Symantec: We 'stubbed our toe' on Backup Exec, but we'll be fine

New CEO plans to dish out dividends to keep shareholders smiling


Analysis Symantec's new broom CEO has presided over record final quarter - at least for revenues - and full year 2013 results. This is despite the company being in the middle of a management clear-out, profits droop and wholesale sales operation revamp.

Revenues for the fourth quarter, which finished on 29 March, were $1.75bn, a record and 4 per cent higher than a year ago, but down three per cent compared to the third quarter. But this is a traditional Symantec seasonal revenue pattern and so nothing to get excited about.

Net income for the fourth quarter was $188m, a massive 66 per cent less than a year ago, which saw exceptional profits, and 11 per cent less than the third quarter. Those exceptional profits came from Symantec's sale of its interest in a joint venture with Huawei.

Full fiscal 2013 revenues were $6.9bn, a sort of respectable 2.5 per cent higher than a year ago. Profits were $765m, 24 per cent less than the figure in 2012 which was buoyed by the aforementioned exceptional final quarter's profit.

CEO Steve Bennett, about six months into his job after the departure of Enrique Salem, said of the results: "In a year of significant leadership changes and development of a new company strategy, the team remained focused on running the business to deliver better than expected results. Our focus on operational change and repositioning the business in fiscal year 2014 will set the foundation to drive better execution long-term. Never have I been more optimistic about the opportunity in front of us to make a difference for our employees, customers and shareholders."

The product segment information was revealing.

Annual revenue from Symantec's backup, archiving and Storage and Availability Management businesses grew five per cent. Within that :

  • Revenue from backup and archiving business grew nine per cent, driven by NetBackup with double-digit growth.
  • Revenue in the Storage and Availability Management business decreased four per cent due to a decline in customer's use of the Solaris platform.
  • The Security and Compliance segment grew seven per cent.
  • Organically, Security and Compliance grew three per cent.
  • The Consumer business grew two per cent, not helped by a decline in PC sales.
  • The Services business grew 7 per cent - driven by double-digit growth in Business Critical Services.

The consumer business needs an energising kick up the backside, and the Storage and Availability Management business needs two of them. CFO James Beer said: "Backup Exec has been something of a challenge, and we continue to work through and improve upon our offerings in the Windows market there."

He added: "We're still experiencing challenges there impacting Backup Exec's revenue double-digits. Now I would expect that, that will improve gradually. I think the most material opportunity for us to improve with Backup Exec is around the next release that we're very much working on but won't be out for some time yet later in this fiscal year.

"We've made a lot of changes in the team that stubbed its toe in the release on Backup Exec... This was our execution that caused us the problem, nothing else, as witnessed by the real strength we've had on NetBackup where we didn't stub our toe." Now the same team manages both NetBackup and Backup Exec.

Symantec revenues and profit to Q4 fy2013

The earnings call had Steve Bennett talking about Symantec 4.0 and boasting: "We grew three per cent organically, the largest organic growth rate in five years."

He said: "FY '13 also was the start of the transformation of Symantec. The only significant things that changed during the year were some executive transitions and the January announcement of our new strategy, an organisational simplification initiative." Then he turned to the next 12 months:

FY '14 will be different. Many critical things will be changing like completing the streamlining of our management structure, reallocating significant amounts of our development resources to focus on our most promising point solutions, exciting new integrated offerings and some exciting new partnerships we haven't announced yet but expect to in the next 90 days.

There's more:

We're also changing our go-to-market strategy in many of the elements, like the creation of a new renewals team, focusing our sales organisation on new business only, changing our sales compensation program, converting our generalist sales force to one that's specialised and focused on either Information Management or information security, introducing a new channel strategy and set of partner programs and building a high-powered marketing organisation, to mention a few of the most critical.

Bennett is in the process of junking the Salem-era Symantec structure and recasting it. He's certain that these changes will "lead to significantly improved longer-term performance for Symantec," although the fiscal 2014 somewhat outlook is uncertain.

Bennett is on a middle management dead-wood clearing exercise:

We are reducing the number of layers and increasing spans of control for our managers to industry standard levels in an attempt to increase the speed of decision-making and to improve accountability and execution.

We expect to eliminate between 30 per cent and 40 per cent of our management positions. We will have fewer, bigger jobs for our best and brightest. We are also attracting world-class talent from the outside, some of the most recognised tech companies in the world. Over the next few months, you'll hear more about some great senior-level talent coming to join and strengthen the Symantec leadership team."

Music to the ears of Symantec's exec recruitment agencies.

Management in the security products area is being re-organised:

We see real value in merging our Norton and SEP solutions to solve new customer problems and reduce redundant expenses. Moving from protecting the endpoint to protecting people and their information in a device-independent way will help us transform this business.

Norton OEM deals have some doubt hanging over them: "In the short term, we expect the Norton business to deliver flattish revenue growth given market dynamics, including PC unit declines. … Given how this market has evolved, we are taking a rigorous look at every partnership deal. We will not sign any new agreements that don't make financial sense. Moving away from any OEM distribution partnership would put some pressure on our new customer acquisition in the short term but would be materially accretive to the bottom line."

Symantec is moving more to e-commerce to acquire customers directly and less through PC-based OEMs. It's also moving away from having 150 different point products to integrated product offerings. Weak point products didn't work. For example, Bennett said about the storage management products: "This is technology that can solve important problems when we redeploy it and think differently about it, and we got into trouble as a company thinking about it as a standalone business."

The company has decided to pay a $0.15/share dividend which should please shareholders. Fiscal 2014 should see zero to two per cent revenue growth. Next quarter's revenue is expected to be lower than a year ago due to a weak yen and seasonal trading patterns.

We just have to wait until 2015 for Bennett's Symantec 4.0 to deliver the promised goods. ®

Similar topics


Other stories you might like

  • North Korea's Lazarus cyber-gang caught 'spying' on chemical sector companies
    Crypto-coin theft isn't enough to keep these miscreants busy

    North Korea's Lazarus cybercrime gang is now breaking into chemical sector companies' networks to spy on them, according to Symantec's threat intel team.

    While the Korean crew's recent, and highly profitable, thefts of cryptocurrency have been in the headlines, the group still keeps its spying hand in. Fresh evidence has been found linking a recent espionage campaign against South Korean targets to file hashes, file names, and tools previously used by Lazarus, according to Symantec.

    The security shop says the spy operation is likely a continuation of the state-sponsored snoops' Operation Dream Job, which started back in August 2020. This scheme involved using phony job offers to trick job seekers into clicking on links or opening malicious attachments, which then allowed the criminals to install spyware on the victims' computers.

    Continue reading
  • Russian-linked Shuckworm crew ramps up Ukraine attacks
    Cyber-espionage gang using multiple variants of its custom backdoor to ensure persistence, Symantec warns

    A Russian-linked threat group that has almost exclusively targeted Ukraine since it first appeared on the scene in 2014 is deploying multiple variants of its malware payload on systems within the country.

    The Shuckworm gang – also known as Armageddon and Gamaredon – is using at least four distinct variants of its Pterodo backdoor that are designed to perform similar tasks but communicate with different command-and-control (C2) servers, according to Symantec's Threat Hunter Team.

    "The most likely reason for using multiple variants is that it may provide a rudimentary way of maintaining persistence on an infected computer," the researchers wrote in a blog post Wednesday. "If one payload or [C2] server is detected and blocked, the attackers can fall back on one of the others and roll out more new variants to compensate."

    Continue reading
  • Kaspersky cracks Yanluowang ransomware, offers free decryptor
    Step one, get some scrambled files back. Steps two through 37...

    Kaspersky has found a vulnerability in the Yanluowang ransomware encryption algorithm and, as a result, released a free decryptor tool to help victims of this software nasty recover their files.

    Yanluowang, named after a Chinese deity and underworld judge, is a type of ransomware that has been used against financial institutions and other firms in America, Brazil, and Turkey as well as a smaller number of organizations in Sweden and China, Kaspersky said yesterday. The Russian security shop said it found a fatal flaw in the ransomware's encryption system and those afflicted can get a free fix to restore their scrambled data.

    Symantec's threat hunters uncovered this Windows ransomware strain in the fall and said unknown fiends have been using it to infect US corporations since at least August 2021.

    Continue reading
  • Mutating Verblecon malware in illicit cryptomining ... so far
    Symantec team warns ransomware and spying could be next

    Internet fiends are using a relatively new piece of a malicious code dubbed Verblecon to install cryptominers on infected computers. 

    The mutating malware attempts to evade detection by antivirus tools and similar defenses, meaning bad news all round if the software was used to deploy more destructive payloads — and that the crooks using Verblecon may not realize the power of the loader's full potential.

    "The activity we have seen carried out using this sophisticated loader indicates that it is being wielded by an individual who may not realize the capabilities of the malware they are using," Symantec's threat hunting team warned today.

    Continue reading
  • How do China's cyber-spies snoop on governments, NGOs? Probably like this
    Cicada's months-long global espionage campaign marks an expansion of team's capabilities

    A China-backed crew is said to be running a global espionage campaign against governments, religious groups, and non-governmental organizations (NGOs) by, in some cases, possibly exploiting a vulnerability in Microsoft Exchange servers.

    +Symantec's Threat Hunter Team said the campaign, which aims to spy on targeted victims and steal information, likely started in mid-2021, with the most recent activity detected in February. It may still be going on, the researchers observed in a report this week.

    The Threat Hunter Team team is attributing the attacks to Cicada, also known as APT10 – a group that has been operating for more than a decade and that intelligence agencies in the US have linked to China's Ministry of State Security. The researchers are pointing at Cicada because a custom loader and custom malware that have been used exclusively by the group were found in victims' networks.

    Continue reading
  • China-linked malware targeted secure networks in 'multiple governments'
    'Daxin' malware creates backdoors and may have been used since 2013

    The United States' Cybersecurity and Infrastructure Security Agency (CISA), working with security vendor Symantec, has found an extremely sophisticated network attack tool that can invisibly create backdoors, has been plausibly linked to Chinese actors, and may have been in use since 2013.

    Symantec's threat hunting team has named the malware "Daxin" and described it as "a stealthy backdoor designed for attacks on hardened networks". The Broadcom-owned security firm says it's found samples of the malware dating back to 2013, and that features present in recent versions were also found in older cuts of the code. Those recent versions of the malware have been associated with "China-linked threat actors".

    CISA's advisory about the malware describes it as "a highly sophisticated rootkit backdoor with complex, stealthy command and control functionality that enabled remote actors to communicate with secured devices not connected directly to the internet". The agency asserts that Daxin "appears to be optimized for use against hardened targets, allowing the actors to deeply burrow into targeted networks and exfiltrate data without raising suspicions".

    Continue reading
  • NortonLifeLock sniffs around Avast, announces 'advanced discussions' for acquisition
    Company now has 28 days to make up its mind

    NortonLifeLock, the somewhat clunky moniker adopted by the former consumer business arm of the Symantec Corporation, has announced "advanced discussions" with rival Avast over a possible merger.

    "A combination of NortonLifeLock and Avast would bring together two companies with aligned visions, highly complementary business profiles and a joint commitment to innovation that helps protect and empower people to live their digital lives safely," a NortonLifeLock spokesperson claimed in a message to investors.

    "We would draw on the best of both companies to ensure that the combination would benefit our customers, reward our employees and maximise long term value for all shareholders."

    Continue reading

Biting the hand that feeds IT © 1998–2022