• United States



Contributing Writer

Summarizing Symantec

May 31, 20114 mins
Amazon.comCisco SystemsCloud Computing

My observations of Symantec after its NYC analyst event last week

The overall mood was quite cheery at Symantec’s annual analyst event last week in New York City. This is quite understandable. Symantec just posted strong Q4 earnings and actually beat the Street’s estimate on revenue. Symantec is also forecasting revenue growth of 10% or more for Q1 FY 2012.What’s driving Symantec’s recent success? The company did especially well overseas, growing offshore revenue by 10% in total and 22% in APJ. Symantec did very well with its industry-leading DLP offering (formerly Vontu) — CEO Enrique Salem mentioned that revenue had more than doubled year-over-year. The consumer business was also up 6%, contributing 31% of total revenue. Symantec seems to have outgrown the reputation as the Rodney Dangerfield of the technology market — it finally is getting some respect. This is good for the company but after sitting through a day of presentations, I believe that Symantec has a number of opportunities to raise its image and capitalize further on a number of technology trends. Here are a few observations and suggestions:1. Symantec stated that it did better than expected with the Verisign certificate and identity asset acquisition and believes there is a lot of upside in future identity services. Forgive me if I pat myself on the back about this one. The 20-somethings on Wall Street (and the 60-somethings at Gartner) got this one totally wrong when they said that Verisign was nothing more than SSL certificates — a commodity market. Not only is the SSL certificate market far more healthy than they claimed, Verisign managed PKI/identity service has tons of upside. Do people really want to own and manage RSA tokens anymore (to say nothing of the impact of the RSA breach)? In a word, no. I believe that the Verisign assets will be the foundation of a whole new portfolio of Symantec “trust services” moving forward. The more the cloud takes off, the more financial potential for Symantec here.2. Symantec has the opportunity to define and lead in the amorphous category called “information governance.” No, I’m not talking about eDiscovery and archiving alone. I’m talking about the whole information management enchilada: discovery, classification, acceptable use, access control, encryption, DLP, backup, legal use, etc. There is an enterprise business process waiting to be codified into policies, best practices, compliance, and controls here. Others play here as well but I can’t think of another vendor with the portfolio muscle that Symantec has. Symantec should wrap this with a professional services lead and create some enterprise-class industry solutions underneath.3. Symantec marketing people take note: You have one of the best cloud computing stories that few people have heard of. I’m talking about the 60PB of information you backup and store for your customers. This should be a cloud computing success story that everyone name-drops along with Amazon and I’d spend some dough to get the word out if I were you.4. Symantec talks about “information-centric” security but I believe that the company should be looking at application and database security as well. There is upside opportunity here that would complement the existing portfolio.5. I keep waiting for the Symantec ecosystem of vendors and software developers. To me, this is a necessary step for the growth and maturity of the company. 6. I like the relationship with VMware but I’d be taking a hard look at open source cloud platforms like OpenStack, the Xen Cloud Platform and Eucalyptus over the longer term.7. Symantec needs a better story on how it integrates and interoperates with network security. Why? Network security is the second biggest sub-market in the security space (behind endpoint security) for one thing. But the real reason is that the network is a nexus for both security monitoring and policy enforcement. Symantec dips its toe in this market while its competitors are neck deep. Heck, even RSA Security, a company with no networking business, went out and acquired NetWitness. I’m not saying that Symantec needs to buy SourceFire (though the thought has crossed my mind) but I am saying that it needs a better way to accommodate network security technology and vendors. Lots of observations and suggestions here to ponder but it’s hard to argue with success. Symantec has some lofty goals for 2012, I just think there is more upside than most others do.

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author