Q&A: Symantec CEO On DigiCert Deal And Partner Growth With Platform Security

Clark On The Record

Symantec had a big first quarter this year. The Mountain View, Calif.-based company announced two acquisitions, the divestiture of its website security and PKI business to DigiCert, and overall growth around its platform security strategy. CRN caught up with CEO Greg Clark around the company's first quarter earnings call Wednesday to talk about the divestiture news and what it means for customers, as well as the progress the company saw around its integration of Blue Coat and Symantec and the emergence of its platform security story. Take a look at what Clark had to say, and why he thinks Symantec is positioned to beat out the competition in the long run.

Talk about the divestiture of your website security and PKI business to DigiCert.

I think we are very proud of our history in website security. We have a great technology there and a great set of customers and a great brand. Partnering with DigiCert and Thoma Bravo and the acquisition of that technology by DigiCert was something that both allows the focus that that technology needs – it is not a part of our Integrated Cyber Defense platform. The focus it needs can absolutely be delivered by the combination of the Symantec team and global infrastructure and DigiCert. It answers a lot of the questions that the browsers had, from Google and Mozilla. It really moves the needle forward.

What will the impact be on customers?

It allows the company to be [able to] really invest in the next generation or next era of web PKI, which includes a lot of the automation around certificate management. We feel very good about what we have done for our customers in the DigiCert relationship. That's very, very, very pro customer and we think the browsers are going to like it and that customers won't have to be in a situation where they maybe have to be worried about PKI. It's a very pro-customer situation there and it's really created a company that can thrive and be a big benefit to the web-PKI ecosystem. It has plenty of margin and plenty of reach to be a very important player in improving the security of that part of the industry.

How did the back and forth with Google over your web certificate business play into the deal?

Some of the media reports were of a hostile situation. I think we had a good collaboration with Google during that process. They wanted some things done, and we were working on them, and I think we came to a good outcome. I think Symantec and Google have a better relationship because of it.

The divestiture puts more money in the bank for Symantec – what can partners expect that money used for?

I think we will make some comments on our conference call about that. It's not like we are laying out any big elaborate M&A strategy. Everything is evaluated on its stand-alone merits. We like where we are right now. We don't have anything revolutionary to talk about on that front. It's just great for our balance sheet, and I think the industry will appreciate the announcement we are making with DigiCert today.

Symantec just reported earnings – what were some of the key highlights?

We have been very focused in our enterprise segment on what we call Integrated Cyber Defense. That's really about bringing together the combination of the endpoint, the network, cloud stacks, and the great things we have … In the quarter we saw fantastic uptake on that Integrated Cyber Defense story. We are seeing many more multi-product that wouldn't have been there if it was just Blue Coat or just Symantec… We are extremely excited about what we have done and our pipeline around that because it really saves our customers a lot of energy, which allows us to go after other problems in cyber defense. For example, if you buy our web security stack in the cloud and you need a cloud access broker and you need data protection and you need some multi-factor authentication, you don't have to do any of that integration. The customer gets to take some of their budget back, and then they can do other things with that. We are extremely excited about our Integrated Cyber Defense story and how that is tracking.

Do you see the same cross-selling trends with partners that you saw with the business overall?

That's definitely coming through the partners also. We have got partners that are I would say at arms-length with us around Integrated Cyber Defense and we have others that we may be walking into customers with an affiliation with one point vendor or not. We integrate with point vendors and we think that's an important part of the ecosystem … You will win if you take our product in there ... We actually want the partners to really embrace our Integrated Cyber Defense story, even if they have an alternate product or piece of it. That's okay. We're very pro-partner in that and we have integrated plenty of our partners into that architecture in the past. If one of our partners or MSPs is wedded to some other stuff, that's okay. We definitely think over time we can increase their margins if they come over to an integrated strategy.

What sort of product updates have we seen over the last quarter?

We are really active in both the endpoint, the network, and the threat analytics stuff that goes all around it … We are going to release SEP 14.1 later this year. We're closing every gap in EDR, and we think that brings the hyper-converged security endpoint to the table. It's signature-less, signatures, all the AI, all the machine learning in a highly scalable EDR from one vendor at a great price. Things look pretty bright for us. We're pretty excited about it. I think we made the right moves a year ago, and 18 months ago, that are really paying off now. Some of the stuff that we've been doing here in just the last few weeks is really plowing us forward for what is going to be happening next year and the years after that. I look at the competitors, and I feel really good about the fact that we are moving the innovation. We really are. It's provable in our product roadmaps and its provable in our releases.

Talk about the two acquisitions Symantec made in the last few weeks.

We did the two acquisitions last month of Fireglass and Skycure … Fireglass and the isolation technology is phenomenal. We have a bunch of folks that are reporting up to 70 to 80 percent reduction in the alert noise in the SOC after putting Fireglass in place. That's meaningful. That's the kind of stuff that gets deals done and moves things forward. We're extremely excited about that. Skycure – we went from not really having a solid story around iOS to having the best story in the industry around iOS. These are not things that we are OEMing, like some of our competitors, but these are things that we own. We have really motivated those teams to excite our customers and drive that forward. We love that technology – not only does it really round out our mobile security but it brings the SEP 14 right to the forefront of everything mobile, but it also is a great piece of our arsenal for closed operating systems. It works really well with closed operating systems like iOS and Windows 10S, which I think is something our competitors will have a hard time with.

Did Symantec see any impact from the WannaCry and NotPetya ransomware attacks?

WannaCry didn't get us – it didn't get our Norton endpoints or our SEP endpoints … All these next-gen guys are running around trying to make sure they are covered. We had that covered. That's building really strong pipeline for us.