This article can also be found in the Premium Editorial Download "Information Security magazine: Trustworthy yet? An inside look at what's changed after a year of Microsoft Trustworthy Computing."
Download it now to read this article plus other related content.
Granted, Thompson also encouraged fellow African-Americans to consider IT careers. But, as he correctly predicted, the news media seized on the coincidence.
"John very much wanted to be accepted into this new position as the best choice, which he absolutely was. But because of Jesse Jackson being there, half the stories focused on the racial aspect of the appointment," recalls R.S. "Steve" Miller, CEO of Bethlehem Steel and the Symantec board member who recruited Thompson.
Thompson still generates a lot of press, but these days it's because of the direction he's steering his company--one that defies conventional wisdom and, for the moment, appears to be working.
Since taking the helm from founder Gordon Eubanks, Thompson has turned Symantec from a $632 million consumer software company to a $1.2 billion enterprise security market leader. Almost every Fortune 500 firm and four-fifths of the Global 500 use Symantec products, according to the company.
Through numerous acquisitions, Symantec has doubled its workforce to 4,200 since 1999. It has one of the lowest employee attrition rates in the country, says Thompson, and "probably the highest morale in our history."
But Symantec's horizon is not without clouds. Numerous industry observers have criticized Thompson for overpaying for acquired companies and technologies. Others question his strategy for long-term growth.
But such criticism only bolsters Thompson's resolve. At this stage in his life, he could comfortably retire after three decades with IBM, taking his three hunting dogs out more often or perfecting one of his many gourmet dishes. Instead, he spends most of his waking hours attempting to turn Symantec into a security industry superpower.
Who Is This Guy?!
"I'm certainly more than happy with the path I've chosen," Thompson says from his hillside estate in Woodside, Calif. His Porsche and BMW are parked in the garage. He wears Ermenegildo Zegna suits. At board meetings, he personally selects the right wine to go with meals. He supports Democratic causes and candidates, like presidential contender Sen. John Kerry of Massachusetts, but insists he wants no part of professional politics himself.
This is a sensitive area for Thompson. People have written that he might have political designs, based on his cozy relationships with certain politicos and recent appointment to the National Infrastructure Advisory Committee by President Bush. "Let me be clear: I have no aspirations for politics. None whatsoever," he says, the words carefully wrapped in a polite but dismissive tone.
Some also speculate that last year's appointment of John Schwarz as president and COO signaled that Thompson may be ready to move on from his position as CEO and chairman of the board, but that hasn't proved true. Not yet, at least.
"He's very dedicated to staying here, and I hope he finishes out his career with Symantec," Miller says. "But I bet his phone's ringing with offers every week."
Thompson grew up the son of a postal worker and schoolteacher in West Palm Beach, Fla., middle class but mindful of the segregation that permeated southern states in his youth.
"My mom and dad believed very much in the concepts of working hard for what you want and making sure you're properly prepared for what your pursuits are," he recalls. "We were a loving bunch, but a very competitive bunch. My sister was a smart lady and always pushed the envelope on grades."
Grades weren't the same priority to young Thompson, though, and college didn't come easy, especially after he married at 19 and soon became a father. But professors took an interest in him, including one who convinced him to work for IBM after graduation. Thompson proved to be a quick study.
By the early 1970s, he'd trimmed what he's called his "eight-pound Afro," shaved his mustache, dumped the leisure suit--and started to seal impressive deals as an IBM salesman in Tampa. The company saw Thompson's potential, and by 1993 he was general manager of IBM Americas, a $37 billion unit with 30,000 employees. People wondered if Thompson might someday replace former CEO Louis Gerstner.
In the late 1990s, Symantec was showing signs of trouble. By accident or design, Eubanks, who founded the company in 1982 as a security software vendor and took it public in 1989, had wandered into a number of unrelated software businesses. The scattershot buys had left Symantec bloated, its business strategy blurred.
Change was needed. Even Eubanks knew it.
Board member Miller had met Thompson during a business trip and been impressed with his reputation for taking calculated risks that paid off. He made sound decisions and stuck by them. He was ambitious, but affable. He was well connected, with incredible persuasive powers. People seemed to like, or at least respect, the guy. And he was from the outside.
"Clearly, he was the best-qualified person," Miller says. But Symantec was a hard sell. Thompson had just remarried and loved living in Westport, Conn. Leaving the only company he'd ever worked for might look like disloyalty; leaving it to run a much smaller firm might be seen as a step down.
Symantec, though, offered something IBM wouldn't: A chance to truly lead, to be the boss. And Eubanks was supportive, which made for a smoother transition.
Thompson says he wanted to put into play all the skills he'd acquired at IBM. "It's one thing to be a part of a great team, recognized as doing well in the industry. It's another to be a leader of the team trying to create an image for the company and its product," he explains. He yearned for the latter.
Symantec's revitalization came at a cost.
First, Thompson ordered the company to return to its roots: security. That meant selling off or shutting down unrelated software businesses, such as the Act personal management tool and Visual Café, a software development platform. Having already gained a strong foothold in the consumer AV market with its Norton product line, the company decided to go after the more lucrative but cutthroat enterprise space. Those who weren't up to the challenge were shown the door.
Half of the company's original 2,300 employees were replaced--including almost all of top management. The turnover hinted at the initial, internal turmoil under Thompson's leadership. Not everyone shared the company's new vision, nor its CEO's new, more corporate approach. "It was traumatic for the organization," Miller remembers. "His predecessor had been with it since its inception, and in comes this guy wanting to change a cozy entrepreneurial environment into a billion-dollar corporation."
In addition to the turnover, another 1,900 joined Symantec's ranks through 10 acquisitions that cost the company $1.38 billion. The biggest buy was a $975 million stock deal for firewall and IDS manufacturer Axent Technologies in 2000, a considerable chunk of change even in those heady days. The purchase is still questioned by industry experts who point to the low profile of Axent's technologies in Symantec's product portfolio.
Most recently, Symantec last summer spent $375 million for security management software maker Mountain Wave; IDS vendor Recourse Technologies; managed security service provider Riptech; and SecurityFocus, best known for its security alerts and popular BugTraq mailing list.
Critics also questioned the acquisition price of these firms, which in one case approached 15 times annual revenue.
Even more daring than the price tags for some of these sprees has been Symantec's new business model. The company is gambling on becoming an all-in-one security source. That may explain, some say, why Symantec picks up products that aren't always considered best of breed.
Aside from a philosophical departure is a practical one. In addition to convincing customers that an integrated system of enterprise security technologies is superior to picking the best solution for each need, Symantec must rely less on resellers and more on direct sales, which hasn't been the company's strong suit.
There are numerous other software firms--Network Associates and Secure Computing come to mind--that failed to capitalize on the "security suite" approach. But Thompson believes Symantec can do better by building on brand loyalty.
"Our approach is about delivering an integrated set of offerings that reduce the complexity and costs of securing the environment," he explains. "We will either prove that is the right approach, or not. And I'm betting my personal reputation on the fact that we're right."
A Rebel With a Cause
Thompson enjoys being seen as different, even if he looks like just another blue suit. And therein lies the rub.
In a field overwhelmingly occupied by white men, Thompson's race makes him stand out. Judging from the low number of African-Americans entering IT, that isn't going to change any time soon.
It's a position he's sometimes uncomfortable accepting, let alone promoting. "Yes, I am African-American. It's undeniable. But I don't think of myself in that context," he told the San Francisco Chronicle last year when asked for the umpteenth time about the race factor.
Many of the awards and accolades he's received over the past several years--from Time's Digital 50 in 1999 to last month's list of BusinessWeek's top managers for 2002--have nothing to do with the color of his skin. Those were awarded for his business acumen and influence.
But others express appreciation and honor Thompson's accomplishment as one of the nation's top African-Americans in IT. CNN.com, for instance, profiled him, along with celebrities like Oprah Winfrey and comedian Chris Rock, during last February's Black History Month. BlackEngineer.com deemed him one of the 50 Most Important African-Americans in Technology in 2001.
Technology project manager Chris Williams of Denver has followed Thompson's career since he worked under him years ago at IBM. Williams, who now works for a consultancy and holds office in the nonprofit Black Data Processing Associates, considers Thompson the ideal role model. "He's certainly someone you can emulate in the way he's handling his career," he says. "He's a real stickler for preparation and risk taking and believes that old adage: No risk, no reward."
Thompson's voice no longer drips with irritation when asked about his role and responsibilities as a black leader. He speaks regularly at conferences and historically black colleges, and is working with Jackson's Rainbow Coalition to recruit more African-Americans to IT and help them reach management positions. "They certainly have the intellect and wherewithal to do it. We just need to make ourselves known to them and the opportunities we can offer," he says.
The need for more mentors is key--at least based on his own experience. "I had the belief that if I could produce good results, the rest would take care of itself. But along the way, I also was fortunate enough to have support from some really well-placed people who took an interest in my career."
Success, though, comes more from who you are than whom you know.
"It's a combination of hard work and good support structure that helps to get you going, but it's determination along the way that keeps you moving along. I had enough of all of those to get me where I am today."
About the author:
Anne Saita is senior editor at Information Security.
This was first published in February 2003