Broadcom Offloads Symantec Security Services to Accenture

Just over two months after finalizing its purchase of Symantec’s enterprise security business, Broadcom is selling the security services part of that business to Accenture.

The deal includes the company’s managed security services, threat intelligence and incident response. Financial terms of the deal weren’t disclosed. Broadcom shelled out $10.7 billion for Symantec’s enterprise security business.

The Accenture acquisition is expected to close in March subject to customary closing conditions.

Harpreet Sidhu, Accenture Security’s managing director and managed security services lead, tells us the acquisition will help scale Accenture’s managed security services.

Accenture’s Harpreet Sidhu

“Through this scale we will be able to innovate faster to bring a stronger, more advanced, more automated and intelligent set of capabilities to a much broader global client base,” he said. “This acquisition will distinguish Accenture Security as one of the world’s leading providers of managed security services and offer clients our combined expertise fine-tuned to their industry with tailored global threat intelligence powered by advanced analytics, machine learning, orchestration and automation capabilities.”

Amy DeCarlo, GlobalData’s principal analyst of security and data-center services, said this was a “surprise, given how recent the Broadcom acquisition of Symantec’s enterprise business closed.”

“Accenture is just picking up the managed security services business, not the products,” she said. “While there is [a] technology platform and six security operations centers (SOCs) that are part of the deal, this is a really quick way to acquire several hundred IT security personnel. Accenture already has a strong cybersecurity practice, but this will help the company grow that business faster.”

Broadcom retains the enterprise security products, and as a vendor of infrastructure equipment and software, selling that technology is more in Broadcom’s comfort zone, “so I can see why the company would want to part with the services element,” DeCarlo said.

The Accenture Security practice now will consist of more than 7,000 skilled cybersecurity professionals globally at each client’s disposal, Sidhu said. Symantec’s geographical presence is complementary to Accenture Security with SOCs around the globe in six locations, incident response capabilities in eight locations and two R&D centers, he said.

“Accenture Security is always looking for ways to drive innovation and we’re committed to continued investment in our highly skilled specialists, methods and advanced technologies to help our clients defend against the full spectrum of cyberthreats,” he said.

This deal is the latest in a series of acquisitions, including those of Deja vu Security, iDefense, Maglan, Redcore, Arismore and FusionX, by Accenture Security. In its 2019 fiscal year, Accenture invested nearly $1.2 billion globally on 33 acquisitions to acquire skills and capabilities in strategic, high-growth areas of the market.

“Becoming part of Accenture Security is a tremendous opportunity for our clients and our cyber warriors around the globe, enabling us to fuse the unique services, capabilities and solutions of two well-established companies to deliver the next generation of cybersecurity services,” said John Lionato, vice president and general manager of Symantec’s cybersecurity services business.

Ovum’s Eric Parizo

Eric Parizo, senior analyst with Ovum, tells us he’s not surprised that Broadcom would look to unload the Symantec managed security services business. Broadcom’s model is to focus specifically on Fortune 1000 customers, and reducing costs by stripping away the R&D, product development, sales, marketing and services elements of its businesses that don’t focus exclusively on that high-end enterprise customer segment, he said.

“Long term, this is likely just the beginning of a reshaping of Symantec,” he said. “I expect in the next 12-18 months, we’ll see several deals that remove high-cost/low-revenue/non-Fortune 1000-focused elements of the business, or rationalize redundancies, such as in the former CA Technologies identity and access management (IAM) portfolio that Symantec inherited after arriving at Broadcom. It also won’t be a surprise to see Broadcom make further acquisitions for Symantec in instances where a need can be met with a good value, particularly in areas like DevOps or cloud security monitoring and management. Broadcom has stated it is more interested in buying functionality than building it, so the game of addition and subtraction will likely continue for Symantec.”