In recent years, Symantec has adopted a strong acquisitions strategy, buying ON Technology, Sygate Technologies, Powerquest, Veritas, and most recently, asset management vendor, Altiris. In the second part of an in-depth interview with ARN's Nadia Cameron, Symantec managing director and vice-president Pacific region, David Sykes, shared his thoughts on future mergers and acquisitions as well as the potential of third-party relationships.
Can we expect to see more Symantec acquisitions?
Worldwide, I have no insight into M&A activities, but I think you can safely look at our history to draw conclusions about what we are going to do. And our chairman, John Thompson, doesn't make any secret of the fact that if we're going to get the kind of growth levels he wants us to get to, we're going to have to acquire.
At an infrastructure level, I think we're in pretty good shape but it has been interesting. We thought a lot of the learning and management was about the servers, gateways, the 'network is the system'. While that's held true, the reality is that there's a much stronger benefit than we anticipated in protecting the endpoint. Getting a consolidated endpoint security or protection capability has shaped up as the most significant strategy we're working on at an infrastructure level. Our new combined endpoint solutions which are coming out in September will be the most significant product release we've done in the last couple of years and that's where the Altiris acquisition fitted in. There's more opportunities for consolidation and integration: Altiris brings some other interesting technologies, particularly around virtualisation, so I think we've ticked the respective boxes in that area. But if a smart piece of new technology turned up at the right price, I'm sure the M&A guys would look at it.
At an information layer, we have IM, the capability to move to hybrid and mixed messaging, and we've got service, so it's looking good. Document management, data management and encryption is still wide open, as is the market and that's a space we could look at. We are doing a lot around our product called Database Audit, which is about understanding the information going out and coming in. My sense of it is we have the core technologies we need, but there are probably technologies that will evolve that we'll engage in. We do a lot of partnering in this space, for example with NetApp. Their acquisition of Decru, and what they have bought in the encryption area, adds a lot of value to what we do.
At the interaction level, the glaring hole is identity management. To quote Thompson, "I can go out and acquire something but I don't want to acquire today's solution. I need to acquire something that will take us forward to tomorrow". The standard key encryption, digital certificating and pieces of bio out there haven't yet come together in a form that is either represented by an organisation or technology you can acquire. And frankly you can't start to play that game seriously until you have the other two layers sorted. We have plenty of work in front of us in that respect.
Symantec has closed down its hardware operations. Why is taking a straight software approach more effective?
Because we're no good at hardware. We are a software company by heart and by nature. Look at the difficulty hardware companies have in becoming services companies. Some have succeeded, some have not, but every single one of them went through a world of pain to get there.
When you're in a software environment, you're dealing with stuff that goes over the wire. Just consider the RMA with hardware. All of a sudden you're dealing with physical stock and you need it in multiple countries. These are gateway appliances that when they go down have to be replaced within an hour. That whole logistics capability alone is a major challenge for a company that's never dealt with it before. Then you have the whole broadband driver. You get a hot box out there suitable for today's broadband and tomorrow it's not.
It's not that we're out of the appliance business. We're still have OEM relationships around the world to deliver those solutions on appliances. We just don't want to be the ones making, stacking, storing and delivering the boxes. And working with people who specialises in it - Juniper, NetApp, Dell - is a much smarter play.
Microsoft is a longstanding partner that has increasingly become a competitor. How do you see that affecting the security landscape and your own strategy?
At the end of the day, it's about co-opetition - it's alive and well. My first observation is anything Microsoft does that improves security in their environment is a good thing and I'm all for it. The vulnerabilities in various operating systems, not just Microsoft's, are the primary cause of most of the malicious codes out there. Spamming and scamming is changing that a bit, but these guys still fundamentally rely on exploiting an existing software vulnerability. And anything any vendor does to improve that situation - specifically the most significantly installed vendor in the world - is a good thing.
As Microsoft pushes forward into value-added products in their environment, yes, that's going to give us some competition, no doubt about it. But I don't think that's going to be a bad thing. At the end of the day, we still have to realise that Microsoft is not a security company. Their own chief security officer says that. I think they're moving towards providing a common denominator or level of security that should be there in all operating environments. But frankly, the threat landscape is changing so quickly that no sooner do you get on top of some of these things there's new bots, identity or privacy theft. There's very little in the current Microsoft offerings that will go towards providing significant protection against those types of threats. We still protect more people from more online threats than any other company in the world on any day. I think we have a strength set we can play to. I see [Microsoft's security play] as complementary and I'm more inclined to focus on that upside opportunity than waste energy on competing in what's rapidly becoming a commoditised - and it should be - anywhere, everytime type of offering.
- For Part 1 of this interview click here
- For Part 3 of this interview click here
- For Part 4 of this interview click here