Q&A: McAfee, Symantec CEOs talk security

In early December, InfoWorld Senior Writer Matt Hines had the opportunity to sit down with John Thompson, chief executive of Symantec, and David DeWalt, chief executive of McAfee, to interview the leaders about the strategic direction of their companies and where they see different aspects of the IT security market heading in 2008 and beyond.

Each of the individual interviews took their own course, but an intentional effort was made on the part of the reporter to ask the two executives about many of the same issues.

What follows are a sampling of the respective CEO's comments on issues related to the rise of data protection, consolidation in the security market, and competitive issues between the two industry leaders and their many rivals.

Matt Hines, InfoWorld: Over the last year in particular we've seen a relative sea change on the security market as customers have shifted their focus toward data protection, versus more traditional methods of defending endpoints and network assets.

How has this forced a strategic change in direction for your companies -- in particular as smaller vendors in sectors including DLP (data leakage prevention) make claims that they are better suited to deal with this shift?

John Thompson, Symantec
: The reality is that we have had great insight about what information was flowing around in an organization for years. The fact that we were doing virus protection was interesting, but what was more interesting was depth and breadth of intelligence network around the world, which has been telling us about where viruses and worms are coming from, what hacker attacks are occurring, where spam is originating from, and what keywords people are using to bypass filters.

There's a great deal of insight that's associated with that intelligence network that Symantec has that should make this shift toward information-based security easier for us than any smaller company that doesn't have that breadth.

Furthermore, customers that have the expectation that we and others who have been trusted providers for them will evolve as their needs evolve. Certainly, that's been the case in the more traditional security technologies. If [you] look at what AV (anti-virus) technology does today versus what it did five years ago, it is light years different.

We should use the metaphor of the evolution of the past to apply to the problems of the future, and we've certainly evolved our business over the last ten years to be very different in terms of its focus and our ability to solve problems for customers that ten years ago probably didn't exist.

David DeWalt, McAfee: Actually, see it as a huge advantage to being a big company. Managing data and data security is a pretty strategic thing for corporations, when I think about who they would trust as an advisor in these situations. Either a startup who may be dedicated to only [DLP], or someone with a thousand people in support, you get a level of service related to companies like Symantec and McAfee that isn't there with the others -- we're already running in most large corporations on the endpoint.

Adding another endpoint agent from a small company versus going with McAfee isn't as attractive to these customers. We offer cost optimization, centralized management, and other benefits that you can't get from smaller companies.