Symantec in a position to progress and prosper

Symantec has some internal challenges and increased competition, but it appears to be facing these challenges from a position of strength in the market.

When Symantec and Veritas joined forces, Symantec Vision (its customer and analyst event) was a regular spring ritual. Like the swallows coming back to Capistrano, I made an annual pilgrimage to Las Vegas, parked myself at the MGM or Venetian, and spent a few days catching up on the latest Symantec buzz.

Alas, when Symantec divested Veritas and acquired Blue Coat, Symantec Vision was put on sabbatical for a few years. Yesterday, Symantec renewed its analyst outreach, however, with a new-look analyst event here in Boston. The company highlighted:

  1. Its integrated cyber defense platform. Since the Blue Coat marriage, Symantec has been quite busy gluing its products together. It started with basic point-to-point integration but has since evolved into the creation of an end-to-end architecture, integrated cyber defense (ICDx). Symantec touts that ICDx is a single point of integration for security telemetry, threat intelligence, and data management. Furthermore, ICDx provides publish/subscribe middleware and message bus services to support heterogeneous cybersecurity tools. ICDx is also an open architecture (similar to ESG’s SOAPA), based upon open standards and APIs, and Symantec is even working to champion open cybersecurity software architectural with OpenC2, a standards effort led by OASIS. To further promote ICDx across the industry, Symantec crowed about its technology integration partners program (TIPP) and a laundry list of other cybersec vendors already signed up.
  2. It’s focus on termination points… Symantec talked about a "dark" internet where nearly all traffic is encrypted. In this scenario, Symantec believes that security oversight must migrate to termination points. In Symantec’s view, this equates to four central termination points: Endpoints (of all kinds), network proxies, email, and cloud-based applications. Symantec then reminded the analyst community about its well-established real estate in each area.
  3. …And modern operating systems. Symantec rightly points out that the world has moved well beyond Windows PCs and servers, while many competitors have not. Yes, these systems are still highly targeted, but Symantec believes enterprise customers need similar protection on mobile devices (iOS, Android), cloud-based workloads, IoT devices, etc. Symantec claims it can protect this potpourri of systems with a bright yellow security blanket.
  4. Data security. It was appropriate for Symantec to focus on data security the day before GDPR took effect. Symantec has been a leader in this space since its acquisition of Vontu – way back in 2007. (Author’s note: Wow, do I feel old!)  While much of the industry continues to ignore data security, Symantec has been innovating in this area by marrying DLP with machine learning analytics from Bay Dynamics, integrating DLP and identity management tools, and using data access patterns in concert with its threat detection tools. Symantec rightly points out that as organizations have less security control over their infrastructure, they need more security control over their data. 
  5. An evolving consumer security agenda. While many of its AV competitors are walking away from the consumer market, Symantec is doubling down. It acquired LifeLock in 2016 and now offers creating bundles of LifeLock and Norton products. Symantec is also dipping its toe into the connected home market with the introduction of Norton Core, an all-in-one device designed to offer easy management, security, and data privacy for connected devices on the home front. 

Key points about Symantec

Symantec addressed a lot at the event, far more than can be covered in a short blog post. Nevertheless, here are a few of my take-aways:

  • Symantec’s platform story is far better than most people think, and that’s a bit of a problem for the company. Cisco, FireEye, McAfee, and Palo Alto Networks have been telling their platform stories far longer and with more detail than Symantec has. Messaging to the analyst community was a good starting point, now Symantec needs to broadcast its platform play at a high volume to the cybersecurity diaspora at large.
  • I believe there is a similar situation with Symantec resources. The company doesn’t seem to get adequate credit for its deep expertise in areas such as threat intelligence, artificial intelligence, government programs, etc. Symantec must also increase marketing efforts in these areas to establish the soft power in the market that it deserves. 
  • I see anecdotal evidence that for every security dollar spent on product, two dollars are spent on services. Given this market dynamic, I’m puzzled as to why Symantec continues to undersell its services prowess. Maybe I missed it, but I believe there should be a professional and/or managed services component to everything Symantec does.
  • Symantec is cooking up something quite visionary for consumer security. I left the event hungry to hear more.

Symantec certainly has some internal challenges ahead while it also faces some crafty competitors as the impending cybersecurity "platform wars" gain momentum. Despite these issues, I left yesterday’s event with the impression that Symantec faces these challenges from a position of strength in the market. If it executes well, Symantec should continue to progress and prosper. 

Copyright © 2018 IDG Communications, Inc.

The 10 most powerful cybersecurity companies