Vulnerabilities / Threats
9/13/2012
11:06 AM
Connect Directly
RSS
E-Mail
50%
50%

Symantec Security Has Become Forgotten Child, Critics Say

After Symantec leadership change, some channel partners question whether the company will continue emphasizing its storage business over security.

Can Symantec be more than the sum of its parts?

That question appears to be on the minds of many of the company's channel partners. In particular, some of the company's value-added resellers (VARs)--who also resell products from Symantec's competitors--have been asking how the company's new leadership plans to move forward.

Symantec's board fired president and CEO Enrique Salem, who'd held both posts for three years, on July 25, and installed board chairman Steve Bennett in the roles instead. The company's shares immediately climbed 12% in value. "My view is that Symantec's assets are strong and yet the company is underperforming against the opportunity," said Bennett--a veteran of Intuit and General Electric--in a statement. He promised to begin his tenure by holding a listening period of up to 120 days with customers, partners, and shareholders, about the best way to take the company forward.

Some of those business partners have already begun speaking out. In a recent "open letter to Steve Bennett," Mike Karp, a VP and principal analyst at consultancy Ptak, Noel, & Associates, reported hearing "nervousness in the channel, which of course is to be expected when a major supplier brings on new leadership." But he said that nervousness reflects "deep concern" not about the new CEO, "but more about the potential for lack of change."

"Steve, right now you are the CEO of many good brands. But wouldn't it be much better to be the CEO of a consolidated Symantec?" said Karp.

[ There's no cure for human error, but that doesn't make you helpless. See Why Security Policies Fail, How To Make Them Work. ]

On a related note, this week Symantec hosted its annual partner conference, Symantec Partner Engage, in Baltimore. While no major announcements were previewed from the invitation-only gathering, Symantec was expected to announce new incentives for its sales representatives, aimed at eliminating some of the company's product silos.

But fixing Symantec will take more than new incentive schemes. Symantec's stock has underperformed for years, and the company--which boasts annual revenue of $6.73 billion--has lost $3 billion in value in the past year, according to Bloomberg. Many observers trace Symantec's financial problems to its acquisition of Veritas--pushed by Salem's predecessor--in 2005, for $13.5 billion.

One Symantec channel partner--speaking on condition of anonymity--said he believes that after the Veritas acquisition, Symantec became blinded by the potential profit margins to be made in the storage business, and made all other Symantec products a secondary concern.

But now, he said, Symantec is facing stiff competition from numerous businesses, some of which the $1 billion channel partner also resells, including EMC, Dell--especially with its acquisition of backup provider AppAssure--as well as CommVault. From a security perspective, meanwhile, there's strong competition from Intel's McAfee, Trend Micro--which the reseller said has taken the lead on promoting the need for businesses to secure their cloud and virtual environments--as well as "a bunch of other products out there who are partnering with the channel and investing heavily in the channel community."

According to the business partner, Symantec's security business has been lagging, both in terms of in-house support as well as innovation. "They're not doing very well because today, the culture within Symantec, and the commission model in the company, is most heavily focused on tiered backup products--the legacy Veritas products," he said. "So every time we get in from of them and ask what we should promote, it's always Veritas, not security."

He said Symantec also remains late to the security game when it comes to cloud computing and virtualization. "I would have expected them to talk about how [Symantec] will secure your endpoints in a virtual environment, but instead it's all about backup and archiving," he said. "But the security industry is mostly driven by threats, and when it comes to the cloud and virtualization, Symantec is very late in addressing that market."

What should Symantec do? "Symantec still has a big presence in the backup sector, and we want Symantec to be successful, because we'll end up making money as well," said the reseller. "So we're hoping they'll take some right steps." In particular, he's called on the new CEO to articulate a clear direction for the company, for Symantec to invest more heavily in its channel partners, and for the company to create new messaging about how it can both back up and secure business data.

But new messaging might not be enough to satisfy investors. In fact, some analysts have been calling on the company to split its storage and security divisions, perhaps selling parts of the company to IBM or Oracle. "There was always this hope and promise that storage and security would converge, and it really hasn't," Brian Freed of Wunderlich Securities told Bloomberg last month. "Since there are no synergies, a singular focus yields better results."

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3352
Published: 2014-08-30
Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) 2008.3_SP9 and earlier does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packets, related to an "iFrame vulnerability," aka Bug ID CSCuh...

CVE-2014-3908
Published: 2014-08-30
The Amazon.com Kindle application before 4.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2010-5110
Published: 2014-08-29
DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause a denial of service (crash) via a crafted PDF file.

CVE-2012-1503
Published: 2014-08-29
Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Apart KK) Movable Type (MT) Pro 5.13 allows remote attackers to inject arbitrary web script or HTML via the comment section.

CVE-2013-5467
Published: 2014-08-29
Monitoring Agent for UNIX Logs 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP04 and Monitoring Server (ms) and Shared Libraries (ax) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP08, 6.2.3 through FP01, and 6.3.0 through FP01 in IBM Tivoli Monitoring (ITM)...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.