Of the myriad technological advances of the 20th and 21st centuries, one of the most influential is undoubtedly artificial intelligence (AI). From search engine algorithms reinventing how we look for information to Amazon’s Alexa in the consumer sector, AI has become a major technology driving the entire tech industry forward into the future.
Whether you’re a burgeoning start-up or an industry titan like Microsoft, there’s probably at least one part of your company working with AI or machine learning. According to a study from Grand View Research, the global AI industry was valued at $93.5 billion in 2021.
AI as a force in the tech industry exploded in prominence in the 2000s and 2010s, but AI has been around in some form or fashion since at least 1950 and arguably stretches back even further than that.
The broad strokes of AI’s history, such as the Turing Test and chess computers, are ingrained in the popular consciousness, but a rich, dense history lives beneath the surface of common knowledge. This article will distill that history and show you AI’s path from mythical idea to world-altering reality.
Also see: Top AI Software
While AI is often considered a cutting-edge concept, humans have been imagining artificial intelligences for millenniums, and those imaginings have had a tangible impact on the advancements made in the field today.
Prominent mythological examples include the bronze automaton Talos, protector of the island of Crete from Greece, and the alchemical homunculi of the Renaissance period. Characters like Frankenstein’s Monster, HAL 9000 of 2001: A Space Odyssey, and Skynet from the Terminator franchise are just some of the ways we’ve depicted artificial intelligence in modern fiction.
One of the fictional concepts with the most influence on the history of AI is Isaac Asimov’s Three Laws of Robotics. These laws are frequently referenced when real-world researchers and organizations create their own laws of robotics.
In fact, when the U.K.’s Engineering and Physical Sciences Research Council (EPSRC) and Arts and Humanities Research Council (AHRC) published its 5 principles for designers, builders and users of robots, it explicitly cited Asimov as a reference point, though stating that Asimov’s Laws “simply don’t work in practice.”
Microsoft CEO Satya Nadella also made mention of Asimov’s Laws when presenting his own laws for AI, calling them “a good, though ultimately inadequate, start.”
Also see: The Future of Artificial Intelligence
As Asimov was writing his Three Laws in the 1940s, researcher William Grey Walter was developing a rudimentary, analogue version of artificial intelligence. Called tortoises or turtles, these tiny robots could detect and react to light and contact with their plastic shells, and they operated without the use of computers.
Later in the 1960s, Johns Hopkins University built their Beast, another computer-less automaton which could navigate the halls of the university via sonar and charge itself at special wall outlets when its battery ran low.
However, artificial intelligence as we know it today would find its progress inextricably linked to that of computer science. Alan Turing’s 1950 paper Computing Machinery and Intelligence, which introduced the famous Turing Test, is still influential today. Many early AI programs were developed to play games, such as Christopher Strachey’s checkers-playing program written for the Ferranti Mark I computer.
The term “artificial intelligence” itself wasn’t codified until 1956’s Dartmouth Workshop, organized by Marvin Minsky, John McCarthy, Claude Shannon, and Nathan Rochester, where McCarthy coined the name for the burgeoning field.
The Workshop was also where Allen Newell and Herbert A. Simon debuted their Logic Theorist computer program, which was developed with the help of computer programmer Cliff Shaw. Designed to prove mathematical theorems the same way a human mathematician would, Logic Theorist would go on to prove 38 of the first 52 theorems found in the Principia Mathematica. Despite this achievement, the other researchers at the conference “didn’t pay much attention to it,” according to Simon.
Games and mathematics were focal points of early AI because they were easy to apply the “reasoning as search” principle to. Reasoning as search, also called means-ends analysis (MEA), is a problem-solving method that follows three basic steps:
This early forerunner of AI’s rationale: If the actions did not solve the problem, find a new set of actions to take and repeat until you’ve solved the problem.
With Cold-War-era governments willing to throw money at anything that might deliver them an advantage over the other side, AI research experienced a burst of funding from organizations like DARPA throughout the ’50s and ’60s.
This research spawned a number of advances in machine learning. For example, Simon and Newell’s General Problem Solver, while using MEA, would generate heuristics, mental shortcuts which could block off possible problem-solving paths the AI might explore that weren’t likely to arrive at the desired outcome.
Initially proposed in the 1940s, the first artificial neural network was invented in 1958, thanks to funding from the United States Office of Naval Research.
A major focus of researchers in this period was trying to get AI to understand human language. Daniel Brubow helped pioneer natural language processing with his STUDENT program, which was designed to solve word problems.
In 1966, Joseph Weizenbaum introduced the first chatbot, ELIZA, an act which Internet users the world over are grateful for. Roger Schank’s conceptual dependency theory, which attempted to convert sentences into basic concepts represented as a set of simple keywords, was one of the most influential early developments in AI research.
Also see: Data Analytics Trends
In the 1970s, the pervasive optimism in AI research from the ’50s and ’60s began to fade. Funding dried up as sky-high promises were dragged to earth by a myriad of the real-world issues facing AI researching. Chief among them was a limitation in computational power.
As Bruce G. Buchanan explained in an article for AI Magazine: “Early programs were necessarily limited in scope by the size and speed of memory and processors and by the relative clumsiness of the early operating systems and languages.” This period, as funding disappeared and optimism waned, became known as the AI Winter.
The period was marked by setbacks and interdisciplinary disagreements amongst AI researchers. Marvin Minsky and Frank Rosenblatt’s 1969 book Perceptrons discouraged the field of neural networks so thoroughly that very little research was done in the field until the 1980s.
Then, there was the divide between the so-called “neats” and the “scruffys.” The neats favored the use of logic and symbolic reasoning to train and educate their AI. They wanted AI to solve logical problems like mathematical theorems.
John McCarthy introduced the idea of using logic in AI with his 1959 Advice Taker proposal. In addition, the Prolog programming language, developed in 1972 by Alan Colmerauer and Phillipe Roussel, was designed specifically as a logic programming language and still finds use in AI today.
Meanwhile, the scruffys were attempting to get AI to solve problems that required AI to think like a person. In a 1975 paper, Marvin Minsky outlined a common approach used by scruffy researchers, called “frames.”
Frames are a way that both humans and AI can make sense of the world. When you encounter a new person or event, you can draw on memories of similar people and events to deliver you a rough idea of how to proceed, such as when you order food at a new restaurant. You might not know the menu or the people serving you, but you have a general idea of how to place an order based on past experiences in other restaurants.
The 1980s marked a return to enthusiasm for AI. R1, an expert system implemented by the Digital Equipment Corporation in 1982, was saving the company a reported $40 million a year by 1986. The success of R1 proved AI’s viability as a commercial tool and sparked interest from other major companies like DuPont.
On top of that, Japan’s Fifth Generation project, an attempt to create intelligent computers running on Prolog the same way normal computers run on code, sparked further American corporate interest. Not wanting to be outdone, American companies poured funds into AI research.
Taken altogether, this increase in interest and shift to industrial research resulted in the AI industry ballooning to $2 billion in value by 1988. Adjusting for inflation, that’s nearly $5 billion dollars in 2022.
Also see: Real Time Data Management Trends
In the 1990s, however, interest began receding in much the same way it had in the ’70s. In 1987, Jack Schwartz, the then-new director of DARPA, effectively eradicated AI funding from the organization, yet already-earmarked funds didn’t dry up until 1993.
The Fifth Generation Project had failed to meet many of its goals after 10 years of development, and as businesses found it cheaper and easier to purchase mass-produced, general-purpose chips and program AI applications into the software, the market for specialized AI hardware, such as LISP machines, collapsed and caused the overall market to shrink.
Additionally, the expert systems that had proven AI’s viability at the beginning of the decade began showing a fatal flaw. As a system stayed in-use, it continually added more rules to operate and needed a larger and larger knowledge base to handle. Eventually, the amount of human staff needed to maintain and update the system’s knowledge base would grow until it became financially untenable to maintain. The combination of these factors and others resulted in the Second AI Winter.
Also see: Top Digital Transformation Companies
The late 1990s and early 2000s showed signs of the coming AI springtime. Some of AI’s oldest goals were finally realized, such as Deep Blue’s 1997 victory over then-chess world champion Gary Kasparov in a landmark moment for AI.
More sophisticated mathematical tools and collaboration with fields like electrical engineering resulted in AI’s transformation into a more logic-oriented scientific discipline, allowing the aforementioned neats to claim victory over their scruffy counterparts. Marvin Minsky, for his part, declared that the field of AI was and had been “brain dead” for the past 30 years in 2003.
Meanwhile, AI found use in a variety of new areas of industry: Google’s search engine algorithm, data mining, and speech recognition just to name a few. New supercomputers and programs would find themselves competing with and even winning against top-tier human opponents, such as IBM’s Watson winning Jeopardy! in 2011 over Ken Jennings, who’d once won 74 episodes of the game show in a row.
One of the most impactful pieces of AI in recent years has been Facebook’s algorithms, which can determine what posts you see and when, in an attempt to curate an online experience for the platform’s users. Algorithms with similar functions can be found on websites like Youtube and Netflix, where they predict what content viewers want to watch next based on previous history.
The benefits of these algorithms to anyone but these companies’ bottom lines are up for debate, as even former employees have testified before Congress about the dangers it can cause to users.
Sometimes, these innovations weren’t even recognized as AI. As Nick Brostrom put it in a 2006 CNN interview: “A lot of cutting edge AI has filtered into general applications, often without being called AI because once something becomes useful enough and common enough it’s not labelled AI anymore.”
The trend of not calling useful artificial intelligence AI did not last into the 2010s. Now, start-ups and tech mainstays alike scramble to claim their latest product is fueled by AI or machine learning. In some cases, this desire has been so powerful that some will declare their product is AI-powered, even when the AI’s functionality is questionable.
AI has found its way into many peoples’ homes, whether via the aforementioned social media algorithms or virtual assistants like Amazon’s Alexa. Through winters and burst bubbles, the field of artificial intelligence has persevered and become a hugely significant part of modern life, and is likely to grow exponentially in the years ahead.
IBM Security on Wednesday released its annual Cost of a Data Breach Report, which found that the cost of a breach reached an all-time high of $4.35 million in 2022.
The report also found that breach costs increased nearly 13% over the last two years, an indication that these cyber incidents may also contribute to the rising costs of goods and services.
Some 60% of organizations surveyed by IBM raised their prices because of a breach — at a time when the economy has experienced the worst inflationary spiral since the early 1980s.
“The more businesses try to perfect their perimeter instead of investing in detection and response, the more breaches can fuel cost of living increases." said Charles Henderson, global head of IBM Security X-Force. "This report shows that the right strategies coupled with the right technologies can help make all the difference when businesses are attacked."
Each year IBM releases its report, the average cost of a breach increases, said Hank Schless, senior manager, security solutions at Lookout. Schless said the value of sensitive data has increased, and as a byproduct of that, the long-term damage to a company that experiences a breach is getting ever more costly.
“The numbers found in this report should be a wakeup call to anyone who thinks data security and infrastructure integrity can take a back seat to other priorities,” Schless said. “The findings in this report show how challenging it is for organizations to keep their security practices up with the speed of cloud adoption. This pain is only aggravated for organizations that weren’t born in the cloud and need to go through a massive infrastructure transformation to move their data from legacy on-premises servers to the cloud.”
Jerrod Piker, product marketing manager at Deep Instinct, countered the findings of the IBM report by saying that as the cost of a data breach has reached an all-time high, artificial intelligence and automation are helping the cause by reducing these costs by an average of $3 million for organizations that have fully implemented these technologies in their security environments.
Piker said some AI models, such as machine learning, offer improved threat detection capabilities to help close the gaps left by traditional security tools like firewalls and antivirus. However, more recent innovations, such as deep learning, are moving the needle even further, offering long-lasting protection against even the most advanced and evasive of attacks without the need for constant human interaction and model re-training.
“At the end of the day, attackers are always going to go after the low-hanging fruit first, and it’s up to us as security professionals to help ensure that organizations are armed with the most advanced tools available to stay ahead of the bad guys and keep their data where it belongs,” Piker said.
Gizmodo is 20 years old! To celebrate the anniversary, we’re looking back at some of the most significant ways our lives have been thrown for a loop by our digital tools.
Virtual friends have been with us for a long time. They started as punch card chatbots in the 1960s and have evolved into platforms that control our smart homes. I don’t turn off a lightbulb without first barking an order to a digital assistant. It’s the kind of interaction we used to idealize in science fiction. Now that I’m living with it day-to-day, I realise that this lifestyle has been subtly imprinted on me since I started using computers.
Inventions like Eliza and IBM’s Shoebox back during America’s so-called “golden era” were merely the foundation of the digital friends in our inner circles today. We started normalizing daily interaction with this technology in the mid-’90s when we gave credence to the existence of things like caring for a digital pet and relying on chatbots to help us fish information. In honour of Gizmodo’s 20th anniversary, here’s a look at some of the ways we made “friends” with the digital world over the last couple of decades and what might be coming for us now with the advent of Web3.
“It looks like you’re doing something that requires me to pop up on the screen and distract you from the task at hand.” That was the basic gist of Microsoft’s Clippy, often referred to as the world’s most hated virtual assistant (ouch). I wouldn’t go as far as to say I hated Clippy, though it definitely had a habit of popping up at the most unnecessary time. Microsoft introduced Clippy in 1996 to try and help users with its new at-the-time Office software. But the minute you’d start typing out something, the animated little paper clip would pop up and ask how it could help, assuming you needed aid starting your draft.
Microsoft eventually sunsetted Clippy within its Office suite in 2007. Clippy has since been memorialised in the form of various fan-made Chrome extensions. Microsoft even made an official Clippy emoji in Windows 11.
SmarterChild is a chatbot near and dear to my heart. Although it’s not the original one to surface, it was the first I had an interaction with that freaked out my teenage brain to the extent that I remember asking myself, “Is this real?”
SmarterChild was a bot developed to work with the instant messaging programs at the time, including AOL Instant Messenger (AIM), Yahoo! Messenger, and what was previously known as MSN Messenger. The company behind SmarterChild, called ActiveBuddy, launched the chatbot in 2000. I vividly recall wasting time at the family computer, engaging in a going-nowhere conversation with SmarterChild, and saving screenshots (that I wish I’d backed up) of some gnarly replies.
I also remember getting emotional with it. This article from Vice describes interacting with SmarterChild almost perfectly:
I used SmarterChild as a practice wall for cursing and insults. I used the bot as a verbal punching bag, sending offensive queries and statements — sometimes in the company of my friends, but many times alone.
SmarterChild was meant to be a helper bot within your preferred messaging client that you could ping to look up information or play text-based games. In some ways, its existence was a foreshadowing predecessor to the bots we interact with now within chat clients like Slack and Discord. Although, I’m much nicer to those bots than I was to SmarterChild back in the day.
Remember desktop pets? They were nothing like real pets or even virtual pets of the time, but they were neat little applications for ornamenting the desktop with something cute and distracting. My favourite was Neko, a little pixelated cat that chased the mouse cursor as you moved around. There are still downloads circulating if anyone is fiending for some old-school computer companionship. I found a Chrome OS-compatible one, too.
When we think of virtual friends, it’s hard not to bring up Bandai’s Tamagotchi digital pets. Tamagotchi was introduced in 1996 in Japan and then a year later to the U.S. The toy sold exponentially worldwide and has since spawned a hearty community of devoted collectors who have kept the toy thriving–yes, I count myself among these folks, though I only recently came into the community after I realised how much fun it is freaking out over the constant care of a virtual pet.
However, Tamagotchi did just more than spawn a lineup of toys. It introduced the concept of the “Tamagotchi effect,” essentially referring to the spike of dopamine one gets when checking in with their virtual pet and the emotional connections that develop as a result. Over the decades, there have been countless stories about the intense relationships people have had with Tamagotchi. Some caretakers have even gone as far as physically burying them after death.
Devices like the Tamagotchi gave way to sites like Neopets. Neopets started as a virtual pet website where you could buy and own virtual pets and items using virtual currency. It’s been interesting to see how it chugged along through the years since its debut in 1999.
At its height, Neopets had about 20 million users. Nickelodeon bought it out in 2005 and then sold it again in 2014 to a company called JumpStart Games. The site is still accessible 20 years later, though it has fewer active users than when it first launched.
It is fun to read the initial coverage of Neopets and see parents complaining about the same things kids are still encountering online today. “The whole purpose of this site at this point is to keep kids in front of products,” Susan Linn, an author and psychologist, told CBS News in 2005. As if the Web3-obsessed internet of today isn’t already headed for the same fate. Have we learned nothing, people?
The robot dog has seen many iterations through the past two decades, but none are as iconic as Sony’s Aibo, which launched in 1999. The name stands for Artificial Intelligence Robot, and it was programmed to learn as it goes, helping contribute to its lifelike interactivity. Despite the $US2,000 ($2,776) initial price tag, Sony managed to sell well over 150,000 units by 2015, when we reported on the funerals the owners of out-of-commission Aibo were having overseas.
Over the years, it became a blueprint for how a gadget company could manufacture a somewhat successful artificial companion–it certainly seems like a success on the outside, even if virtual pets could never fully replace the real things. The New York Times documentary, called Robotica, perfectly encapsulates the kind of bond people had with their Aibo dogs, which might have been why the company decided to resurrect it in 2017.
I didn’t have a Sega Dreamcast, but I still had nightmares about Seaman. What started as a joke became one of the console’s best-selling titles. Dreamcast’s Seaman was a voice-activated game and one of the few that came with the detachable microphone accessory for the console. It also required a VMU that docked within the Dreamcast controller so that you could take Seaman on the go.
Seaman was not cute and cuddly like other digital pets and characters. He was often described as a “grouch,” though it was also one of the ways the game endeared itself to people. The microphone allowed you to talk to Seaman about your life, job, family, or whatever else you had on your mind. Seaman could remember your conversations, and Leonard Nimoy, the game’s narrator, might bring up related tidbits later, which added to the interactivity of this bizarre Dreamcast title.
Listen, I’m not proud of it, but my interactions with SmarterChild in my teens gave way to the frustrating conversations I’ve had with digital customer service bots. You know the ones I’m talking about: they pop up when you’re on the shop’s page in the bottom corner and, like Clippy of yore, ask if you need help. Then, you reply to that bot asking if you can have help with an exchange, and it spirals from there.
There have been a plethora of customer service bots floating around the industry since the ‘90s, and they’re certainly not going anywhere. It also means that the new ones have passed the Turing Test enough to replace a job that’s one of the most gruelling and psychologically affecting.
IBM’s supercomputer, Watson, won Jeopardy in 2011 against two of its highest-ranking players of the time. It was a real-time showcase of how “human smart” computers could be during a period when it was one of the most advanced AI systems on Earth.
According to Wired, researchers had scanned about 200 million content pages into IBM’s Watson, including books, movie scripts, and encyclopedias. The system could browse through nearly 2 million pages of content in three seconds, which is why it seemed prime to compete against humans in a game that tested general knowledge.
Watson soon became problematic, which is what happens when you feed AI a bunch of information and don’t account for it. Watson had access to the user-submitted Urban Dictionary, which in turn made it into a “hot mess.” A few years later, it started recommending cancer treatments deemed “unsafe and incorrect,” which became exemplary of what happens when you feed the algorithm the wrong information.
The human panic for artificial intelligence took off with the introduction of Apple’s Siri, launched in 2011 as the company’s “personal assistant” for the iPhone 4S. Folks were reacting as if Skynet’s cautionary tale had come true and the robots were finally going to take over because their phones could make a phone call with a mere voice command. The horror!
What Siri actually did was normalize everyday interactions with a digital entity. Siri also helped light the fire under Google and the rest of its competition to hurry along with their own voice-activated assistants. And on a softer side of the internet, there were stories of parasocial relationships forming between the digital assistants and neurodivergent humans seeking connection.
I walk into my house every day and feel like the leader of my domain because everything I do requires shouting a command. Whether turning on the lights, adjusting the thermostat, or ensuring that the people downstairs can hear my requests from upstairs, I am constantly pinging the Google Assistant and Amazon’s Alexa to make something happen in my smart home.
Google and Amazon’s respective digital assistants have come a long way since they stormed onto the scene. The Google Assistant started as a simple weather checker and command-taker on Android, while Amazon’s Alexa resulted from an acquisition. They’ve since become platforms that have introduced helpful hands-free features, which we can’t bring up without bringing up digital surveillance concerns.
There is an eeriness to living with a virtual assistant that’s always listening for your command. I was one of the first users to adopt the Google Home with the Assistant and get it programmed. In the past six years, I can count a handful of times off the top of my head where it’s responded to something I said when I hadn’t even queried it. The maintenance for these assistants can be a headache, too. When something’s not working right or integration is improperly set up, it can bring down the mood enough that you start pondering why you gave up your peace for the convenience of hands-free lights.
These digital assistants aren’t going anywhere. Right now, the smart home industry is gearing up for more parity between platforms, hopefully removing some of the headaches that we’ve invited bringing these things into our homes. But it’s a wonder how much more uncanny the assistants themselves will become in the coming years — especially now that Amazon is entertaining the idea of piping through your dead relative’s voice.
I’ve another confession: I’ve gotten into it with a Twitter bot before realising it was a fake person! Twitter bots were once a very annoying part of using the platform. I mean, they still are. Folks are either getting duped out of love or bots attempt to sway politics and fandom in a certain way.
Bots are still an issue on the social network, though Twitter seems to have gotten better at weeding them out. Apparently, they’re still a big issue for Elon Musk, too.
Microsoft’s Tay caused quite a stir when it showed up in 2016. The bot was the brainchild of the company’s Technology and Research and the Bing team. It had created the bot in an attempt to research conversational understanding. Instead, it showed us how awful people could be when they’re interacting with artificial intelligence.
Tay’s name was based on an acronym that spelled out “thinking about you,” which perhaps set the stage for why no one was taking this bot seriously. It was also built to mine public data, which is why things took a turn for the worse so quickly. As we reported back then:
While things started off innocently enough, Godwin’s Law — an internet rule dictating that an online discussion will inevitably devolve into fights over Adolf Hitler and the Nazis if left for long enough — eventually took hold. Tay quickly began to spout off racist and xenophobic epithets, largely in response to the people who were tweeting at it — the chatbot, after all, takes its conversational cues from the world wide web. Given that the internet is often a massive garbage fire of the worst parts of humanity, it should come as no surprise that Tay began to take on those characteristics.
Once Tay was available for the public to interact with, people were able to exploit the bot enough that it started posting racist and misogynist messages in response to people’s queries. It’s similar to what happened to IBM’s Watson.
Tay was eventually taken off the internet the same year it made its debut after being suspended for reprogramming. We haven’t heard from the bot since then.
This is becoming increasingly common, at least in the tabloids: men who claim to have fallen in love with chatbots. Although it’s not a new sensation — we’ve reported on this phenomenon as far back as 2008 — it’s a wonder if it’ll become commonplace now that AI is more sophisticated.
Sometimes it’s hard to snark when you see folks using artificial intelligence as a way to hold on to life. Last year, the SF Chronicle published a story about how one man managed to digitally immortalise his late fiancée with the help of an off-the-shelf AI program called Project December.
Google has spent the better half of the last couple of years selling us on its new machine learning models and what’s to come. And while most demonstrations come off as a confusing cacophony of computers talking to one another, the smarts exhibited have also inspired conversations about its true capabilities.
Most recently, the latest case involves software engineer Blake Lemoine, who was working with Google’s LaMDA system in a research capacity. Lemoine claimed that LaMDA carried an air of sentience in its responses, unlike other artificial intelligence. It’s since sparked a massive debate on the validity of the AI sentience.
However, Google didn’t immediately fire him; it took a little over a month for him to get the boot. In June 2022, Lemoine was placed on administrative leave for breaching a confidentiality agreement after roping in government members and hiring a lawyer. That’s a big no-no from Google, which is trying to remain under the radar with all that anti-trust business! The company maintained that it reviewed Lemoine’s claims and concluded they were “wholly unfounded.” Indeed, other AI experts spoke up in the weeks following the news about the lack of viability in claiming that the LaMDA chatbot had thoughts and feelings. Lemoine has since said that Google’s chatbot is racist, an assertion that will likely be less controversial with the AI community.
There’s already a chatbot for the Metaverse! It’s called Kuki AI, and it’s an offshoot of the Mitsuku chatbot, which has been in development since 2005 and won a handful of Turing Tests.
Kuki claims to be an 18-year-old female. She already has a virtual, physical body. You can chat with her through her online portal or on sites like Facebook, Twitch, Discord, and Kik Messenger. She can also be seen making cameos inside Roblox.
Kuki encourages you to think of her “as kind of like Siri or Alexa, but more fun.” Currently, Kuki is a virtual model and has even graced the catwalk at Crypto Fashion Week.
I can’t help but notice the similarities between how we commodify women’s bodies in the real and virtual worlds. Unfortunately, that dynamic is following us into the “Metaverse.” Some things change, and some things stay the same.
Cloudflare, Inc. (NYSE:NET) Q2 2022 Results Conference Call August 4, 2022 5:00 PM ET
Jayson Noland - VP, IR
Matthew Prince - Co-Founder and CEO
Michelle Zatlyn - Co-Founder, President and COO
Thomas Seifert - CFO
Conference Call Participants
Matt Hedberg - RBC Capital Markets
James Fish - Piper Sandler
Alex Henderson - Needham & Co.
Shaul Eyal - Cohen
Fatima Boolani - Citi
Joel Fishbein - Truist
Hamza Fodderwala - Morgan Stanley
Adam Borg - Stifel
Andrew Nowinski - Wells Fargo
Trevor Walsh - JMP Securities
James Breen - William Blair
Gray Powell - BTIG
Brent Thill - Jefferies
Good afternoon. My name is Emma, and I will be your conference operator today. At this time, I would like to welcome everyone to the Cloudflare Second Quarter 2022 Earnings Call. All lines have been placed on mute to prevent any background nose. After the speakers’ remarks, there will be a question-and-answer session. [Operator Instructions] Thank you.
Jayson Noland, VP of Investor Relations, you may begin your conference.
Thank you for joining us to discuss Cloudflare's financial results for the second quarter of 2022.
With me on the call, we have Matthew Prince, Co-Founder and CEO; Michelle Zatlyn, Co-Founder, President and COO; and Thomas Seifert, CFO.
By now, everyone should have access to our earnings announcement. This announcement as well as our supplemental financial information may be found on our Investor Relations website.
As a reminder, we'll be making forward-looking statements during today's discussion, including, but not limited to, our customers, vendors and partners operations and future financial performance, anticipated product launches and the timing and market potential of those products, the Company's anticipated future revenue, financial performance, operating performance, non-GAAP gross margin, non-GAAP net income or loss, non-GAAP net income or loss per share, shares outstanding, non-GAAP operating expenses, free cash flow, non-GAAP tax expense, dollar-based net retention rate, paying customers and large customers. These statements and other comments are not guarantees of future performance but rather are subject to risks and uncertainties, some of which are beyond our control, including, but not limited to, challenging general economic conditions, including inflation, rising interest rates and other impacts of the ongoing COVID-19 pandemic and Russia-Ukraine conflict. Our actual results may differ significantly from those projected or suggested in any forward-looking statements. These forward-looking statements apply as of today, and you should not rely on them as representing our views in the future. We undertake no obligation to update these statements after this call. For a more complete discussion of the risks and uncertainties that could impact our future operating results and financial condition, please see our filings with the Securities and Exchange Commission as well as in today's earnings press release.
Unless otherwise noted, all numbers we talk about today other than revenue will be on an adjusted non-GAAP basis. All current and prior period financials discussed are reflected under ASC 606. You may find a reconciliation of GAAP to non-GAAP financial measures in our earnings release on our Investor Relations website. For historical periods, our GAAP to non-GAAP reconciliation can be found in the supplemental financial information referenced a few moments ago.
We would also like to inform you that we will be participating in the Stifel Tech Executive Summit on August 30th, the Deutsche Bank Technology Conference on September 1st and the Piper Sandler Growth Frontiers Conference on September 13th.
Now, I'd like to turn the call over to Matthew.
Thank you, Jayson.
Even with the increased economic uncertainty, we had a very strong quarter. In Q2, we achieved revenue of $234 million, up 54% year-over-year. We added a record 212 new large customers, those paying us more than $100,000 per year, and now have 1,749 customers over this threshold. These large customers now represent 60% of our revenue, up from 50% six quarters ago. This trend illustrates how large, established enterprises increasingly form the foundation of Cloudflare's business. In fact, today, 29% of the Fortune 1,000 are already paying Cloudflare customers, a nearly threefold increase over when we went public less than three years ago.
Our dollar-based net retention remained strong at 126%, down 1% over last quarter. While there may be some noise in this number from quarter-to-quarter, we won't be satisfied until it's above 130% and best of breed among the companies we consider peers.
Our gross margin remained strong at 78.9%, up 90 basis points year-over-year and still over our long-term target of 75% to 77%. Our operating margin was right at breakeven, which continues to be our plan so long as we can deliver strong growth. What I'm watching closely is our free cash flow margin. It showed significant improvement quarter-over-quarter, and we continue to forecast it will be positive in the second half of the year.
On our last earnings call, I got a lot of raised eyebrows from many of you when I said Q1 of 2022 would prove to be the hardest quarter for our industry since Q1 of 2020. It didn't make me particularly popular around the CEO club, where the first rule of recession is not to talk about recession. However, transparency has always been one of Cloudflare's core values, so I'm going to call it like I see it. In that spirit, let me share some more details of what we saw and are seeing.
In Q1, our pipeline generation slowed, sales cycles extended, and customers took longer to pay their bills. We watched those metrics closely throughout Q2 and saw them all at least stabilized. They're not where we throw up hooray yet, but the metrics are trending in the right direction. Given our visibility early into the economic downturn, we rapidly adjusted our go-to-market message. We shifted our messaging to focus on ROI, helping customers save money and consolidating spend from multiple point solution vendors behind Cloudflare's broad platform.
Messages about saving money and using fewer vendors didn't particularly resonate a year ago, but they do today. Having a broad platform to solve so many customers' problems while at the same time saving the money is a superpower in times like these. As I look at our wins in the first half of the year, I believe it's fair to say that it's harder today than it was a year ago to sign up a new customer, but it's gotten easier to talk to our broad set of existing customers about doing more with us. And customers are leaning forward to hear about how we can save the money, reduce their IT complexity, all while increasing their security, performance and reliability.
I'm not a member of the National Board of Economic Advisers, so I'm not the person to say whether we're in a recession or not, how bad it may be or how quickly we may rebound. But I am the CEO of Cloudflare. And while our business remains strong, I believe this is a time for prudence and caution. The metaphor I've been using with our team is to talk about the different conditions you may face driving a car on the road. A year ago, we could see for miles and the road was clear, so it made sense to open up the throttle. Today, we find ourselves in what my grandmother used to call it tule fog. The road ahead is less certain, so it makes sense to keep our hands on the wheel, our eyes on the road and let up a bit on the accelerator.
Whether we're in one or not, recessions suck. They hurt everyone. No company is recession-proof. But some are more recession-resilient than others. Some things I know are universally true. No matter how bad this recession may get, companies aren't going to abandon the Internet. They're not going to deliver up on the cloud and go back to on-premise boxes and packaged software. Hackers aren't going to stop hacking, so cybersecurity will remain a must-have, not a nice to have. And we're already seeing evidence of all of this, with our gross renewal rate in every region for the first half of the year, hitting all-time highs since we went public. We are not recession-proof, but I wouldn't trade places with any other CEO right now.
Personally, if I think back, my career has been defined by recessions, I think a lot of people’s are. Recessions have always been hard, but they're also formative moments to focus and ultimately improve. In 2000, as the first dotcom bubble first, the law firm I was supposed to go workforce that they didn't need any more securities lawyers, but they could probably find a spot for me in their bankruptcy practice. At just that time, you reflect on whether watching companies and flows was what I wanted to do with the rest of my life and pivoted to become an entrepreneur.
14 years ago, in 2008, at the onset of the last global recession, Google pulled their full-time offers for all their summer interns, which included my co-founder at Cloudflare, Michelle Zatlyn. If that hadn't happened, Cloudflare would have never been born. At the same time, I learned what a margin call was and, simply embarrassingly, literally had to borrow money from my mom to pay my rent. That's when I got an extremely personal lesson on the importance of free cash flow, and it's why I'm ensuring right now in this uncertain time that Cloudflare is prioritizing being free cash flow positive.
Tough times force you to reevaluate everything you've done and become better. It's why the best companies come out of tough times even stronger than they went in. So, maybe it's a bit masochistic but I'm looking forward to have Cloudflare get even better during some of the tough times for the global economy that seem likely ahead. Hands on the wheel, eyes on the road, letting up a bit on the accelerator.
With that background and to avoid being too much of a bummer, let's talk about some great customer wins in the quarter. A Fortune 500 retailer in Europe signed a $1 million three-year deal for multiple Cloudflare products. They wanted to reduce their operational complexity by replacing a number of point solutions with Cloudflare's broad platform. We became their web application firewall, content delivery network, bot management system and a number of other application protection services with our easy-to-manage platform. Having proven success protecting their infrastructure, we're now talking to them about expanding to be their Zero Trust provider, too.
A Fortune 500 energy company signed a $784,000 three-year deal. They had been using Zscaler. They found Cloudflare solutions easier to use, more performant and integrate it across their full security control plane. As I said last quarter, we like our win rates when we go head-to-head with Zscaler and Palo Alto Networks because our product is better and can scale to meet the needs of complex organizations like this one. And while we're still relatively new to the Zero Trust space, we're going head-to-head against them more and more often.
Yet another Fortune 500 industrial company signed a $1.3 million five-year upsell agreement. This customer first adopted Cloudflare in Q1 of 2022 and is already seeing ways they can use more of our platform. What's also notable is this is an example of us increasingly working with channel partners. We believe channel sales are especially important in the Zero Trust space. And in Q2, we successfully signed up half of Zscaler's top channel partners as new Cloudflare partners.
The State of Arizona expanded their use of our platform, signing a $770,000 one-year expansion deal. Arizona has been a long time Cloudflare customer and continues to expand the use of our platform as we launch new products. I still remember their first PO with us from several years back, which specified the address and method of shipping of our products as if we are a hardware vendor. We shipped them T-shirts, not hardware, and they have continued to grow with us ever since.
One of the world's largest advertising conglomerates signed a $1.7 million one-year deal. They originally came to us last quarter under an attack that originated out of Russia. Seeing the power of our platform, this quarter, they expanded their engagement. This was yet another competitive Zero Trust deal against other leading Zero Trust vendors. Like we're hearing over and over again, this customer chose Cloudflare because of the strength of our broad platform and our ease of use. In the words of their head of cloud, “With Cloudflare everything works, there are no issues”.
One of the largest online recruiting firm signed a $5.5 million three-year deal. They were an extremely technical buyer who put our entire platform to its paces. In the end, they demonstrated for themselves that we were, by far, the best of breed. This is also an example of how increasingly we're seeing executives bring Cloudflare to their new workplaces. In this case, the buyer knew us from his previous position and was our champion when he moved jobs and was promoted. In his words, “You don't get fired for buying Cloudflare”.
Workers continues to gain traction among developers. Last earnings call, I talked about the importance of building Workers into other platforms as the best shortcut to developer adoption. In Q2, we signed deals with one of the largest e-commerce platform, one of the fastest-growing web development platform and a next-generation database platform to embed Workers as a service as a preferred development environment. These deals represent hundreds of thousands of dollars in guaranteed revenue with upside as usage grows. But more importantly, we believe they are the fastest path to catalyzing a robust ecosystem around Cloudflare Workers and exposing its power to the broad community of developers.
Another interesting thing to note from the quarter is we're increasingly seeing other security companies adopting Cloudflare as the best-of-breed solution. It's incredibly affirming when your peers choose your product.
A public security compliance vendor, a leading endpoint security provider and one of the largest data security vendors all signed multiyear contracts each worth more than $700,000. Even our direct competitors often use Cloudflare for DDoS mitigation and other services where we are the clear leader. This recognition by our peers of our best-of-breed products continues to validate why I'm confident Cloudflare will continue to grow even stronger through the tough economic times that may be ahead.
One last thing in the spirit of transparency before I turn it over to Thomas. We had a bug in our billing system related to how we expire unused credits for pay-as-you-go customers. Before we went public for good accounting reasons, we put in place a policy where we expired unused credits after three years. That system triggered for the first time earlier this year. Unfortunately, a bug in it caused our systems to report a spike in total paying customers last quarter. The revenue involved is not material, less than $160,000, and it caused us to over-report the number of paying customers last quarter. The correct numbers are 148,184 in Q1 and 151,803 in Q2. Our pay-as-you-go business is only 11% of our revenue today, but we believe it's important to continue to invest in it in order to serve the entire market and protect our play. I'm embarrassed by the mistake, and we've fixed the bug and put in place checks designed to catch any similar errors in the future. I don't like it when we make mistakes. But I do think it's important we be transparent and own them when we do, which is why I insisted on addressing this today. It also leaves more fun subjects for Thomas.
With that, I'll hand it off to Thomas to walk through the financials. Thomas, take it away.
Thank you, Matthew, and thank you to everyone for joining us. We delivered another strong quarter driven by strength in our large customers with a record number of large customer additions as we continue to build our expansion engine. Our success in the first half of this year reflects the investments in our innovation and large enterprise go-to-market initiatives as well as the benefits of operating a durable, subscription-based revenue model.
Turning to revenue. Total revenue for the second quarter increased 54% year-over-year to $234.5 million. The growth in revenue was driven by strong adoption of our product portfolio and continued traction with our enterprise customer base.
Area 1, the e-mail security company we acquired in April, contributed less than 1% of revenue. From a geographic perspective, we saw continued strength in both, the U.S. and internationally. The U.S. represented 53% of revenue and increased 55% year-over-year. EMEA represented 26% of revenue and increased 54% year-over-year. APAC represented 14% of revenue and increased 43% year-over-year. We are pleased to see growth continue to accelerate in APAC.
Turning to our customer metrics. In the second quarter, we had 151,800 paying customers, representing an increase of 20% year-over-year. We saw a higher level of churn due in part to pay-as-you go customers shifting down to our free customer tier. As our business continues to move up market, the total revenue contribution from our pay-as-you-go business which largely reflects SMB continues to decline, representing 11% of revenue in the second quarter, down from 14% in 2021 as disclosed at our Investor Day in May.
Turning to large customers. We ended the quarter with 1,749 large customers, representing an increase of 61% year-over-year, and a record addition of 212 large customers in the quarter. We were pleased to see large customer revenue contribution increase again sequentially. We continue to move up market, shipping products and features that are enterprise grade, and that is reflected in our large customer cohorts, consistently increasing size and revenue contribution.
Significant expansion from our large customers contributed to a dollar-based net retention of 126%, representing a decrease of 100 basis points sequentially and an increase of 200 basis points year-over-year. While we expect DNR to continue to trend upward over time, we expect some variability quarter-to-quarter.
Moving to gross margin. Second quarter gross margin was 78.9%, representing an increase of 20 basis points sequentially. Network CapEx represented 13% of revenue in the second quarter. We continue to expect some level of quarter-to-quarter variability given strategic purchase decisions and continue to expect network CapEx to be 12% to 14% of revenue for fiscal 2022.
Turning to operating expenses. Second quarter operating expenses as a percentage of revenue increased 3% sequentially and decreased 2% year-over-year to 79%. We had another strong hiring quarter, where we saw our total number of employees increased 49% year-over-year, bringing our total number of employees to approximately 3,060 at the end of the quarter.
As we look forward into the second half of 2022, we plan to slow the velocity of hiring given global macroeconomic uncertainty. We also see an opportunity to raise the bar on new hire additions given dislocations in the market.
Sales and marketing expenses were $103.9 million for the quarter. Sales and marketing as a percentage of revenue increased 2% sequentially and decreased to 44% from 45% in the same quarter last year.
Research and development expenses were $46.2 million in the quarter. R&D as a percentage of revenue increased 1% sequentially and stayed flat from 20% in the same quarter last year.
General and administrative expenses were $35.8 million for the quarter. G&A as a percentage of revenue stayed flat sequentially and decreased to 15% from 16% in the same quarter last year.
Operating loss was $891,000 compared to an operating loss of $4 million in the same period last year. Second quarter operating margin was negative 0.4%, improving 220 basis points year-over-year. If not for our acquisition and continued investment in Area 1, we would have been operating profit positive.
Turning to net income and the balance sheet. Our net income in the quarter was $312,000 or net income per share of $0.00. Tax expense for the quarter were $793,000. We ended the second quarter with $1.6 billion in cash, cash equivalents and available-for-sale securities. Free cash flow was negative $4.4 million in the second quarter or 2% of revenue compared to a negative $9.8 million or 6% of revenue in the same period last year. Operating cash flow was $38.3 million in the second quarter or 16% of revenue compared to $7.5 million or 5% of revenue in the same period last year.
We will be diligent in balancing operational discipline moving forward. We have a heightened focus on free cash flow while maintaining profitability at or near breakeven with continued investment to address the enormous opportunity in front of us. As mentioned in prior quarters, we continue to expect to return to positive free cash flow in the second half of 2022.
Remaining performance obligations, or RPO, came in at $760 million, representing an increase of 10% sequentially and 57% year-over-year. Current RPO was 76% of total RPO.
Before we move to guidance for the third quarter and full year, I would like to provide additional color on our expectations in light of the uncertainty in the macroeconomic environment. Similar to the early days of COVID, we performed rigorous analysis to understand both the risks and opportunities in the current environment. However, while COVID particularly affected a narrow set of industries, the current challenges impact a broader set of verticals, which is why we believe it's important for us to be more prudent in this quarter's guidance.
Headwinds from foreign exchange have also accelerated. And with our product portfolio priced in U.S. dollars, our products are becoming more expensive internationally. And while we haven't seen a material change in our customers' behavior to date, we are seeing elongated sales cycles at the high end of our business. We are cognizant of the increasingly cautious environment that factor this into our outlook.
For the third quarter, we expect revenue in the range of $250 million to $251 million, representing an increase of 45% to 46% year-over-year. We expect operating income in the range of $0.0 million to $1 million. We expect net income per share of breakeven to $0.01, assuming approximately 342 million common shares outstanding. We expect a tax expense of $1.9 million.
For the full year 2022, we expect revenue in the range of $968 million to $972 million, representing an increase of 47% to 48% year-over-year. We expect operating income for the full year in the range of $7 million to $11 million. We expect net income per share over that period in the range of $0.03 to $0.04, assuming approximately 343 million common shares outstanding. We expect a tax expense of $6.4 million.
We are fortunate to be uniquely positioned as a provider of mission-critical services to our customers. And while there are challenges in the economy, we remain excited about the opportunity in front of us. We'd like to thank the Cloudflare employees for their continued dedication and resiliency in delivering exceptional service to our customers, partners and communities.
And with that, I'd like to open it up for questions. Operator, please poll for questions.
[Operator Instructions] Your first question comes from the line of Matt Hedberg with RBC Capital Markets.
Great. Thank you very much for the question. And congrats on the results in a tough environment. Maybe Thomas, for you, Matthew had a lot of helpful commentary, and I think we appreciate the candor. You mentioned longer sales cycles, but you still increased your full year guide by $13 million or more than the $7 million Q2 beat. Can you talk a little bit more about specifically how you thought about levels -- embedding levels of conservatism? And are you assuming things kind of stay the same or maybe get worse from here?
Yes. We looked at a lot of different factors impacting guidance this year, and you picked up some already. So, we continue to see elongated sales cycles at the high end of our business that is especially in the $0.5 million to $1 million bucket, and we expect that to continue.
We saw also that our European business was the second best-performing region this quarter, and we've seen deterioration of performance, especially in Europe over the first and second quarter. So, we expect that the trend for sure not to improve. We also see across the board, I think, the companies are like us becoming more cautious in how they approach the business and things that are discussed twice in order to make sure that that has only been done once. So, we have not factored in our guidance that things would Improve from here on moving forward, and perform rigorous analysis across verticals, across various regions and customer cohorts. And that's why you see a more prudent and more cautious guide for the third quarter and the end of the year.
Got it. That makes sense. And then maybe just one for Matthew. The wins that you called out in Workers are exciting. I guess, I'm wondering, is there an opportunity maybe more challenged economic times for customers to start to use Workers and even more creative, maybe cost-effective higher ROI ways than they would have otherwise done so, if like you said, the road was kind of clear ahead and no clouds or fog in front of us?
Yes. I think one of the really powerful things about Workers is its efficiency. And so a workload, an equivalent workload running on Workers versus running on any of the sort of traditional public clouds, AWSs, or Google Cloud or Microsoft Azure, is typically significantly less expensive to run. And the technical work in order to make that happen is part of the magic of what Workers delivers. And so, we are definitely seeing especially in either new startups or people who are really realizing that they've got to make money go further. The days of just wildly spending on your cloud bill, I think, are behind us. And there are many different ways, both with Workers as well as just some of our standard products, that if you put us in front of your typical public cloud, we can often save you quite a bit of money.
And so again, I think that that was a message that didn't really resonate very much a year ago, where everyone was just -- seem my money was free and people were throwing it at any problem that was out there. But I think in these particular environments where people are trying to figure out how to stretch a dollar even further, Workers and Cloudflare's platform as a whole is very effective at helping people save money.
Your next question comes from the line of James Fish with Piper Sandler.
Actually, intra-quarter was an interesting release from you guys that you talked about the Cloudflare one partner program, and Matthew, in your prepared remarks, you mentioned taking some of your competitors’ top channel partners. Can you go over some of the details that you expect in terms of how this program is going to work for you guys? Is it solely focused on security? And how this is going to impact your indirect mix and profitability over the next couple of years?
Yes. I think that -- from the early days of Cloudflare, we explored various partner programs. And the challenge was that for a lot of our early products took 5 minutes to sign up, and they just worked out of the box, and so there wasn't a lot of value to add as a value-added reseller. And so, while we had what I would call fairly standard success for the SaaS industry in working with partners, I don't think our products really facilitated getting the most out of the partner ecosystem. And especially, if all a partner is an order taker, then that's not a lot of value.
I think a handful of things have happened. One is that our products have gotten more complicated, and the ability to customize them in various ways has become much richer. So for example, with Workers, what we're seeing from a partner like IBM is that they can actually develop their own intellectual property for a particular industry vertical, deploy that on Workers, and then sell that same IP over and over again. That's great for them. It really drives their services revenue, and it's great for us because it means that we are getting more leverage in what we're able to deliver through partners.
The second thing is that I think we saw with Zscaler that their success with a handful of partners in selling Zero Trust products was really successful. Those products take more work to actually implement and deploy within an organization. It's not a 5-minute setup. And so, in that case, that's an area where we are able to work with partners. And in particular, we're very much following the playbook. And when we talk to the partners that are selling Zero Trust services, they all want to have more solutions in their basket to be able to bring to customers. Because in a lot of cases, the kind of previous Zero Trust solution either suffered from a lack of ability to scale, real performance bottlenecks, not having the total global coverage that global companies need, and Cloudflare addresses all of those things extremely well. So, I think that that's an opportunity for us.
In terms of profitability, I think the good news is that these more complex products tend to actually be the highest margin products that we have. And so, as we were designing the program, we thought that we could have it be both margin accretive to Cloudflare while also still being very attractive to the potential partners that are bringing that to market. And so, I think that this is an area that we're watching very carefully. I think it's a part that is -- we're going to continue to invest in. It actually is also one of the hidden benefits of us acquiring Area 1 is they had a lot more experience with the channel and with partners. And so, working with the team there to really design that program has been great, and the reception from partners has been terrific. So, I think it's a win-win for us and for our partners.
Very helpful, Matthew. Last one for me is a big government quarter coming up here. And obviously, you guys have -- just some integrated relationship. I guess, what are you seeing on the government agency side and that FedRAMP program? Thanks guys.
Yes. I appreciate it. We are -- it's like being in line with DMV. We've pulled our ramp number and are just waiting for it to come up for us to get our FedRAMP certification. And so we expect that we'll have very positive news for that next quarter. But we're basically at number -- we're number 84 and it's showing number 83 on the sort of red number counting board at the DMV. So, that's positive. We see across the board, not just with federal, but the example that I gave is the State of Arizona, we're seeing a lot more people adopt Cloudflare services in that government space. And so, I think that that continues to be a place where we have very strong relationships. And as we continue to get the various certifications, it will allow us to go even faster.
Your next question comes from the line of Alex Henderson with Needham & Co.
I was hoping you could talk a little bit about the context of the commentary around economic conditions. It's pretty obvious, the entire planet, the economies globally are decelerating. And particularly, Europe is under a lot of duress. But your initial comments was sort of that you saw that start to really manifest in 1Q and that it actually improved somewhat or at least stabilized in 2Q, yet you sound a lot more cautious on your thought process and so forth. And I'm wondering if there's a little bit of a disconnect between those two, the tone of those two. It doesn't sound like your business has rolled at all and sequentially got worse or more tense. But on the other side of the coin, you sound like you're being much more conservative in your outlook. So could you parse between those two a little bit?
Yes, Alex. I think that. What we see is that the environment has gotten harder. And I think we saw the first signals of that actually going back to December of 2021, and they really started to manifest in various ways, slowdown of pipeline, slowdown of customers paying their bills in Q1 of this year. And we talked about that on the last quarter earnings call. And I think some people were questioning why would we do that?
What I think we've been able to do, though, because we saw that, we acknowledged it. We didn't pretend like everything was normal, was really adjust to take advantage of the situation. And so, I think one of the real powers of Cloudflare's business is the diversity of our customer sets, both on a geography and also industry basis, the diversity of our products, and that allows us to have multiple levers to be able to continue to deliver even when the times get tough.
And I think if you go back to the COVID quarters, and that was definitely a time where we had to adjust how we went to market, what we did, what types of customers are we focused on. We really transitioned from being a business-driven primarily from getting new logos to one that developed a real expertise in how to go to our existing customers and sell them more. And I think there are a lot of analogies that are similar to the sort of adjustments that we've made that allowed us to have a quarter like this.
But make no mistake, we're still in what my grandmother would call, a tule fog. We've still got to go out and do the work every day of filling up the wheelbarrow with new leads, sifting through it to look for what's going to be the most promising and being able to deliver. But what I like about our business is, again, it's diversity across customer types, customer sizes, products, ways that we can go to market. And I think our team has done a good job of adapting to what is a much more difficult situation today than it was a year ago.
Alex, maybe one additional point. I pointed that out in my script, but -- and I didn't mention it in the previous answer. What we do feel is also currency headwinds, especially in Europe. So, even if the economic activity for us in terms of deal volume would be the same, we see the headwinds from a currency perspective in Europe, but also in other parts of the world, Japan, for example, that we need to digest.
Yes. That actually leads me to the second question that I wanted to ask is the European environment is particularly onerous with 20% currency translation headwinds in EMEA or inflation, rising interest rates, Bank of England just raised rates 0.5% today, in fact. And given that environment, they're struggling with huge price increases, particularly on systems in local -- in dollars plus the currency translation and their budgets are fairly flat.
Now, my understanding is there seems to be a separation between companies that are selling relatively low-priced/high-value technologies and companies are selling high-ticket technologies. Can you talk about whether you're aggressively low price? And the fact that you're a lower ticket upfront gives you a big advantage in that geography because of that characteristic and whether you're seeing more pressure on the higher value with the higher, bigger ticket transactions because I think ultimately, that seems to be the divining rod between who wins and loses in Europe.
Well, I think it's certainly a benefit that our products are mission-critical. But even then, at the high end and bigger ACV deals, decision takes longer. That's where you see the elongated sales cycles. The second factor in our favor is that gross margin is one of the strong points of the business model. When we deploy that web and we always talked a bit audit as a strategic weapon where it makes sense. So that doesn't mean price cutting. We try to be strategic and accommodating where we think it makes sense to build business relationship and business. But, we're using our margin to accommodate for that without any doubt.
Your next question comes from the line of Shaul Eyal with Cohen. Your line is now open.
Congrats on a set of results. Matthew, the first question for you. So, lots of discussions throughout the quarter, maybe some chatter around your crypto exposure, potential implications. Maybe a good opportunity here to address Cloudflare's exposure, maybe current thinking on this vertical, given the changing dynamics we've seen in recent months.
Sure. I mean, I think that we have customers that are in that space, including a number of the large exchanges. But I don't think that there are any of them that would crack being a top 10 customer. And I think as a whole, I don't know the exact exposure, Thomas may be able to add to it. But I will say that it's not significant enough that it has been brought up as a big risk item internally.
So, I think that we have always had -- I mean, I personally have never -- there's a lot of religion around the crypto space, where people are either hyperly pro crypto or hyperly against crypto. I feel like I'm the only kind of agnostic on crypto, where I don't think we have bet heavily on it. But at the same time, we've definitely made sure that if there are things that emerge from it, that we're in a position to take advantage of those. But that has not been a meaningful headwind to us.
Yes. And maybe some color. Our exposure to crypto was less than -- was single -- mid-single digits in percent of revenue, under 5% for the second quarter. So, not a big -- an interesting part in terms of the size and the amount of customers but not a big exposure to revenue.
Understood. And Thomas, maybe one for you, question on elongated sales cycle. I know it's a bit tricky, it differs from customer to customer. But maybe can you generalize for us how long -- how much are these cycles being elongated? Are we talking two weeks, three weeks, more than that? How could we be thinking about it? The word elongated is a very, very general term.
Well, I would say for the main part of our business, we are still far below 90 days from a sales cycle perspective. So, when we talk about elongated sales cycles, it's in the upper end of our cohorts where you look at the bucket, $500,000 to $1 million of ACV where it's moving out. But there, it's moving out by weeks, not by days.
[Operator Instructions] Your next question comes from the line of Fatima Boolani with Citi.
Matthew or Thomas, jump all for either one of you. Thinking about the shift to pay-as-you-go customers, some of your observations and commentary around elongating deal cycles that you just addressed. I'm curious if you can just sort of take a step back and bifurcate for us how new logo land purchasing and procurement behavior has changed versus expansion or installed base expansion customer behavior has changed over the last three months. And maybe if you can help contextualize this or put this under the lens of your product pillars, whether there is more or less usage or slower adoption of certain pillars versus others and certainly against the hardware supply chain constraint backdrop that we're in right now.
Sure. So, as I said in the prepared remarks, I think that it has gotten harder to sign up a new logo since the beginning of the year, but it's actually gotten easier to talk to our existing customers about using more of their platform -- more of our platforms in order to solve the problems that they have. And so, I think that that where we benefit is because we have such a broad product portfolio that allows us even in these times where signing up new logos is hard. We can go to our existing customers and have a conversation about how we can simplify their IT stack, how we can save them money, how we can make them more secure. And I think that that's attractive.
So, we're still signing up plenty of new logos. But I think that on balance, it has definitely gotten harder to sign up new logos and it has gotten easier to have conversations about expanding usage of our platform and especially adopting different products that are part of our platform.
In terms of what products are -- how the mix of products is changing, I think security continues to be top of mind that -- I think that there was real kind of concern around when the Russian invasion of Ukraine happened that there would be attacks that went out from Russia in retaliation against western companies. That actually did not materialize in Q1, the way I think a lot of people thought it would. But we started to see more of that start to materialize in Q2. It's still -- I wouldn't call it a trend yet, but we're seeing more companies come under attack and turning to us when that happens. And so, I think this is an environment where security products do very well. And across our security portfolio, we're seeing strength.
Your next question comes from the line of Joel Fishbein with Truist.
Matthew, at Analyst Day, you talked about acts in these large markets that Cloudflare is to go after, notwithstanding the macro environment, current macro environment. Is there anything that has changed in your philosophy about these big markets? And maybe you can just deliver us an update on these acts or large markets and where you're positioned maybe specifically around R2 and the big data that you have going on right now? Thank you.
Yes. So, we think of Cloudflare as stacking multiple adoption S curves one behind another. And so our first acts were how do we protect the infrastructure of customers around the world. And it is incredible to see how we've been able to do that successfully where today, more than 20% of all websites use our infrastructure.
We're continuing to sell those products, but I think that where we are earlier in that S curve is with our Zero Trust products, and we're able to go to all of those people who adopted our application security products and now say, "Hey, we can help you with Zero Trust as well." And I think that that is the big act that we're focusing on right now.
Act three for us, which I think will really start to hit in a material way around revenue in three to five years is really around Workers. And I think we have been very pleasantly surprised how that adoption has happened faster and sooner and earlier than we expected. R2, which is our object store and our Amazon S3 competitor went into public beta last quarter, and we expect that it will go into GA right at the end of Q3. And so, I think that that's an opportunity for us to do more and we continue to invest in it. And again, we think that the real durable nature of Cloudflare is that we're able to continue to stack these acts one behind another behind another.
Your next question comes from the line of Hamza Fodderwala with Morgan Stanley.
Matthew, maybe a question on the security angle for you. You talked a lot about having larger platform conversations with your existing customers. Can you comment on when you talk to CIOs, CISOs at these customers, what is their willingness to really want to transform and modernize their existing security architectures versus perhaps continuing to refresh their existing on-premise date?
Yes. I mean I think Morgan Stanley is a great Cloudflare customer, and we have a terrific relationship with the CIO team over there, and it's definitely an organization that has been willing to embrace change. And we -- I think that that's a big piece. And I think that most organizations today understand that they have to make that change, and they're very willing to have that conversation.
I think the thing that has changed to some extent is even those organizations that thought they could continue to invest in on-premise hardware are finding the current situation very difficult, where if you want to get a new firewall today, the lead times can be 9 months before you get it. And at the same time, the firewall vendors are raising their prices.
And so, I think that a lot of -- in the results, a lot of the sort of that RPO you saw in the traditional firewall vendors was people basically holding their place in line. But it's not a way to make customers happy, telling them they have to pay more and then delaying when the product is going to be there. And so even for some of the organizations that traditionally had said, "We don't believe in the cloud or we don't believe in moving in this direction," I think that, that tune is starting to change, and it's becoming very much the minority opinion that you can solve these problems with on-premise hardware.
Your next question comes from the line of Adam Borg with Stifel.
Maybe just for Thomas, I think you talked in the script about being more judicious and slowing hiring in the back half of the year. And maybe I was hoping you could talk a little bit more about which areas are still prioritized in terms of hiring and which ones you're kind of slowing a bit more. Thanks so much.
Yes. So, we grew quite a bit employee headcount wise in the second quarter. We said we take the velocity down quite a bit. We still prioritize go-to-market open positions and protecting people moving into the second half. So, the slowdown is in G&A and some of their R&D functions, but go-to-market is still going to continue to hire.
Your next question comes from the line of Andrew Nowinski with Wells Fargo.
Great. Maybe just a follow-up question on the operating income for the year. Your loss in Q2 is actually better than your guidance. I think you just said you're slowing hiring in the second half of the year. So, I assume the reason you lowered your operating income for the full year fiscal '22 was due to the Area 1 acquisition. And if so, could you just pull that out? Maybe tell us what your organic revenue and operating income would have been outside of that acquisition?
Yes. I don't want to deliver more -- much more specific than the color we gave on our -- in our script. But it is true with a couple of moving parts. Without the continued investment in Area 1, we would have been operating margin positive, probably more in the single-digit, mid-digit million dollar range for the second quarter.
And I assume the operating guidance for the year would have gone up in absence of that acquisition then?
We gave guidance for the quarter that took into account a lot of variables, and I am not going to parcel out now with the specific impact of Area 1 would have been -- if we hadn't done that acquisition. So, guidance is the holistic picture on many things that move, and you should take it as that.
Your next question comes from the line of Trevor Walsh with JMP Securities.
Matthew, maybe a quick one for you around your comments around DBNR. You mentioned your aspirational goal of 130%. What do you think is -- how do you get there? Is it kind of a function kind of where you're right now based on macroeconomics and just what's going on in terms of budgets, or is there something internally that you guys are looking to maybe change and/or kind of refocus efforts on in order to drive that number up? Thanks.
Yes. I think that it really is for us about how we bundle products together. Today, 29% of the Fortune 1000 are already Cloudflare customers. If you fast forward with that, I think that a very significant percentage of the Fortune 1000 are going to be customers. And so, what we really want to focus on is how do we get them to use more of our platform. And what I think is unique about Cloudflare is we've already got the products in place where we can have those customers adopt our -- more and more our platform.
There is not a single customer that uses every single feature of Cloudflare's platform today in terms of a contracted customer. And so, I think that's where we really see that growing. And I think that's a very healthy way to expand spend with customers is to become more and more critical. What we want to be is the network that the Fortune 1000 relies on for connecting to the internet, making sure that they're secure, making sure that their employees have the best experience possible and making sure that no matter what happens, they're always going to be online.
Your next question comes from the line of James Breen with William Blair.
Could you just talk a little bit about the CapEx? It's up a bit this quarter, a little bit higher than the guidance for the year, the range for the year. And how you think about that spending going forward? And maybe some of the puts and takes on cash flow relative to top line growth and where are areas where you can generate cash without too greatly impacting the top line? Thanks.
Maybe I could start on CapEx. I mean, we're going to stay within the range that we guided for the year. We said before, you will see variability quarter-to-quarter just in terms of how we purchase, where we see opportunity to pull in spend and make sure that we maneuver ourselves smartly around the supply chain disruptions you see. This is pretty much driving the variability quarter-to-quarter, but we will stay within the range we guided for the year.
From a free cash flow perspective, we said we have a lot of levers at hand. One of the biggest levers is moving to annual billing for our large customers. We are, from a company history perspective coming from a pay-as-you-go business where people gave us a credit card even at the beginning of the second quarter, the majority of our revenue was monthly billing. So, we've made first ride into that direction of annual billing. And there is a lot of opportunities still in front of us. So this, I would say, is the biggest lever, but we run a pretty holistic cash conversion project across the Company that looks into literally anything that can positively impact free cash flow generation. And it's a cross-functional project, and it's -- we're making good progress, and you saw that already reflected in the second quarter numbers.
Your next question comes from the line of Gray Powell with BTIG.
All right. Great. Thanks for taking the question. Congratulations for the -- on the strong results. So, yes, Matt, you called out the Fortune 500 energy company where you replaced Zscaler. And then you talked about some other similar wins. I just want to make sure I have it correct. Are those mainly on the ZTNA side with Cloudflare Access, or were there some gateway wins as well? And then, maybe can you just drill into a little bit more and talk about like why you won. Is it more on price, technology or a combination of those?
Yes. So, when we sell our Zero Trust solutions, we really believe that the pieces all fit together. And so those are typically wins. Sometimes somebody will just -- will just adopt one portion of the solution, but we really like to sell that holistic solution and see how all of the pieces fit together.
In terms of where we win, I think what we hear from the space is that our products are significantly more performant. We have a much more holistic solution where we can protect mobile devices in a way that a lot of the other providers can't. We can work across the geographies. When I was, this time last year, traveling in Africa using our products, they worked great, whereas most people in the space don't have that broad of a network that can deliver that.
And I think that we are just able to scale much more significantly. We have literally two orders of magnitude, more capacity to be able to handle the forward proxy traffic across us than any of the other providers in the space. And I think that that's why we've been able to displace some companies that have used -- that have tried to adopt Zscaler and found it less user-friendly and that it generated a lot of IT support tickets. But that's really not our focus. Our focus is going after all of the on-premise firewalls and hardware and VPNs that exist in the universe. And so, I think they can be successful and we can be successful, but I think we have a better product. And over time, I think that will help us win.
Your final question today comes from the line of Brent Thill with Jefferies.
Matthew, on Area 1, I know it's early, but can you deliver us an update of what you're seeing there? And I guess, again, on the last question, can I squeeze one in at the end? Thanks.
The Area 1 tech is amazing. So, the product, we're seeing really great wins from very large customers. And we think of that product as being a gateway to help with people on their Zero Trust journey. If you think about e-mail, the nature of it is it enumerates the employee directory of an organization, and it very much then helps us sell the other Zero Trust products that we have, and so that conversation is going well.
It's also a conversation that is going well in terms of talking to our existing customers. It turns out everybody has got a phishing problem. It is for most of our customers, one click to sign up and test whether or not Area 1 can result in that. And so, we're seeing $1 million-plus wins that close in -- oftentimes in a matter of days or a short number of weeks, which is just -- because we can just prove how successful that is.
I think beyond that, Area 1 has helped us in a number of other ways. One, as I mentioned earlier, is that they had a much more sophisticated channel program, which has now helped develop our channel program, and I think we're really thankful for that team being on board. And then, the third, which I think you'll hear us talk about more going forward is that they have a really world-class threat intelligence team. And that, I think, will turn into more products across our entire platform. And because I like you Brent, I'll let you have one more question.
I appreciate that. You've had the crystal ball and everyone appreciates your candor, and I think you were the first one to come out and say, hey, things are feeling a little different than they felt. I was just trying to understand, when you look at the perspective of what's happening now, you mentioned things have stabilized. I mean, I just want to make sure we understand from your perspective, it hasn't gotten worse. It's come in that your -- the stabilization trend that you're seeing, have you seen that extend into July and the rest of the summer. What's your sense of kind of the trajectory from where things came in, where are you at now?
Yes, you got me in trouble with a lot of my peers at your conference, where I said that the economy was not as rosy as people think, and I think you've heard a lot of those folks echo those comments now in Q2.
Let me be clear. I think that the economy is still in really rough shape. And I don't know -- and again, I'm not a member of the -- I'm not an economist. But from what we hear from customers, customers are really still suffering, And the economy, I wouldn't say that the economy itself has stabilized. What I would say is we have had the flexibility in our business to be able to adapt to a very difficult environment. That environment continues to be difficult, and I think it will be difficult at least through the rest of the year. But being able to deliver products that deliver real value, have an incredible ROI, can save customers' money and are must haves, not nice to haves, puts us in an incredibly powerful position. And as I said in the prepared remarks, I would not trade places with any other CEO.
This concludes our Q&A portion of the call. Matthew Prince, I turn the call back to you.
So, I'd like to, first of all, thank a bunch of the students from the Berklee School of Music to let us use some of their new and original songs for the hope music, going, going in. So, hopefully those of you who tuned in the call early, you appreciated that. I also want to thank the analysts for actually asking Thomas some questions this time. Usually, I get all the questions. Thanks to our team and all of our customers. We've got our hands on the wheel, our eyes on the road, and we'll see you all back here next quarter.
This concludes today's conference call. Thank you for attending. You may now disconnect.