The New Old Guard: Symantec And McAfee Fight To Regain Dominance In The New World Of Security

In the security market, what's old is new again.

Symantec and McAfee, two companies that 10 years ago were at the vanguard of the war against email threats in the PC era, have since lost ground in the IT security market to a slew of hot startups with next-generation technology. But the giants are not content to sleep, and now both are trying for a comeback.

With a focus on new technology that goes well beyond anti-virus as well as robust channel strategies and road maps for innovation to challenge their younger rivals, Symantec CEO Greg Clark and McAfee CEO Chris Young believe their respective companies are poised to once again dominate the security space.

Sponsored post

As fate would have it, the two security stalwarts have arrived at this point in their journeys at the same time, both looking to architect resurgences after a series of spinouts, acquisitions and senior management changes.

"This is an important transformation that we're going through," Young told CRN. "Cybersecurity is maturing and we're going to see that in five years it's going to be very different than it is today. … We aim to help define that future in a meaningful way. We won't rest until we get there."


Security Vendors Need To Work Together To Beat The Ultimate Competition – The Attackers

Legacy players and startups know that collaboration and an integrated security approach are the keys to winning in the market.

That's a future Symantec also is bidding to define, Clark said, transforming its business and bringing to the table its own vision of what that future looks like for customers and partners.

"We have done a very strong transformation, acquisition and repositioning of Symantec for our enterprise customers around integrated cyberdefense, which we're doing very well at," Clark said. "We put those things together and we have a fantastic growth engine for the long haul."

It's clear why Symantec and McAfee are both looking to win in the space—the security market is growing at a rapid pace, expected to hit $202.4 billion by 2021, up from $122.5 billion in 2016, according to research firm MarketsandMarkets.

However, both companies have seen drastic declines in their share of the security software market in recent years, according to research firm Gartner.

In 2005, Symantec held the top spot with 32.2 percent of the worldwide security software market by revenue, and McAfee held 12.4 percent at No. 2, with both seeing double-digit year-over-year growth, according to Gartner. Ten years later, Symantec and McAfee (then known as Intel Security) still owned the top two spots in the security software, but their share of the market had dropped dramatically: After three consecutive years of revenue decline, Symantec held 15.2 percent of the worldwide security software market in 2015, while McAfee was at 7.9 percent after a year-over-year revenue dip.

At the same time, both companies have undergone significant transitions, with Symantec buying storage vendor Veritas in 2006 and then divesting that business 10 years later, while Intel bought McAfee in 2010 and then sold it in 2016. The two companies endured eight CEO changes between them during that span.

While they both focused on their legacy technology and perhaps got distracted by larger business issues, the security market evolved, most notably with the rise of several next-generation endpoint security startups, including Cylance and Crowdstrike, which shook the market Symantec and McAfee had long dominated.

Symantec President and Chief Operating Officer Michael Fey, who previously served as executive vice president and CTO of McAfee from 2012 to 2014, said both companies "lost their way" during that period, resulting in market-share loss and skepticism from solution providers and customers in the companies' technology and go-to-market strategies. Now, Fey said, they are looking to regain that lost ground.

[Related: Security Vendors Need To Work Together To Beat The Ultimate Competition – The Attackers]

"I think we're now infinitely better prepared to compete," Fey said of Symantec. "It's showing in our numbers; it's showing in our growth; and it's showing in the people that we're [hiring]. … This is where we're going to build the future."

Symantec and McAfee are now revving into the market with a platform security strategy. The result is what Fey called the "age of the platform wars" as the two go head to head in a bid to become the core of a company's security infrastructure.

However, each defines that "platform" differently. Both security vendors say they aim to provide a single, integrated platform-based approach that brings together its own broad set of products with those of third-party vendors. The ultimate goal, both say, is to drive analytics and automation, while reducing complexity. Where the two platform visions differ the most is in how many pieces of the security puzzle they look to own.

Santa Clara, Calif.-based McAfee is looking to drive focus on what it calls the "threat defense life cycle," including endpoint, data center, data protection and cloud security, as well as investments around overarching analytics and automation. The focus is not on owning all the pieces of the puzzle, but rather on integration with the company's Data Exchange Layer (DXL) offering, Executive Vice President of Corporate Products Brian Dye said.

"Even as one of the biggest players in the cybersecurity industry, we cannot cover all the threat surfaces," Dye said. "What we can do is be the best in the world in a few different areas. … You have to pick the areas where you will be the best in the world and pick those who are best in the world [to partner with] so we can be the best in the world together."

"Our main strategy is around recognizing the real issues that organizations have in defending their environments. It is not simply about having the right technology, it's also about practically being able to install and manage such a large quantity of complex capabilities," McAfee CTO Steve Grobman said. He defines a security platform as "a common set of infrastructure that is able to survive the life cycle of the technology that sits on top of it."

For its part, Mountain View, Calif.-based Symantec is looking to own more of the pieces. Fey said the company's offerings—from secure web gateways to email to data loss prevention to multifactor authentication—allow customers to choose a single, fully integrated platform, as well as the option to integrate with third-party solutions.

"I think the approach is significantly different," Fey said, comparing Symantec's strategy to McAfee's. "We're open to being integrated with and we encourage our competition and partners and customers to integrate with us, but we also stand alone with a full cyber posture across our platform. … We represent a larger amount of the security footprint than we did a couple of years ago, while they represent a smaller one. That's a big difference."

Building A Security Vendor For The Future

To deliver on their visions, McAfee and Symantec have made drastic business changes in the past year.

Symantec has been on a multiyear journey to turn around its business, including the $7.4 billion sale of its Veritas storage business. In June 2016, the company said it would acquire Blue Coat Systems in a blockbuster $4.65 billion deal. The acquisition closed in August 2016, adding a robust set of cloud security and secure web gateway capabilities, as well as moving then-Blue Coat CEO Clark into the Symantec CEO role. Symantec also has invested big in its consumer business with the $2.3 billion acquisition of LifeLock, which it completed in February of this year.

"When I think about where Symantec was five years ago, versus where we're at now, I couldn't think of a bigger differentiation as a cybersecurity company between the two," Symantec's Fey said. "We're fired up."

McAfee has been through a business transformation of its own. It was acquired by Intel in 2010 for $7.7 billion—and renamed Intel Security—to fulfill a vision to embed security into the chip. When that vision didn't come to fruition, Intel Security embarked on a new strategy of securing the "threat defense life cycle," including technologies for protection, detection and response.

After shedding many product lines to drive focus, the culmination of that strategy was the September 2016 news that Intel Security would once again be a stand-alone security vendor, spinning out from Intel in a $4.2 billion deal to private equity firm TPG Capital. McAfee re-assumed its heritage brand when the deal closed in April of this year.

"As an independent company, we're going to move faster. … This opportunity, for us, is about innovation. It's about speed and agility. It's about growth," McAfee's Young said. "Our goal is to ultimately lead the market and to build a large, healthy cybersecurity company that is able to help customers really solve problems and do it effectively. … We don't want to just be the biggest—we want to be the best."

Partners of both vendors said the transformations were crucial. "It's been invigorating. … Symantec has a purpose again. We're aggressively moving forward with Symantec," said Steve Barone, president and CEO of Detroit-based solution provider CBI.

That wasn't the case a year ago, Barone said. Symantec's push to divest its Veritas business, and then its blockbuster acquisition of Blue Coat, served as a turning point for the company, he said.

"Symantec was a bit demoralized before the Blue Coat acquisition. The product portfolio had gotten a bit stale and even from a direction standpoint everything [wasn't] in line. … Since the Blue Coat acquisition, it's been 180 degrees the other way," he said.

McAfee partners said they expect to see a similar transformation now that it is independent of Intel, with potential acquisitions and product investments on the horizon.

Mark Miller, vice president of sales, south central, for Dallas-based M&S Technologies, a Kudelski Security company, said McAfee "took its eye off the ball for a bit and was dormant" under Intel. Now, he said the "restraints are off." "They have the opportunity to emerge more empowered and can hopefully further define their strategy, demonstrate their uniqueness, and add to their product line with some of this new, next-generation technology," Miller said.

That transformation is driving sales, with M&S Technologies' McAfee business up from $2 million in sales five years ago to more than $12 million last year, he said. He expects "significant growth" with McAfee this year, with sales between $15 million and $20 million.

Philip de Souza, founder and president of solution provider Aurora, a Torrance, Calif.-based partner of Symantec and McAfee, said the transformation of both companies has been key to enabling them to adapt to the next generation of security. Symantec's acquisition of Blue Coat was a "shot in the arm" for the company, he said, adding he also is looking forward to seeing what McAfee will now do as an independent company.

"My personal adage is if you are not changing, you are dead. … The more opportunities and the more new stuff that we can bring to the table, the better for us," de Souza said. Aurora has shifted "significantly more" of its business through the two vendors since the push toward a platform security strategy, he said.

Deb Gannaway, principal of Tampa, Fla.-based DG Technology Consulting, said customers will be the ultimate benefactors of Symantec and McAfee pushing to offer full security platforms.

"As a partner, this is just a great opportunity because we are going to be able to provide solid solutions that can go into the future and be innovative. … I think it's a great thing for the market, and I think having both of those vendors in the market is definitely a good thing for the customer," Gannaway said. DG Technology Consulting is a McAfee Platinum partner.

However, with the emergence of two independent, focused cybersecurity platform players also comes a resurgence of competition, as both vie to be the security platform of choice. "We have respect for all of our competitors in the security industry. … McAfee is definitely someone that we think is a viable competitor, for sure. … We think there's a few headwinds there, but what I try to focus on is just making sure that our products are the best. … I think we're a force over here," said Symantec's Clark.

Symantec's Fey added that McAfee's journey is "far from done," as the company works to rebuild its brand and position in the market. That transition will be more difficult without the full backing of Intel, he said.

"I think they have just begun their journey to be an independent company. … You're talking about {Symantec with an $18 billion market cap versus] one that just spun out for $4.2 billion," Fey said. "When you're talking about a platform war, a foothold is a very important part of it."

However, McAfee executives maintained that the company's return to independence and its focus on building an integrated security platform will enable it to win over the long term. "Symantec is a different company and they're going to have to make different decisions about technology, about people, but they have challenges. We have challenges. But, I like our position in the market right now," Young said.

The Rise Of Next-Gen Technologies

The push to become the security platform of choice comes as Symantec and McAfee face pressure from a wave of up-and-coming startups. While both large players offer endpoint technologies with next-generation endpoint security capabilities, including Symantec Endpoint Protection 14 and McAfee Endpoint Security 10.5, upstarts like Crowdstrike and Cylance have been nipping at their heels.

According to the Technology Business Research Security Market Forecast, the top five endpoint security vendors by revenue—McAfee, Symantec, Trend Micro, Kaspersky Lab and Sophos—accounted for 54.7 percent of the business-to-business security market in 2016. However, Technology Business Research said it expects that percentage to drop to 53.8 percent by 2021, driven in part by the new wave of startups. "This might not seem like a lot, but [endpoint security] will be an $8.8 billion segment by 2021 … so the loss of nearly 1 percent of share can make a big difference in an endpoint security vendor's future. … We focus on this not so much as a loss of 1 percent share for the top five vendors, but the opportunity for another vendor to come forward and take another percentage point of share from the larger vendors," said Jane Wright, principal analyst for security at Technology Business Research.

CEOs Clark and Young exude confidence they can beat the startups, citing large research and development teams, cash reserves, and proven viability for the long term as major advantages. "If you're a partner, who do you want to hook your wagon up to long term in this industry?" Symantec's Clark asked. "If I was a partner, I'd want to make sure that I was selling Symantec products because you're going to be doing it for a long time. … We have the capacity and the balance sheet to make sure we're relevant [for the long term]."

McAfee's Young said startups play a critical role in helping customers solve particular security problems. However, he said the vastness of the cybersecurity challenge also demands that larger vendors step up to the plate with a broader platform of security offerings.

"The market really needs strong, healthy cybersecurity companies," Young said. "You need big companies who are able to be global and who are 100 percent focused on this problem. … That's what I believe is significant about our re-emergence as one of the largest players in this space, with a laser focus on this problem."

That's a shift partners are seeing as well. M&S Technologies' Miller said customers are often attracted to "what's new and exciting," but he sees the majority of customers ultimately moving to a model focused on a single vendor, with other "feature" technologies added on.

"We are seeing customers moving away from point products and shifting back to buying a one-vendor all-encompassing solution. … Or having one vendor be the bedrock of their security posture," Miller said. "There is interest in some of the startups, but they are just the shiny new toy right now. … Some of these new products are features, as far as we are concerned."

However, Crowdstrike CEO George Kurtz, who previously served as worldwide CTO and executive vice president at McAfee from 2009 to 2011, said legacy vendors will struggle long term. Startups such as Crowdstrike were able to "start over" and develop a cloud-native platform from scratch, without the handicap of legacy technology portfolios, he said.

"I was at McAfee. I understand what they have, and it's very difficult for any of those companies to create a cloud-native platform," Kurtz said. "While the other companies are bigger than us, we continue to take market share from them and have customers that delight in our technology.

"There really is a model of someone coming into a very mature market, which suffered from innovators' dilemma. … I think it's been done before, and we have a great shot to emerge as one of the new leaders in the space for many years to come," he said.

In addition to the cloud, Cylance founder and CEO Stuart McClure said a reliance on signatures will challenge Symantec and McAfee. Even as both roll out next-generation capabilities, McClure said they are still using signatures—but signatures created using more advanced features rather than purely relying on machine learning.

"This is a fundamentally different approach that they unfortunately … are just never going to really figure out because they are so mired in their cash cow, their traditional business," McClure said. McClure also was at McAfee, serving as executive vice president and worldwide CTO from 2011 to 2012 before founding Cylance in 2012.

Customers are craving that innovation, according to McClure, who said that 99 percent of the customers he talks to have "completely given up on traditional [anti-virus] and want to replace it completely."

"[Legacy vendors] can't innovate. It's actually a physics impossibility," McClure said. "The physics of moving that big of a company and getting that level of domain expertise into the company is just too challenging. It's just way too difficult and it is just not going to happen. [Platform security] is the only real play they have."

A Partner's Market

The complexity of the security market means that there's an incredible opportunity for partners who can establish themselves as next-generation security solution providers.

DG Technology Consulting's Gannaway said she sees an opportunity to establish her business as a "go-to" partner as customers evolve to a security platform architecture. "We can really come in and help provide the overall solution to the client, regardless of the vendor," Gannaway said. "It's a partner's market."

Jason Eberhardt, vice president of strategic alliances at Conventus, a Chicago-based Symantec partner, said customers are leaning on partners more than ever to navigate a complex security market. It is the partner's job to find the best solution and platform strategy for customers, he said.

"Customers don't have the time to figure this all out on their own. A lot of the time they lean on their advisers or their partners to bring that innovation to them in a consumable way and make logical decisions," Eberhardt said.

That opportunity is here to stay, Aurora's de Souza said, as the "cat-and-mouse game" between attackers and the security industry continues, and customers look for advisers to help them choose the right technology to stay ahead of the curve and safeguard their business.

"All I can say is that we live in exciting times," de Souza said. "I feel that there isn't a day when working with the vendors and solutions they provide and the customers and the needs that they have that I don't wake up with an adrenaline rush: Wow, we do live in great times."