 |
 |
| BRAINSTORM |
In an insecure world, this software maker thrives
By David Kirkpatrick
FORTUNE.COM
 |
Story Tools
|
(FORTUNE.COM) -- By definition, it's rare to hear a CEO say something like, "There's not another major technology company that's shown the revenue and earnings growth we've shown the past four years." But John Thompson of Symantec says it matter-of-factly, with obvious pride but not bragging.
Symantec is a rare software company -- one that has thrived in the past several years of parched technology spending. "By almost any measure we're one of the most profitable software companies in the world," Thompson goes on. "We have operating margins in the mid-to-high 20s, gross margins in the mid-80s, and revenue growth the last two years well north of 25 percent."
In an insecure world of worry, there's something to be said for being the largest security software company. Thompson, 54, only arrived at Symantec in April of 1999. He'd been a senior executive at IBM and could easily have gone on to run much if not all of that tech colossus. Instead, he turned his energies to refocusing Symantec. "We went from the broad portfolio strategy of a consumer software publisher to become a focused security software provider," he says. In its anti-virus products Symantec had something it called "live update," which automatically downloaded software patches to customer machines. Thompson aimed to bring that capability into all the company's products.
When he arrived, the company's mix of business was about 65 percent consumer, 35 percent enterprise. Today those figures are, roughly, reversed, and the company does nothing that is not related to security. Symantec has acquired about a dozen companies. Says Thompson: "No one today can claim a broader portfolio in security, all the way from early alert information that customers can act on, to post-installation operational support." In addition to anti-virus software, the company sells software and services for firewalls, intrusion detection, vulnerability assessment, and other security challenges.
From a company with about $630 million in revenues and a market cap of almost exactly that same amount, Thompson has increased revenues to an estimated $1.7 billion for the fiscal year that ends next March. As for the market cap, hold onto your hat -- it's now $10 billion!
Is this man satisfied? Dream on. The forward price-to-earnings ratio is now about 29, which Thompson considers not at all high. "As a category leader in enterprise software we're valued lower than category leaders in other sectors like Veritas or BMC," he observes with the quiet, smiling aggressiveness that seems to be his nature. With such a lush valuation, his mandate to keep growing rapidly is huge, however.
But here's another amazing thing John Thompson has done at Symantec: analysts estimate for the quarter just ended (for which the company has not yet announced results) a whopping 56 percent of revenues will be deferred, meaning sales that were made in preceding quarters but not booked until now. That's a fantastic figure, up from about 12 percent when Thompson joined the company. He is delivering extraordinarily predictable results, something Wall Street craves and will likely keep rewarding. The stock has risen from a split-adjusted price around $7 when Thompson started to $66 today, and is up 64 percent this year alone.
The revenue deferrals result largely from the move to an all-security model that emphasizes updates. When Symantec sells a piece of software, not only does it book a portion as the sale of a product, it also shows another portion as a service. For instance, its consumer-oriented Norton Anti-Virus product retails for $49.95, but the company allocates $19.95 of that to the continuing update services, and records it over the succeeding 12 months. After that, if a customer wants to continue receiving the updates for another year -- which they very often do -- they pay another $19.95.
While Symantec has 600 enterprise customers to whom it sells a variety of sophisticated security services, it also ships its software on more than 35 million consumer PCs every year, including every consumer machine sold by Hewlett-Packard and Gateway, and a growing percentage of those sold by Dell. Customers get a free 90-day trial of the anti-virus product, after which they can do nothing and watch their trial version expire, buy it, or upgrade to a full-function security suite. While Thompson won't say what percentage chose each option, the numbers for the second and third categories are almost certainly increasing in this virus-cursed age.
Automating security updates is also increasingly part of Microsoft's strategy to solve its ever-increasing credibility problem on security, so I asked Thompson if this shift didn't worry him. "Microsoft continues to innovate around the operating system," he replied, "and we continue to innovate around Microsoft. There's no reason for us to complain. Innovating around their footprint has served our company well." His confidence notwithstanding, I'd say this is one area to watch for challenges. Thompson added, however, that Symantec is also "innovating around" Linux, which has already become the second largest operating system for Symantec's products.
Thompson's enterprise strategy is increasingly to integrate products in a "managed services" approach. He says that while the typical company has bought many security products, including anti-virus, firewall, and intrusion-detection software, they almost never are managing them together as they should. In an age when Internet attacks are increasingly the so-called "blended" sort, in which hackers combine things like viruses, worms, and denial of service attacks simultaneously, only an integrated approach makes sense, in the Symantec view. To stay abreast of the malefactors, the company spends a very healthy 15 percent of revenues on research and development.
"During the Internet bubble people focused on the fast companies," says Thompson. "But we were the tortoise. We just kept moving along." He's steadily brought amazing change to the company. I suspect that so long as he is in charge, Symantec will continue to lead the race, both against its software industry competitors and against the hackers who make its products necessary.
Questions? Comments? E-mail them to me at dkirkpatrick@fortunemail.com.
