At the same time, a core leadership team, consisting of two Symantec veterans and two new recruits, was formed to drive change. Stephen Cullen, a senior marketing executive who had joined the company in 1996, was to lead the consumer business, and Gail Hamilton, recruited from the Compaq Computer Corporation, was put in charge of the new enterprise initiative. Rounding out the team were Symantec’s chief financial officer, Greg Myers, and a longtime IBM colleague of Mr. Thompson’s, Donald Frischmann, who was recruited to head communications and brand management.
The biggest challenge facing a change agent can be the task of gaining support from subordinates. As John P. Kotter of Harvard Business School notes in his recent book, The Heart of Change: Real-Life Stories of How People Change Their Organizations, “today, a single individual cannot effectively handle large-scale, fast-paced change alone. It is important to get the right people in place who are fully committed to the change initiative, well-respected within the organization, and have power and influence to drive the change effort at their levels.”
In driving the transformation of Symantec, the core leaders created four teams, composed of their respective direct reports, to look at markets, evaluate opportunities, and identify those with substantial potential revenues and long-term viability. The teams considered a diverse range of customers and markets, such as Internet service providers, the managed-services market, IT systems management, and remote PC connectivity. And through a collaborative process, they determined that the company would move aggressively into the corporate computer security market. “John set expectations, and he got key leaders involved in determining where we would go,” Mr. Cullen says. “It was easy for these leaders, because they were already working on these projects, to see our direction when we laid out all of the strategic alternatives. Then we made decisions and said how we thought they were going to impact the company.”
As Professor Kotter suggests, the team structure helped gain acceptance of these decisions throughout Symantec, even in pockets of the company where some of the least successful products still had intense support. Some decisions were easy, like spinning off the money-losing Internet Tools business, and some were harder, like selling the popular ACT program. But although ACT had defined the category of contact management for a generation of PC users, it had no connection to security, so Mr. Thompson felt it had to go. “It’s important when a company goes through a change like this to create some sense of focus,” Mr. Thompson says. “ACT, while profitable, did not grow very fast. It was a development and support distraction. Selling ACT helped people realize I was serious.”
Still, to be taken seriously in the enterprise security market, the company had to build or buy capabilities it lacked. “It went from top to bottom, there were so many things that needed to be addressed to make this transition,” says Ms. Hamilton, who had led enterprise units at both Compaq and Hewlett-Packard Company. “Immediately, we needed new development processes, with a level of performance testing and scale to ensure we were developing products that could serve hundreds of thousands of users,” she says. “Second, we had to establish a much closer relationship with customers. We needed to share our plans with them, we needed to understand their businesses and the problems they faced going forward rather than just immediate issues.”
Symantec’s needs were all the more urgent because as a company that published (i.e., packaged and marketed) software rather than developing its own, the company had no technological base, aside from the antivirus expertise acquired in the Peter Norton deal and some smaller technology acquisitions from IBM and the Intel Corporation. As a publisher, Symantec was hard-pressed to attract programmers, who at the time were being courted with big equity stakes in Internet startups.