kras99 - Fotolia

Broadcom-Symantec deal troubles cybersecurity experts

Broadcom laid down a $10.7 billion bet in buying Symantec's enterprise security software. While some are optimistic, security experts predict another Intel-McAfee deal.

Chipmaker Broadcom Inc. continued its quest to buy its way into the software market with the acquisition of Symantec's enterprise security business in a straight cash deal for $10.7 billion.

The Broadcom-Symantec deal is the second software acquisition Broadcom has made in less than a year. The first was its $18.9 billion takeover of CA Technologies, a 40-year-old company best known for its mainframe software, although the company was in the process of refocusing its business on a number of cloud and open-source initiatives.

Symantec's enterprise security platforms include endpoint security, web security services, cloud security and data loss prevention. With those products gone, Symantec will focus on its consumer and small business cybersecurity products Norton antivirus and LifeLock identity threat protection.

The Broadcom-Symantec deal is expected to close before the end of calendar year 2019.

Some analysts see the Broadcom-Symantec deal as primarily a financial play for Broadcom, although they note the company will have to invest generously in research and development to keep Symantec competitive in the critically important but increasingly crowded enterprise security market.

"Broadcom recognizes that you can't cut R&D investments, because their whole model is predicated on having really good products," said Stephen Elliot, a program vice president at IDC. "Financial analysts are high on Broadcom now because it focuses hard on execution, pure product development and sales adoption among their 500 largest accounts."

The other side of Broadcom's model, however, Elliot notes, is the insistence on keeping up certain levels of profitability and taking as much overhead out of the system as they can afford to, he said.

Broadcom realizes that in acquiring large companies with widely diversified portfolios, some offerings are profitable and some are not. For instance, in the case of CA, Broadcom sold off CA's Veracode products, which focused on securing web and mobile applications, to Thoma Bravo for $336 million in profit. Broadcom said the products didn't fit as neatly into its long-term plans as well as some of CA's other cloud-based offerings.

Symantec expected to shrink under Broadcom

Symantec said in a press release yesterday it plans to reduce its global headcount by approximately 7% and will downsize, vacate or close selected facilities, incurring charges of $100 million, with an estimated $75 million for severance and termination benefits and $25 million for site closures. This restructuring plan is expected to be completed in fiscal year 2020.

"This deal is absolutely a financial play for [Broadcom]," said Judith Hurwitz, president of Hurwitz and Associates, an analyst and IT consulting firm in Needham Heights, Mass. "They are very focused on the bottom line, but as long as you deliver, it is a great place to work. It's not about creativity or thinking outside the box, it's about producing revenue."

Another analyst expressed concern about how well a chip company, albeit a large and influential one, understands the software market.

I'm greatly concerned about the future of Symantec's enterprise business.
Eric ParizoSenior analyst, Ovum

"I'm greatly concerned about the future of Symantec's enterprise business," said Eric Parizo, a senior analyst at Ovum. "First, Broadcom is a hardware company and software isn't their core competency. Second, Broadcom has been building a software portfolio but we haven't seen them make an effort to integrate the products or invest in them. Broadcom sees Symantec's enterprise business as a revenue stream and there doesn't seem to be a vision or roadmap for how it fits into Broadcom's existing software business," he said.

On top of that, Symantec has been a "troubled company for some time that has been looking for direction but still hasn't found it," Parizo added. He has his doubts that Broadcom is the company that can help them find it.

In a report issued today by Forrester Research analyzing the deal, the market researcher noted that the recent history of hardware companies buying cybersecurity software companies is not good. The report said the deal should serve as a warning to corporate chief information security officers about the future of Symantec's product portfolio under Broadcom. The report cited Intel's acquisition of McAfee in 2010. McAfee lost $3 billion in value since being acquired and Intel spun it out to private equity in 2016.

Forrester also listed Broadcom's CA acquisition last year. Broadcom's move to "aggressively slash CA's operating costs," might have pleased Wall Street Analysts, but the cost-cutting measures have negative consequences for user support, innovation and product development which could "grind product development to a halt," according to the report.

Yet another stumbling block for the deal is the potential regulatory hurdles the deal might face, similar to some of the hurdles Broadcom failed to overcome with its attempted purchase of Qualcomm.

"The Qualcomm deal was blocked because of Broadcom's alleged ties to the Chinese government," Ovum's Parizo said. "This deal may encounter similar regulatory scrutiny given Symantec's position as a company that provides security to both public and private entities," he said.

News Director Rob Wright contributed to this report.

Dig Deeper on Data security and privacy

Enterprise Desktop
Cloud Computing