The future holds more acquisitions for Symantec as it looks to strengthen key
business areas and keep pace with evolving online security threats, its CEO
said Friday.

While dismissing as "speculation" recent press reports that Symantec
is close to buying San Francisco data-loss prevention software company Vontu,
CEO John Thompson said Symantec is interested in expanding in that technology
area.

"If I were to think about broad categories of technology where we have
an interest they might include three or four important areas: data loss prevention,
transaction-based security, server management, and then complementary services
across those three software domains," he said at a Tokyo news conference
held alongside the company's Symantec Vision event.

He said Symantec typically looks to acquire a company when its own work might
not be fast enough to take advantage of a market opportunity, or when it believes
it can acquire a leading company and substantially grow its own business.

"And so a company like Vontu that has achieved leadership in the category
of data-loss prevention certainly would be an interesting target," he said.

Earlier in October, Infoworld reported that Symantec would pay between US$300
million and US$350 million for Vontu, with which it already has an OEM business
partnership.

"Our industry is entering a very obvious phase of maturity where growth
rates are starting to slow from the hectic pace of the 80s and 90s, and therefore
strong companies with strong balance sheets and strong cash positions and leadership
technologies are looking to add components to their overall portfolio,"
Thompson said. "As you look ahead you should assume that Symantec will
continue to be an acquisitive company as we also match that acquisition strategy
with 15 percent of revenue spent on internally developed products."

Looking ahead over the next few years Thomson, who has more than three decades
experience in the industry, said he believes a couple of trends will dominate.

"The first is perhaps the realization by many users that anti-virus technology
alone is not enough to protect them from today's threats," he said. Security
will need to be deployed at several layers of the information infrastructure
to protect not just the devices on the network, but the information and transactions
that occur as well.

Secondly, he sees a shift away from rules- to policy-based security.

"In the world of security 1.0 we thought about firewall rules or rules
for the intrusion device or rules for the configuration of the antivirus agent.
Those were things that were typically black or white," said Thompson. "The
security 2.0 world assumes a significant increase in collaboration, a much more
significant increase in the layering of technology to asses multiple factors
associated with a threat, and a dramatic shift in the implementation techniques
to be much more policy-based than the historical rules-based approach."

IDG News Service

• Email
• Print
• Share
  • Slashdot
  • Digg
  • Stumble
  • Reddit
  • Newsvine