Broadcom’s purchase of Symantec’s enterprise unit will create opportunities for other cyber security players – podcast

20 August 2019 | Research

Tom Rebbeck

Video | Cyber Security

Research Director, Tom Rebbeck discusses Broadcom’s planned acquisition of Symantec’s enterprise division, and the broader implications of the deal.

Listen to or download the podcast

Podcast transcript

On 8 August 2019, Broadcom announced the acquisition of Symantec's Enterprise division for USD10.7 billion.

The deal is part of Broadcom's strategy to expand beyond the semiconductor business, which still generates almost 80% of its revenue, and follows earlier acquisitions of Brocade and CA Technologies.

Broadcom aims to use its established sales channels to sell Symantec products to gradually increase revenue and improve profitability by drastically cutting costs.

Under Broadcom, Symantec Enterprise will focus on a narrower set of products and customers, creating new opportunities for other players in the security market.

Analysys Mason forecasts the enterprise security market to expand at around 11% each year for the coming 5 years, but while the wider market may have been growing, Symantec’s enterprise revenue is not.

Its enterprise revenue has been volatile, but with little or no long-term growth, with quarterly revenue fluctuating around the USD630 million level for the past 2 years.

Enterprise revenue is also becoming less important for Symantec.

The enterprise division generated just over half of Symantec's total revenue in the most recent quarter, down from almost two thirds of the revenue in 3Q 2017.

However, Symantec's profitability was of even greater concern; the company reported that its enterprise division was generating just 10% of total operating profit.

Symantec would have needed to invest significantly to turn the performance around.

Well before the sale, back in May 2019, Symantec's interim CEO Richard Hill spoke during an investor call of the need to reorganise the sales process and to hire "additional direct salespeople".

Instead, Symantec has opted to sell the enterprise assets and focus on the more-profitable consumer business.

As Hill said when announcing the transaction in August 2019, the deal would "enable our enterprise business to grow without us having to invest in fixing our go-to-market model".

The acquisition is part of Broadcom's ongoing move to diversify away from the semiconductor business to include more software and services.

This move started when Broadcom purchased data centre networking firm Brocade for USD5.5 billion in 2016.

CA Technologies, a software development firm, was acquired for USD18.9 billion in 2018.

These entities will generate just under 30% of Broadcom's total revenue when combined with annual revenue of around USD2.4 billion from Symantec's enterprise business.

The acquisitions of Brocade and CA Technologies are key to understanding the rationale behind the latest deal.

Broadcom successfully improved the financial performance of Brocade, in part by increasing revenue, but mostly through reduced costs, including large rounds of lay-offs.

It is hoping to do the same with Symantec's enterprise assets.

The new security assets will give Broadcom access to a large potential market. Analysys Mason estimates that the total enterprise security market will be worth around USD120 billion in 2019.

Broadcom also believes that it can avoid the restructuring costs that were facing Symantec by using the sales teams and platforms developed for Brocade and CA Technologies.

The strategy is to target the largest 2000 organisations worldwide.

The cost-cutting targets that Broadcom has for Symantec Enterprise are ambitious; it wants to increase annual EBITDA from around USD350 million today (a 15% margin) to USD1.3 billion in future, or a 54% margin, assuming no revenue growth.

In addition, Broadcom is planning to focus Symantec's development efforts on the three areas where Symantec is best positioned today: endpoint security, web security and data loss prevention (DLP).

Investment in other areas will be reduced.

Broadcom's plans come with plenty of potential problems.

It will want to increase revenue and profit while having a smaller product portfolio, after significantly reducing staff numbers (CA Technologies employee numbers were reduced by a reported 40% in the USA following the Broadcom deal).

Broadcom will also deploy a new go-to-market strategy that will take time to establish. For example, existing Broadcom sales teams will need training on how to sell and support security products.

At the same time, Symantec is losing small-business customers (on the 4Q 2019 conference call, a Symantec representative said, "We've lost a lot of business in the mid- to small-business area") and losses in this market are expected to continue.

Finally, Symantec is operating in a highly competitive market in which product differentiators can be hard to establish.

However, churn among larger customers is low, and Broadcom will need this to remain the case if these larger customers are to act as a base on which to boost the business.

It will be no easy task for Broadcom and could well generate opportunities for others.

Broadcom will hope that the impact of the deal on existing customers is limited in the near term.

The Symantec name will go to the new owner, and the current Symantec is likely to become Norton, after its better-known consumer brand.

Broadcom and Norton will continue to share threat intelligence data; one of the potential benefits of having both consumer and business customers is the large base of endpoints through which new threats can be detected.

Many of Symantec's consumer and enterprise products were different, and this will also limit any impact. The deal has broader implications for the longer term though.

For companies that do not target large enterprises with the same core product set (endpoint security, web security and data loss prevention), competition will reduce, as will competition for spend by small and medium-sized businesses.

However, Broadcom is likely to compete more aggressively with security companies that target the same products and enterprises as Broadcom and its sales team will be better able to position its products.



Article: Broadcom's purchase of Symantec's enterprise unit will create opportunities for other cyber security players



Tom Rebbeck

Partner, expert in TMT consumer and business services