face, which have a large enterprise mix in them. But right now, sitting today, at the seat right now, we don't see or don't expect any atypical seasonality and we believe that we have really strong robust growth ahead of us.

Maybe if I could just touch on net retention rates, as you increase the percentage or your mix of large enterprise and improve cross sell/upsell, can you maybe give us an understanding of what the rate of improvement is there? I understand that you don't regularly disclose it, but just trying to get an understanding of how the churn and cross sell and upsell might be impacting your net retention rates and you're foreseeing consistent improvement there.

I think there's two key components of net dollar attention. And as you mentioned, we don't comment on the dollar retention every quarter. But the two most important ingredients of any net dollar component is – one is, your growth/logo retention. Right? The second part, of course, is the ability to cross sell. Now, let's talk to the first part. Now, growth/logo retention, which in our case is a world class number given the mix of SMB and enterprise that we have, reached the highest levels we have seen in KnowBe4. So excellent progress on that side. The second part of it is the cross sell motion because, just to remind everybody, our KMSAT motion from a sales perspective is always to land large. So, we get 100% of the employees at any client upfront. So, cross sell is one of the key drivers of growing your net dollar attention. And in that case, as you see the trend, quarter after quarter, it has nothing but been an amazing sales execution. Right now, 17% of our 41,000 global customers have got cross sell capabilities. So you are seeing that momentum. And given that, as I said, net dollar attention is a component of these two ingredients, both of them are trending in a positive direction.

Your next question comes from the line of David Hynes with Canaccord.

Congrats on the strong result. I want to ask about PhishER and what you're seeing in terms of attach at land? And maybe as part of that, you could touch on trends in initial ASPs.

That is a question for sales. I'm going to give this one straight to Lars.

I can't speak on specific attachment rates, but our attachment rate has been ever increasing each month since we initially put the product out. And we drive a lot of gains and drive a lot of incentive for our sales team to increase those attachment rates. And we've had a lot of success with that. Maybe Krish can talk about a little more specific on the numbers.

I think just to add some more color in terms of the attachment rates. Now, I think of attachment rates across both the cross sell motion as well as on the ARR upliftment motion. Now, if you look at PhishER and you compare what we are seeing, we are seeing very, very strong ARR attachment rates when customers actually buy both KMSAT and PhishER together. And that ranges anywhere between, say, 35% plus, depending on whether you're SMB or enterprise, and of course, SMB is actually much larger than the enterprise size, given the size of the accounts and the seats we're talking about. So, overall, I think the attachment rates have been strong and growing, given the cross sell motion, and the ARR attachment rate also has been very, very encouraging and trending up.

As you think about compliance vis-à-vis the go-to-market model, is the playbook always going to be to lead with security and then work to cross sell compliance? Or is there an effort of – or will there be an effort to kind of sell compliance standalone as well?

Let me grab that one. For the moment, since we have this huge customer base that we can mine, it's most efficient to simply go back to existing customers and say, check this out and save some money because your existing vendor is twice as expensive. Ultimately, we would probably also start and we are doing the initial testing in marketing to just go this as a separate campaign, if you will, and drag A leads specifically through the compliance management/HR and drive that as a separate go-to-market strategy. For the moment, we have enough work in the existing customer base to keep us busy.

Your next question comes from the line of Hamza Fodderwala with Morgan Stanley.

First question maybe for Stu. I'm just curious, I know it's hard to kind of break down exactly, but to what extent would you say that this more recent acceleration, particularly in the ARR growth, is coming from perhaps a stronger spending environment that we're seeing from these recent cyberattacks or more of a natural acceleration coming off of some of the – maybe some of the modest weakness you might have seen in the middle of last year due to the COVID shutdown?

Generally speaking, what we're looking at is the market is becoming aware of the fact that bad actors essentially grab humans as their first attack vector and simply send phishing emails, highly scaled these days and very sophisticated, to try to get in. That's one of the successful – really more than 50% of them are caused by phishing. So, it's time is money for the bad guys, too. And what we're looking at here is – and organizations start to understand it, they absolutely need a strong last line of defense, which is employees being on their toes with security top of mind, and then the media that currently have been giving enormous airplay for things like Colonial Pipeline and ransomware, that is significant tailwind for us just there.

My follow-up for Krish. Krish, you mentioned 13% of your customer base is now enterprise. And then that accounts for a little over 50% of your ARR. If you do the math, that's about a little over $20,000 in terms of ARR per customer among that large enterprise cohorts, about four to five times the overall. How has that over $20,000 ARR per customer grown in the past couple of years? And where do you think this can go? You think this can go to $30,000 or $50,000? Kind of what's really the potential there?

I think there's two parts to the question. One, it would be helpful to understand that, if you look at our enterprise story, our enterprise story is not a Q2 2021 story only. We started initially moving from, of course, SMB to, I would say, the small to mid-size enterprise customers. And over the last year-and-a-half, two years, we are really trying to migrate up towards the mega size. So, given that we already have, as you said, in excess of 5000 plus enterprise customers, the average is a mix between the smaller enterprise customers and now the mega-sized enterprise customers. From a trend perspective, of course, the trend has been growing and the trend has been positive. And the trend has been positive because of two reasons. One, as I said, not only the motion moving towards the upper end of the enterprise side, but also – it's also the addition of the international logos where we are more enterprise first than SMB first than we were in the US. The second part of the question is, you're seeing a lot more cross sell motion, Hamza, in the enterprise space. And that, of course, adds to your overall average ARR for enterprise. But we're still early in that motion, but that motion has been growing every quarter for the last year, year-and-a-half. And we do see definitely an upside ability to the average ARR on enterprise as we get not only additional mega-size or midsize enterprise customers domestically and internationally, but also cross sell now three additional products to that base.

Your next question comes from Shaul Eyal from Cowen.

Congrats for those strong set of results. Two quick questions. Maybe start with Stu first. In light of the recent large GDPR related fine on Amazon in Europe, I was wondering if there's any flow through benefits you are seeing or hearing from the channel, Stu, really related to regulatory or compliance front.

Not necessarily directly from the channel. However, you do need to remember that, internationally, we are 100% channel. And the focus on data privacy, especially in Europe with the GDPR, instead of viewing compliance as a simple check the box requirement, at this point in time, organizations will literally be forced to view it as a component of their day to day operations. And that is where we come in with the training for employees to begin with and then, with the KCM GRC product, to actually track compliance and report on it, if that gives you a bit more visibility.

My follow-up question is maybe Krish or Lars or even yourself, jump-off question is the Proofpoint, they reported last week, was wondering if you are seeing any change of controls noise that, I guess, KnowBe4 has taken opportunity of lately?

This was a question for Krish, correct?

Yeah. It could be Krish or Lars or even yourself, Stu.

It's Proofpoint related. I can start with just a general comment. We are as KnowBe4 still heavily investing in the platform, the international, multi=lingual. We're on the opposite spectrum of where Proofpoint's are currently moving to. PE [ph] is generally focused on cost cutting. So, we see them now and then, but I think Lars can expand a little more on exactly where and how we see Proofpoint today.

I really can't speak on any specific competitor, but I'll answer this way. First, we rarely see competition in SMB. It's mostly greenfield. On the enterprise side, when we're involved in new business in a bake off type scenario, in that case, we rarely lose to competitors. We win those hands down. The other part of our go-to-market in enterprise, as I mentioned before, is that we're actively going after our competitors' existing customers. So, sometimes, in those cases, when we're going after that business, we'll see them bundling the product, kind of a scramble just to keep the business in house. And that's where we'll occasionally lose a sale. But we're winning a lot more of those than we're losing. And not only do we view the competition as competition, but with our go-to-market, we also view the competition as opportunity.

Next question comes from the line of Jonathan Ruykhaver with Baird.

Congrats on the strong performance. I have a product question. When you look at product development, I'm wondering if you could just talk about the emphasis you're placing on improving existing products versus building out new SKUs? Obviously, something like PhishFlip is a nice improvement to PhishER, but maybe not as directly monetizable. So, just kind of curious how you look at that dynamic and that trade off?

Absolutely. We have a really strong feedback loop with our existing customer base on it. That data stream, if you will, gives us great insight into the features that they would like to see. And PhishFlip is a great example of customers coming up with, hey, it would be great if. We also have our own product team that is super focused on giving our customers a fantastic platform at a very competitive price. So, for people who don't exactly know what PhishFlip is, an administrator sees a malicious email come in and with a few clicks, they can turn that particular malicious email into a phishing template for everyone else. So, you can immediately see who would have fallen for this particular attack. It's very handy and super popular feature.

I have a follow-up. It is somewhat along the same lines. But you introduced some artificial intelligence capabilities into the core KMSAT product recently. I'm curious how you see that differentiating. And then, maybe any color you could provide on product roadmap that leverages AI in the future. It'd be interesting to hear an update there.

Absolutely. For the last five years, we've been very focused on making the platform AI enabled. And you will see more and more AI-driven, machine learning driven features, things like suggested training modules for employees, similar to what you see on Netflix, we think you'll like, also suggested training modules that we present to the administrator, so they can roll it out to their users. Apart from that, we have now 60 patents and a lot of them are focused on the AI related to security awareness. So, we are very heavily investing in that particular direction, and will provide more and more AI-enabled functionality in the core platform itself.

Next question comes from the line of Tyler Radke with Citi.

I was curious, just given the strength that you've seen in the business the last couple quarters as well as the strength you've seen in kind of cross sell and upsell, where are we at in terms of your headcount growth plans this year, particularly in quota carrying reps? Have you kind of accelerated those based on the strength that you've seen? Are you leaning more into the channel? Just help us understand kind of the increased investments that you're making, given the strength in the business?

I'll take a quick stab and then I'm going to give Lars the opportunity to give some more detail. In KnowBe4, we have the similar rule as salesforce that half of our employees are in sales. And we are definitely even increasing our outreach in the recruiting area. We're hiring more recruiters, so we can expand our outreach, especially international. But Lars has more detail on exactly where and how much for different groups. Lars?

We've pretty much been on a very consistent headcount growth plan that matches our growth in ARR. I would say, you're going to see a lot more acceleration in the international markets as we grow those. And then, with the introduction of some of the adjacencies that are coming along, as well as the Compliance Plus, you're going to see us a lot more efficient with headcount. Because, for instance, like a Compliance Plus, we really don't need to add headcount to sell the product. It's really just another skew on the new sale. And then, the CSMs can easily just add that up or cross sell that to our existing base. And then as far as delivering it, delivering CMP is really just flipping a switch and turning it on into console. So, we're not going to need additional customer success managers to deliver that.

Your next question comes from the line of Roger Boyd with UBS.

Congrats on the results. I was wondering on free cash flow, if you can talk through the puts and takes on the upside there. I think part of it – CapEx came in a little late again. I'm wondering if maybe you could talk about your PPE spending plan for the rest of the year and maybe if you're thinking about anything differently as relates to office space and remote work long-term.

I can add a little bit color on our free cash flow. I think one thing to understand is that, since I think the beginning, since Stu founded this company, he's always wanted to maintain a strong balance between growth and FCF. And that is basically ingrained into every employee's DNA, whether you are at the front desk or you are the CEO. So, that will continue going forward. Now, if you look at seasonality in terms of FCF, you do see some level of seasonality in FCF, especially if you look into the later half of the year. But at the same time, we have never been a very CapEx intensive business, right? We are going to actually increase some CapEx in H2 versus H1 as we actually build out some of our facilities in anticipation for our employees to come back into a hybrid mode in Q4. But none of this is going to be really large to create any significant imbalance in our PPE expense over the last couple of years.

And at this time, I'll turn the call back over to Mr. Sjouwerman, CEO, for closing remarks.

Thank you very much for attending. We appreciate your interest in KnowBe4. We look forward to an exciting back half of the year.

Thank you. That concludes today's conference call. You may now disconnect.