Change Symantec

Symantec (SYMC), the internet security company best known for Norton Antivirus, is now looking for its third CEO in five years, amidst declining revenues. An embarrassment of epic proportions, considering the ever growing tide of internet security demands should comfortably lift all boats, especially that of its leader.


Questioning boards

The revolving door of CEOs highlights how corporate boards appointed by socialism perpetuate socialism, and are unlikely to find an outlier who breaks with the tradition of the past. For socialism – by economic principle – is incompatible with finding outliers.

Moreover, most board members have no deep insight in the critical success factors of the company they serve, for the ecosystem of every company is unique – because their product differentiation is. And thus boards can only use the flows of money as the primary report of success to instill confidence on Wall Street. A flow that, especially in tumultuous times, is not necessarily in cadence with the requirements of a new vision needed to steer away from the improper extrapolation of its founding past. And thus a board’s appraisal of company performance is generally superficial, and its proposed remedy lacking depth and resolve.

Apple slipped up under the auspices of its board, where a string of CEOs brought about Apple’s deep-rooted derailment: John Sculley (10-years), Michael Spindler (3-years), Gill Amelio (2-years). And Steve Jobs was only allowed back into Apple (on an interim basis) after the board had no other alternatives, and the company was about to run out of money. Steve brought Apple back to its roots, and rolled out the vision and execution, erasing years of the board’s misplaced guidance.

The same at CNN, where its founder Ted Turner invented a narrow but deep focus on news, that turned CNN into the dominant network and highest rated channels on cable television. A focus and dedication that has since been eroded by Jim Walton (10-years) with a monetary strategy that misplaced the vision upon which the company was founded. CNN should know better than to have cutesy analysts and reporters in a studio be the cheap creators of hearsay, instead of report the news where and when it happens. Jeff Zucker is up next, and will have to decide how CNN can once again become the king of one, versus the king of none. I suggest Jeff bring back CNN to the vector of its roots.

The message here is not to underestimate the accumulated damage the wrong CEO can leave behind, when the company by virtue of market-pull or slip-stream still produces reasonable numbers. The company will have already incurred a change in culture that made the strong leave and the weak stick around. And thus the damage brewing under-the-hood is more than twice the size of the misalignment with industry adoption and greenfield as its index.

Hence Symantec’s problems are serious, and should not solely be measured by a reported 4.8% decline in revenue, but instead be compared to the rate of increase in security product adoption (in my days there around 20%) across the industry.


The semantics of Symantec

The string of CEOs at Symantec include John Thompson (10-years, now Chairman of the board at Microsoft, responsible for the hiring of Satya Nadella), Enrique Salem (former Brightmail CEO) and recently ousted Steve Bennett (former Symantec Chairman).

John Thompson came across as a well-spoken and kind man, and so I hear a great cook who invited his management team to his house in Hawaii for periodic tastings. A man who built Symantec up at a pace in tune with the gravy train of a bull-market in desktop security.  He did well, until the gravy was gone and market-pull no longer automatic. Around the tipping point of difficulty he reshuffled the management team with the wrong executives, people I knew from my days at Oracle, with similar bull-market acumen. And in a sign of ultimate desperation, he hired management consultant McKinsey for more answers and direction.

During my time as a consultant with the company I too looked to get my questions answered. But I have a unique way of getting to the truth. It simply consists of asking the right questions, straight to the heart of the matter. And when answers do not come easy, I dig them up myself. Like a bull in a closet full of China if I have to, a closet of business that should have no China in it in the first place.

The clearest sign of a company on a slippery slope is when it formulates a perception not in touch with reality. The reality – I found out – is that the sizable acquisition spree Symantec was on, did not quite yield the positive net value as portrayed. Not even close.

Brightmail, the startup of Symantec’s next CEO; Enrique Salem, was way overpriced, and poorly integrated in the existing sales channels not surprisingly under-delivered. In fact, the majority of enterprise security products, my financial analysis revealed, performed below the water-line of adoption in the security industry at the time. A financial report I sent to the executives, and fell on deaf or un-wanting ears.

Even when I unceremoniously performed a deep dive into Symantec’s core (consumer product) value chain, I discovered the millions spent on developing a corporate strategy were wasted, and the strategy utterly ignored by the time it reached the sales people who’s job it was to convince customers. The bulging channel marketing strategy for small business was constantly rewritten and repurposed to become relevant and usable, incurring incremental costs and delays that were not only unnecessary, but jeopardized the outlook for emerging products.

Symantec’s core operating model was fat-and-happy from Norton’s illustrious past, and became ineffective, too costly and inflexible in meeting the hybrid protection against new security threats its customers needed.


Then, and now

My work at Symantec was 9-years ago, a few years before John Thompson’s departure. From what I see, and hear through the grapevine, the company still has not fundamentally changed. All while the demand for security has shifted fundamentally. With interest in the company’s products further deflated when Symantec’s last CEO at the last RSA Security trade-show in San Francisco publicly declared not to want to focus on innovation.

Not a smart strategy, considering a choice for any company to either build or buy, Symantec performed poorly on both.

Internet security demand is booming, and will remain a booming business for as long as the prevailing technology stacks consist of highly fragmented pieces of technology lodged in the public domain. But it requires a company willing to innovate aggressively to seal the edges of the technology stack, and make some crucial acquisitions now, to put new and immediate weight in the changing game.

So, to repair Symantec does not require a genius, but someone who is willing and able to simply face the facts.

Here are my top-three recommendations for Symantec:

  1. Re-envision the security threats new technologies pose. Much of the weight of future threats have moved away from client technology (Symantec’s core competency) to the cloud. New dominance is needed there.
  2. Re-evaluate and flatten the value-chains by which products are delivered. Disinter-mediate the value-chain and enable direct to customer decision-making and purchasing.
  3. Reduce the size of the product portfolio, by reducing the number of SKUs. Kill under-performers and go deep and invest in the product categories of the future.

My loyalty and value to any customer is always to tell them the truth, the truth for which I believe Symantec hired me then. I hope the company finally takes my advice. To listen to an inconvenient truth proven right once again, so it can now point itself towards a realistic and renewable future it deserves.


The sign of an intelligent nation is its willingness and ability to reinvent itself, upstream. Let’s inspire the world with new rigors of excellence we first and successfully apply to ourselves.

Click to access the login or register cheese