Late last week, Symantec made two acquisitions in the encryption space, scooping up both PGP and GuardianEdge. My colleague, Andrew Jaquith, is publishing an in-depth report analyzing the acquisition, so there’s no need to go into too much detail here. We’re in total agreement that encryption has been a significant hole in Symantec’s security portfolio, given that data security is the #1 focus for IT security shops. You can also see some of my initial comments to the press on the acquisition here.
These two acquisitions got me thinking about Symantec’s acquisition strategy in general. What we’ve seen from Symantec over the years is a clear proclivity to paying more in order to acquire market-leading vendors. This doesn't mean Symantec overpays. Simply that Symantec seems to weigh established customer base and market share more than other security specialists. Certainly, McAfee has its share of big acquisitions (it paid about as much for SafeBoot as Symantec paid for PGP and GuardianEdge combined, and the Secure Computing acquisition was no small purchase either), but as a more general rule Symantec goes after the big game on the plains more than other security specialists. In security, Symantec is clearly moving to more head-to-head competition against the mega-vendors with deep pockets: IBM, Cisco, Microsoft, EMC, etc. I believe that this approach to acquisitions is a key factor that helps Symantec over the long term against this competition.
More broadly, we see that the encroachment of large vendors into adjacent technology areas (such as security) continues to gain momentum. There’s also the additional dynamic of the disruptive shift from IT product to IT services that further expands the competitive landscape. Technology acquisitions and partner programs will each play key roles in whether incumbents – even the leaders in their spaces – will survive and thrive. Symantec has clearly established its strategy and has the right perspective and discipline with regard to acquisitions in order to achieve that goal.