Silicon Valley has rediscovered cybersecurity. The last time it was this focused on the field was in the 1990s. Two giants emerged from that generation: McAfee and Symantec.
These may well be the two security companies that remain the most recognizable household names, thanks to their traditional firewall and anti-virus products.
Now they find their turf being encroached from two sides. From one side comes tech giants like Hewlett-Packard and Cisco Systems, which see new revenue opportunity in cybersecurity. From the other side comes a rush of start-ups backed by large chunks of venture capital.
"There has been intense interest in cybersecurity," said Mike Fey, chief technology officer of McAfee. "And it keeps getting hotter every year. It's definitely a boom, and we’re in the right place at the right time."
For Symantec and McAfee, the new landscape is requiring them to adapt rapidly to hold their ground and seize the new opportunities.
According to a report from Gartner, Symantec remains the leading security vendor, with 19.6% market share in 2012, and McAfee is second with 8.8%. Those two have held those top positions for some time now, but their market shares are down from 26.6% and 11.8% respectively in 2007, according to Gartner.
Both companies built their leads on technologies designed for what now seems like a simpler time, when the focus was on creating firewalls to keep the bad guys out and anti-virus software helped keep PCs clean.
Now, thanks to mobile devices and cloud computing, networks are becoming more complex, which means there are more vulnerabilities. At the same time, the treasure trove of data being placed online has attracted more sophisticated state-sponsored and organized-crime hackers.
"I think the legacy providers, the Symantecs and McAfees, are kind of seeing that a lot of this is just not working against more sophisticated attacks," said Phil Lieberman, chief executive of Lieberman Software and a 30-year veteran of the industry. "So there's a new generation of companies being created to attack the problem."
This shifting landscape led to one of the biggest cybersecurity deals to date: Intel's purchase of McAfee in 2011 for $7.6 billion.
According to Fey, this has given McAfee the resources to make the transition into a very different cybersecurity world. The challenge now is that there are so many different and new areas of cybersecurity. McAfee needs to be strategic and selective about which ones to approach.
"We see tons of different opportunities, and we see tons of different businesses," he said. "We have to limit ourselves to what we do best. We can't diversify beyond our ability to deliver for the customer. The worst thing we can do is to diversify into so many areas that we don't do anything well.”
Under Intel, Fey said, McAfee has become more focused on investing in its own research and innovations rather than getting it from outside acquisitions. With Intel's deeper pockets and broad research organization, it has more resources to do so.
"That’s really different than who we were three years ago," he said.
Still, McAfee is keeping an eye open for potential acquisitions. Fey noted that as the market heats up, so do valuations. The company is keeping its eye on those valuations, but if they get too out of whack, it makes more economic sense to keep building certain technologies in house, he said.
Because McAfee is now tucked inside Intel, there’s not as much clarity on its revenues or its progress. In a fact sheet on its website, the company says it has revenue of "more than $2 billion annually." McAfee had about $2 billion in revenue in 2010, its last year as a public company.
But Intel, which had $52 billion in revenue last year, doesn’t break out its revenues. And during Intel’s most recent earnings call security and McAfee did not get mentioned.
By contrast, rival Symantec has remained an independent, public company. As a result, its reboot is being done in the spotlight.
About 18 months ago, the company hired former Intuit CEO Steve Bennett to be its new chief executive. Along with creating a new strategic plan and bringing in a slate of new executives, Bennett has conducted some layoffs.
Those new execs include Stephen Gillett, who became chief operating officer in December 2012. He said that the company recognized the world was changing, and that Bennett understood Symantec needed to change with it.
"The first thing he did was say we have to focus ourselves and our resources," Gillett said. "We have to completely restructure the way we thought about ourselves in the marketplace."
In its last annual report, Symantec wrote:
"The company is in the midst of a transformation. New types of solutions and new market opportunities are emerging as customers look to us to innovate across a digital landscape that has expanded enormously for both consumers and businesses. As we think about our markets today, it is very clear that the industry needs a new model for protection."
According to Gillett, Symantec previously had 150 products that could leave customers confused. The company is trying to bring those together in a way that makes more sense. Bennett has reorganized the company around 10 product lines and said he plans to increase investment in research and development.
In the short term, Symantec is expecting little or no revenue growth in the fiscal year ending April 2014, but it predicts it will return to growth of about 5% annually after that. Its stock is up about 30% in the last year.
"Right now, we are in the middle of transforming ourselves," Gillett said. "But I'm tremendously excited about the opportunity ahead."