The State of Data Protection: What Broadcom’s Acquisition of Symantec Means to Your Business

Jeremy Wittkop


Looking for insights about how to future-proof your data security technology investments? Please view InteliSecure’s on-demand webinar Navigating the Changes at Symantec/Broadcom.

Broadcom’s acquisition of Symantec has sparked a great deal of discussion about how the transition will affect companies that have investments in Symantec technologies.

A select few organizations have been chosen by Broadcom as “important accounts,” meaning they are receiving more focus and attention than they ever have before, including appealing offers to consolidate significant portions of their spend into an Enterprise Agreement. Those organizations may still have lingering concerns as many of the people who developed and updated the products they rely on are leaving, but they are likely feeling fairly confident about the situation as it exists today.

For other organizations, there has been less information about what Broadcom intends to do with the technologies it has acquired, and in a vacuum of clarity, rumors will thrive.

The truth is that few people outside of Broadcom’s executive team know precisely what will happen next with the Symantec portfolio. That information gap is leading to significant fear, uncertainty, and doubt. The results could be amazing—but most people assume they will not be.

 For all organizations, the biggest concern is how the changes happening with Broadcom will affect their business and their data protection programs. Let’s look at some of the biggest changes in motion right now, then answer five of the most critical questions those changes bring up.


Tracking the Transitions: Three Big Changes in Broadcom’s Administration of Symantec Solutions

It’s important to note that although many are concerned about the future direction of Symantec’s technology solutions, nothing bad has happened to them to date. Many organizations are understandably confused and upset as they struggle to understand how to engage with Broadcom. (Tip: Working with a good managed services partner can help significantly.) Although the Broadcom transition has been slower and bumpier than most people have liked, the company has some very smart people and they will figure this out.

In the interest of fairness, it is important to discuss what has and has not been said publicly.

  • Keeping core technologies strong—Broadcom has publicly stated that they purchased the Symantec portfolio because of the technologies’ strength in five key areas: Information Protection, Cloud Security, Web Security, Email Security, and Endpoint Security. Most Symantec customers have significant investments in these core areas. However, many of the key development resources on these teams have left the company, so Broadcom will need to replace the outgoing talent with new, capable people in order to sustain the strength of those technologies.
  • Product portfolio consolidation—The second piece of information Broadcom has made public is that they will evaluate areas outside of the core technologies and look to divest or minimize their investments in technologies that are not in the core. This move will allow the organization to focus on what matters most. They have already divested Symantec’s substantial cybersecurity services business.
  • Rethinking sales—Another piece of information we know is that Broadcom intends to significantly reduce spending in sales and marketing and drastically change their go-to-market model, focusing attention on a select number of clients globally rather than trying to appeal to the larger marketplace. If customers outside that group would like to engage with Broadcom, they may, but they will need to do so through the partner community.

Regardless of whether you agree with Broadcom’s strategy, it’s clear that they are moving aggressively to implement it. The changes have led to many negative feelings in the marketplace, but Broadcom is not likely to reverse course.


Escalating Concerns About Data Protection Technology

So what does all this mean to YOUR business? Organizations have two primary, legitimate concerns.

First, with the exodus of talent from Symantec, companies that have invested in those technologies want to know how Broadcom intends to continue to develop and support them. It’s too early to tell whether the solutions will deteriorate, remain strong, or even improve. If your reason for purchasing the technology was that you admired the vision of Symantec’s Senior Vice President of Information Protection, Nico Popp, he is still in the space; he has simply moved to Forcepoint. Some customers will choose to follow Nico, and that is a reasonable and rational choice.

Second, some customers who are not on the Strategic Accounts List are uncomfortable with their new relationship with Broadcom. This is a fair response and there are two reasonable responses to these conditions:

  • Stay with the Symantec technology, but find a managed services partner that is able to support your technology as part of a managed data protection services contract. This choice allows you to continue to leverage the technology you already have and will buy you time while you evaluate your long-term strategy.
  • Choose another technology and replace your Symantec solutions. This is also a rational response, but one that should be approached with caution. It is still in your interest to seek the advice of a managed data protection services provider that has deep experience in both Symantec products and the products you are considering so they can advise you about the similarities and differences of the product sets.

Another concern is that numerous vendors in the Information Security space are trying to benefit from the uncertainty surrounding Symantec and Broadcom. Some are pitching largely congruent solutions which will be effective with minor adjustments to the program in place. Others are pitching solutions that look similar on the surface but are radically different in the way they operate and could cause significant disruption to the business if deployed hastily. As is often the case, emotionally charged decisions can lead to disaster.


Five Questions

Symantec customers have significant questions about how they will be affected by this acquisition. I have chosen some of the most common to answer in this blog.

1. What changes in personnel within Symantec do you expect?

I think the major personnel shakeups are finished. The majority of large-scale moves away from Symantec have happened and personnel turnover will return to levels that are normal for any business. A large part of what Broadcom always intended was to cut significant costs out of the business, so it does not come as a surprise that so many good people were let go. It was jarring to see, but not wholly unexpected. That said, it remains to be seen how Broadcom will move forward with the portfolio given the volume and level of talent that has exited the business.

2. How are customers dealing with the challenge of supporting their existing technology installations?

There are three classes of customers that own Symantec solutions in the post-acquisition world, and each is faring differently:

  • Customers on Broadcom’s Strategic Account List—These top-tier accounts have either felt no disruption or they are getting more attention and a higher level of service than ever before. Since Broadcom maintains a direct support relationship with so few customers, they can provide a very high level of support.
  • Customers not on the list who have a good partner—These customers are also not significantly impacted, especially if they have a partner like InteliSecure, which offers a managed data protection service and has supported customers on behalf of Symantec for a number of years. They still have the same high level of support they had before the acquisition.
  • Customers not on the list who don’t have a good partner—These are the customers I feel for most. They have essentially been left in the lurch because they have difficulty navigating Broadcom and the support organization and they do not have a trusted advisor to help them. If you are one of these companies, I would suggest you reach out to a partner like InteliSecure immediately whether you intend to stay on Broadcom over the long term or not.

3. What is the latest on the ability to renew existing subscriptions or purchase additional solutions?

One of the challenges most frustrating Symantec partners and customers is the struggles Broadcom has had in taking over Symantec’s price book and quoting infrastructure. Partners are still not able to generate the licenses necessary to demonstrate solutions to customers and prospects, which makes it exceedingly difficult for organizations to test and purchase new solutions.

There has been significant disruption to Symantec distribution channels as well, leaving many customers unable to renew their software. These challenges have been frustrating for all involved, and while it has not been as smooth or expeditious as anyone would like, we are seeing progress in most of these areas, and InteliSecure’s experienced support teams are helping companies navigate the necessary steps to keep their technologies and licenses current.

4. What concerns do you have about ongoing development and updates to Symantec solutions?

Before Nico Popp left, I had very few concerns. Nico’s departure from Symantec signals the end of an era and a very troubling sign. Over the past 15 years, Nico had nurtured extremely loyal and dedicated development teams. Many of those experienced developers will be pursuing new opportunities, either with Nico or on their own. It is impossible to replace Nico and his team, but there is urgency for Broadcom to fill that role with a dynamic technologist as quickly as they can. Even if they do, there is reason to be concerned about the future development of the Information Protection products.

5. How can organizations benefit from working with vendor-neutral party like InteliSecure to navigate any uncertainties that they have?

Whether you intend to stay with Broadcom for the long term, the short term, or not at all, you can benefit from having a partner that is vendor neutral and understands the Information Security technology landscape. It’s even better if that partner has a deep understanding of Symantec technology so they can help ensure a smooth transition between products or a smooth transition between Symantec and Broadcom.


Buy, Hold, or Sell: What considerations should organizations be addressing?

The first question in front of an organization is, “What is my long-term strategy for my Broadcom solutions?”

To find the answer, I advise clients to pretend they are an investment advisory firm and give me a Buy, Sell, or Hold rating for the Symantec solutions under Broadcom’s leadership.

  • A Buy rating means that you buy into the vision of what Broadcom is trying to accomplish and you intend to continue with them unless something materially changes.
  • A Hold rating means that you intend to move away eventually but not immediately. You would like to plan your exit and evaluate the marketplace. If Broadcom does turn out better than you expected at any time in the process, you can move to a Buy rating and save some money and disruption.
  • A Sell rating means you are upset by the transition for some reason and you want to rip out all the Broadcom technology as quickly as you can.

Most customers I speak to are in the Hold category, but I speak with some organizations in both the Buy and Sell categories. Once you can express your sentiment in those terms, I can help advise you on the proper strategy to execute your intentions.


Still Have Questions?

Please view our on-demand webinar Navigating the Changes at Symantec/Broadcom. You’ll get useful insights about how to navigate technology change—and ensure the ongoing effectiveness of your data protection program.