By Stuart Wilson
From point solutions to consulting and service delivery; the scope of enterprise IT security solutions is changing fast in the Middle East. ACN's Stuart Wilson grabbed a coffee with Symantec MENA's regional director Kevin Isaac to find out more about the vendor's regional strategy.
Symantec believes that the focus areas and delivery models for enterprise IT security solutions is changing fast and Kevin Isaac, regional director for the vendor's Middle East and North Africa (MENA) is determined to position the company at the forefront of this evolution.
"The new fiscal year begins in April and you will see a number of significant changes from that point in time," Isaac explains. "I think this business changes significantly every six months and we are rapidly moving towards a mature business model in the region.
"We have doubled the Middle East team in the last 12 months and now have more than 65 people on the ground in the region with more resource flying in and out all the time. his growth is set to continue and there will be a clear change in the way that we manage our business and align ourselves with the business models of a more mature market," he continues.
For Symantec, this change will involve the expansion of skill sets within the company - allowing the vendor to move from what Isaac describes as the ‘basic rock face work' towards the ‘intellectual work'.
"The next wave of growth will be around consulting, not just sales," declares Isaac. "We need to develop additional skills related to infrastructure services, process engineering and pre-sales consulting. We are ramping up resources in consulting and post-sales support because we are starting to see some interesting enterprise projects that we need to be a part of."
While most of its regional headcount is still based out of the UAE and Saudi Arabia, Symantec has assigned staff to specific countries outside these two hubs to ensure that it is communicating with large accounts in markets across the entire theatre. As the memory of the merger process with storage giant Veritas fades into history, Symantec is now looking forward to new business opportunities as it attempts to make the most of its expanded product and solution portfolio.
"What's really interesting is that Symantec is such a broad player, but we also understand the need to focus," adds Isaac. "When you merge companies with different product lines that focus on different market segments, the way you deal with this is vitally important. Symantec was very clever last year to set up a separate management team to drive its consumer business. That has really paid off in the Middle East and will allow us to focus more closely on specific lines of business in the year ahead to really drive revenues."
This does not mean that Symantec will lose its focus on the consumer, SMB and midmarket customer segments, which remain an important part of the vendor's Middle East operation. What it does mean is that the ability to develop in-depth vertical expertise targeted at enterprise end-users is greatly enhanced.
"What you will see is a team of people focusing in telecoms or banking at a high-end level with the maturity and sophistication needed to deal with these accounts. It could be phishing expertise that banks can call or in depth SCADA knowledge for oil and gas customers - these areas have to be dealt with in a sophisticated manner or else a vendor will not meet the needs of enterprise end-users."
Government, finance and telecoms are top of Symantec's vertical hit list in the Middle East - due in part to the aggressive IT spending that many companies operating in these sectors have embarked on with gusto during recent years.
"Governments have a significant amount of cash at the moment while the telecoms sector is going through a huge renaissance in the Middle East in terms of growth, diversification, deregulation and acquisitions. Banks too are in rampant growth mood and as a result they are looking carefully at how to protect themselves.
"The interesting point is that banking by another name would be risk management and risk management is exactly what we sell. From all these verticals, I would say that the banking sector understands our message the most. The banks are closely aligned with our corporate strategy around risk management," says Isaac.
He claims that the integration of Symantec and Veritas in the Middle East was a relatively painless event with the two teams fusing to form one team in a seamless manner.
"I have to say [the integration] has been excellent," says Isaac. "I was in Europe on training last week and one person asked me if I was ex-Symantec or ex-Veritas. We never ask that question in this region - it is one company, one team and it is very focused. I personally am pleased with the attitude, energy and engagement of the team.
"Would I have done anything different? Hindsight is 20:20. I think we could have been even more decisive in terms of driving the business. I think as people we can be a little bit sensitive at times and try and please everybody. Mergers need decisiveness."
When Symantec's decision to team up with US compatriot Veritas was first announced, there was an understandable scepticism from many industry commentators regarding the business benefits of creating a company that combined expertise in availability solutions and security. These doubts have been well and truly put to bed, according to Isaac.
"The customers get it and even some of our rivals are starting to get it and cross buy and merge with companies to combine these business areas," says Isaac. "Veritas was very strong in the high-end enterprise and Symantec was able to bring some new technologies into that space and talk at that level. "In the telecoms space, Symantec was very strong in terms of the ASP model and we were then able to bring some technology and service offerings from the availability side into that space as well. At the end of the day, both sides were trying to solve the same problems - albeit from slightly different perspectives.
"When you look at data loss, data theft, lack of availability or even a hack, it all ends up as the same thing - either you don't have your data, you've lost your data or someone has stolen it. In essence you are dealing with the same pain just on a slightly different vector."
While the union with Veritas has not drastically altered the fundamental go-to-market employed by Symantec, it has given the vendor a critical mass in the region, which Isaac believes delivers real benefits to the organisation in terms of access to top executives at the region's largest enterprises.
"Customers always were open to us, but we're now seeing a much more interesting engagement model," explains Isaac. "I think that in the security and availability space, enterprise needs are not met through products alone - this is especially true on the security side.
"What we have been doing for a long time on the availability side and back-up solutions is a service-led deal. You would sell a bank a back-up solution along with the implementation and meet a specific service level requirement for the customer."
This approach is intrinsically linked to the consulting-led approach that Symantec is now adopting with the largest enterprises in the Middle East. Rather than pitching the latest products, the intention now is to go in, understand the customer pain points and then propose a solution - be it software or services - that eliminates these problems for the end-user.
"They may want five objectives met," says Isaac. "That does not mean a product; it may be a service-product mix that meets their needs and demonstrates a real return on investment." The product itself is the only the start of a solution, and this is a point that more and more IT managers and CIOs in the Middle East are starting to understand. It is a change in attitude that Symantec wants to take full advantage of.
"The bottom line is that if you buy flour, you've still got to bake it before it's edible," adds Isaac. "We understand this - we're not selling anti-virus to enterprises. We're selling network access control or we're selling a security client for the desktop that meets all the customer needs. We're going to the customer, discussing service level agreements (SLAs), and asking them what they want to achieve. It is not about the products any more, it's about the process and consulting solution."
The switch to solution selling is also making its presence in the delivery model as an ever increasing number of large enterprises reduce their reliance on their internal IT skill sets and switch instead to a managed service or outsourced delivery model. Isaac claims that Symantec is selling ‘more managed security solutions than ever in the region'.
"End-users are starting to understand that if they do not defer these processes and services they are actually at greater risk. The urban myths around not letting other people get involved in your business are now fading in the Middle East," he explains.
At the large account level, the pressure is on to reduce the number of IT suppliers with the balance of power slowly slipping away from the best-of-breed devotees, according to Isaac.
"All of our major customers are saying this," he comments. "The mid-sized customers are not yet - they are still saying we want best-of-breed. The largest enterprises that lead the market want less vendors, consolidated purchasing and a more centralised approach. They have been telling us this for years because of the various areas where they can reduce costs such as training, relationship management and even in the legal department."
As enterprise IT spending continues to climb across the Middle East, Isaac wants Symantec to be the first port of call for CIOs and IT managers wishing to assess their security and availability needs. The company is investing in the local resources to make this a reality.
However, to truly grab the ear of some of the most powerful IT decision makers in the region, Isaac and his team will also need to fight off the challenge of the global IT consulting giants queuing up in the Middle East to provide these companies with independent advice.