Mitarbeiter beim Security Awareness Training

Why Symantec Customers Need to Reevaluate Their Email Security Strategy

Broadcom recently announced the acquisition of Symantec’s Enterprise Security Business. During this announcement, Broadcom highlighted several major proposed changes that could hurt their customers’ email security posture, including the following:

  • They are narrowing their focus to endpoint security, web security, and DLP, while not investing in email security and other products
  • They will eliminate over $1 Billion in spending across R&D (40% cut) and Sales (82% cut)
  • They will only focus on the Global 2000 customer base and essentially let the commercial accounts churn out of their business

Broadcom has a track record of buying tech companies (most recently Brocade and CA Technologies), drastically cutting costs, and then selling to only the largest clients, and have confirmed they will follow the same playbook for Symantec. This strategy has left many customers with diminished support, end-of-life products, and technology that will either be retired or no longer receive investments in either R&D or support.

How does this acquisition impact Symantec customers’ cybersecurity?

Despite Broadcom/Symantec’s priorities, email is still the number one choice of attackers, with 96% of public breaches starting via email in the most recent Verizon DBIR. Symantec’s email gateways have lagged for years in their effectiveness against phishing, impostor, and malware attacks. Symantec was also significantly behind in implementing URL sandboxing, layered defenses against impostor attacks, DMARC-based email authentication, and more features that are considered by Gartner table stakes to protect the most critical threat vector. In addition, the visibility they provide into threats remains behind the curve – Symantec doesn’t give you insight into which of your users and departments are highly targeted by adversaries, much less give you better ways to protect them via adaptive controls.

Unfortunately, as Broadcom didn’t indicate they will invest in email, those gaps won’t likely close, and Symantec customers will continue to be at risk. The average security operations team spends more time on phishing attacks than anything else (45% in one recent survey), and poor performance from an email gateway can make security teams’ lives miserable.

What can you do to better protect your organization?

At the very least, you should evaluate how well your Symantec email gateway is performing. We’re happy to assist with a free, simple, painless assessment - within 24 hours and with minimal configuration.  We’ll also deploy our solutions for 30 days for no cost so you can experience our technology in action. You can sign up for a free trial here:

If you decide you’re ready to move on from Symantec, you’re not alone. In response to the demand from Symantec email gateway customers who’ve reached out to us since the announcement, we’re rolling out a transition program similar to the program we launched when McAfee exited email in 2015, with free migration services to enable a seamless transition to Proofpoint’s email security platform, the #1 choice of the Fortune 100, Fortune 500, Fortune 1000, and the Global 2000. You can also listen to a webinar detailing "What the Symantec Acquisition Means for Your Email Security Future."