News & Insights

Beutel Goodman Speaker Series: In Conversation with NortonLifeLock – Transcript

30 November 2020

On November 9, 2020, Rui Cardoso, Managing Director of our U.S. and International Equities team, hosted a virtual fireside chat with NortonLifeLock Inc.‘s CEO, Vincent Pilette, and CFO, Natalie Derse.

Many of you may know of NortonLifeLock (formerly Symantec Corp.) from buying a box of Norton Anti-Virus software a couple of decades ago. With many of the recent changes, NortonLifeLock is going back to its roots in consumer cybersecurity, and recently added identity theft protection as well with the acquisition of LifeLock. NortonLifeLock emerged as a standalone company after the sale of Symantec’s enterprise security business to Broadcom last year.

The following is an edited transcript of an exchange that provides insight into the transformation of NortonLifeLock following the sale of its Enterprise Security assets and the evolution of the company’s corporate strategy.

 

In Conversation with NortonLifeLock

RUI CARDOSO: Thank you to our clients for joining our Beutel Goodman Speaker Series event, In Conversation with NortonLifeLock.

NortonLifeLock has been a core holding of ours since 2013, and few other stocks in our portfolios highlight our patience and discipline in investing more than this one. Through all the changes and market disruptions, we have focused on the inherent asset value that was buried under all the noise, and after many ups and downs, we have been rewarded as shareholders.

Much of the stock’s recent success has been guided by the company’s new CEO, Vincent Pilette, who joined the company in May 2019 after many years as the CFO of consumer technology company Logitech International S.A. He was joined recently by CFO Natalie Derse, who has a breadth of finance experience across many consumer-facing industries, including Stanley Black and Decker and eBay. We are pleased to have the opportunity to welcome Vincent and Natalie today to highlight how far the company has come in such a short amount of time, but more importantly, why there is still a long runway yet.

Our first set of questions are centred around NortonLifeLock’s business – what the company does, Management’s vision of the future of the business and their plans for growth. We’ll then provide some insight into our due diligence process, with some pointed questions about how the company’s fundamentals fit with the Beutel Goodman approach – which is integral to any business we add to our portfolios. Finally, we’ll discuss how NortonLifeLock has been navigating the past few tumultuous months, the risks Vincent and Natalie see on the horizon, and the top priorities for deploying capital going forward.

So with that, welcome Vincent and Natalie.

 

VINCENT PILETTE: Thank you, Rui, and thank you everyone for attending.

 

RUI CARDOSO: We’ll start with some background on how NortonLifeLock became the business it is today. Vincent, could you please give us your quick elevator pitch on how the company is currently positioned, not only for customers, but also for shareholders?

 

VINCENT PILETTE: Let me start with the broad vision that this new leadership team has set for itself. We want to be the trusted brand for everyone – every consumer – to live their digital life safely. That is, to enable every consumer to take control of their data and their digital life on the internet and ensure a safer environment.

How we will get there is by building the first integrated platform that gives the consumer a holistic view of their cyber health. This includes device security, identity protection, privacy on the internet, and now connected home and connected family – it’s all part of that safety bubble. There is a vast range of applications we can address, and we want to be the automatic brand the consumer thinks about when they think about cybersafety.

If you look at the physical world of today, you look to protect all your assets or items of value. For example, you install an alarm system in your home, or you take out an insurance policy for your car. Yet in the digital world, security is still vague concept. There are currently around 100 million consumers who specifically pay for cybersafety, but we have literally billions of people connected to the internet, putting what they value at risk.

We believe in the future people will invest in cybersecurity applications the same way they buy insurance policies in the physical world. And we’ve embarked on this broad mission to build a leadership team, rebuild a culture, and set a pace of innovation that will build that overall portfolio.

 

RUI CARDOSO: Vincent, when you were approached to join NortonLifeLock, the company was going through a lot of changes. While we felt the story was misunderstood, it was nonetheless significantly out of favour with the market. What attracted you to the opportunity to join the company, and what has the last year and a half at the helm been like for you?

 

VINCENT PILETTE: When I joined in May 2019, even my wife asked what I was doing, leaving a fantastic company like Logitech to join Symantec. To explain why I made that decision, I really need to go back to my time at HP, where I earned my operating chops. That was where I learned how to transform underperforming companies into better-operating assets.

Some of the criteria I looked at included whether the company had a solid brand and a strong balance sheet, and what the pain points were in terms of operational execution. There are many reasons a company could be suffering operationally; for instance, it could be that there are multiple CEOs, or that the company has missed guidance over many quarters.

As my career progressed, I started to invest in companies that displayed the characteristics that I understood – that’s what happened when I joined Logitech in 2013. I invested in the company, which was basically a mouse and keyboard – or what an investor described to me once as a “plastic company”. Under President and CEO Bracken Darrell’s leadership, I as CFO helped transform the business into a design company, building a portfolio of endpoints that consumers really wanted, in the cloud.

In 2018, Symantec had similar characteristics: a great balance sheet, a good brand, in a space that was growing, but there had been execution missteps for many years. In 2018, they announced an audit investigation and the stock price dropped from almost US$30 per share down to just over US$19 per share. That’s when I made my first investment in the company. Then Starboard Value LP, an investment firm that invests in deeply undervalued companies, invested in the company and assumed some board seats. When the board started looking for a new CFO at the beginning of 2019, they contacted me.

The day I joined, the company unfortunately announced another missed quarter, and the CEO was replaced. Rick Hill [a Symantec director and former Chair and CEO of Novellus Systems] was brought in as acting CEO, and I immediately took on a broader role. We embarked on a mandate to do what we do best: leverage a brand, balance sheet and some capabilities to address a growing market.

Two recommendations came out of that process. One was to sell the consumer business for a cash-flow value because it was positioned as a no-growth, high-cash-rich division – and that’s how it was managed inside Symantec. The second was to then focus on the enterprise business. However, when we presented that turnaround plan to the board, they weren’t all that excited. When I asked why, the board said that although the recommendations made sense, we were the fifth or sixth management team to present a turnaround plan for the enterprise business.

A few months later, in August 2019, we signed a deal with Broadcom to sell the enterprise division for a value that was higher than the discounted cash flow of a successful turnaround plan – roughly US$10.7 billion.

In turn, we focused on the consumer division that we had studied those first three months on the job as a growing opportunity. We recognized that in the consumer world, cybersafety was still viewed as an endpoint – basically PC protection. Today, though, cyber risk has migrated from the endpoint to the user, and so building a cybersafety portfolio for consumers to protect all their cloud-based applications appeared to us to be a fantastic long-term structural-growth opportunity. We believe that more and more of our lives will continue to move online, and over time the physical identity will become a digital identity or set of digital identities. That is, people will have different applications and different personas on the web that they will want to protect. The COVID-19 crisis has reinforced the validity of this underlying assumption

 

RUI CARDOSO: Natalie, what attracted you to NortonLifeLock?

 

NATALIE DERSE: There are about 14 months between when Vincent started and when I joined the team in July this year. Vincent and the team have gone through such an extreme transition. You can see this from our financial performance and the incredible goals we’ve set, and from the strong execution ahead of the plan’s communicated timelines. And this is just one example not only of the strength of the business model and the health of the business right now but also the commitment and the energy and the execution ability of this leadership team, specifically under Vincent.

As I went through the interview process and an evaluation of where I wanted to continue my career, the health of the business was clear with NortonLifeLock, especially since the divestiture. However, I would say what really prompted me to uproot after nine years at eBay was Vincent and the leadership team. You can hear all of the passion, all of the energy when Vincent speaks, and that culture, that commitment to driving the business to a place we know it can get to, extends throughout the company.

That’s really why I’m here. I wanted to be part of a company that drives growth, leads the market, innovates, and develops new products and solutions. I also wanted to be as close to the customer as possible, so NortonLifeLock’s direct-to-consumer business model was attractive to me. It allows us to really hear the voice of the customer, iterate quickly, test things in the market, and continuously improve.

 

RUI CARDOSO: Vincent, you have done in a year at NortonLifeLock what most CEOs do in a lifetime. How far are you in the transformation process, and when do you expect to be able to shift your full-time focus to running the business versus things like selling assets and real estate, and shifting headquarters?

 

VINCENT PILETTE: I see this transformation as a two-step process. The first was the transition from being Symantec to becoming NortonLifeLock – a pure-play business solely centred around consumer cybersafety. A financial turnaround typically takes about a year, and I think we’ve done that. In terms of the transition, it’s 100% complete.

The second step is a shift from transition to transformation; that is, building an innovative portfolio of cybersafety applications for all consumers. A product portfolio turnaround usually takes one to three years, and on a scale of 1 to 10 here, we are a one. We have just finished building out a leadership team, and now have many new players who come from a diverse range of consumer companies such as PayPal, Logitech, eBay and Avast. And we are all eager to take this balance sheet, this brand, these capabilities, and build something that nobody – investors, the Board – believes we can build. That’s what excites us. We’ve also highlighted a set of values that we aspire to live by as we embark on this transformation. A year ago, we started a shift from cutting costs to investing in the business and our marketing, which is essentially our sales engine. And we launched Norton 360, the first integrated platform. Despite all of this, we are only at the very early stages of what I believe we can do.

Finally, to build a company that can continually innovate and deliver value to consumers – basically a full cultural change – that takes three to five years. That’s what we’ve embarked on

 

RUI CARDOSO: How do you see cyberthreats evolving, and what critical applications are you working on?

 

VINCENT PILETTE: We begin by looking at consumer lives. More and more of our day-to-day lives is moving online. As this shift online continues, the things we value are exposed to a new kind of criminality. So, when we develop products, we consider applications that are adjacent or relevant to what cybersafety protection means to people; for example, alert systems that monitor kids’ behaviour on certain apps; privacy and reputation management; safety of financial information and other personal data now that it is being accessed on desktops and phones. The vast array of applications drives our optimistic view of the business for the long term, and I think it’s important, rather than look at criminality first, to look at what consumers value when they go online, and try to protect that.

We maintain the core R&D capabilities that came from Norton’s anti-virus business, while the LifeLock business brings to the company not only the algorithms and alerts but also various services and insurance aspects. All these together provides us with a strong set of skills to build applications.

 

RUI CARDOSO: If we look at some of your historical sales channels – such as the Norton Anti-Virus box or the preloaded software on PCs, how does that compare to now, and how are you reinvigorating your brand and selling products to newer channels?

 

VINCENT PILETTE: Today, we use marketing to drive the value and message of our portfolio to consumers.

About 90% of our customers download our products directly from our e-commerce platform. The other 10% of our business comes from partnerships, such as telcos, and the retail (e-tail) channel; it’s subscription-based now but is a similar concept to the old anti-virus in a box.

The brand has been around since the 1990s, and as we come up with new applications and drive new messages, we continue to advance the brand as an innovator across multiple relevant applications. As I mentioned, changing the culture of a company – whether internally, or the outside world’s perception of the brand – is a multi-year effort.

 

RUI CARDOSO: What have been the benefits and challenges of integrating LifeLock’s identity protection business with Norton?

 

VINCENT PILETTE: I give a lot of credit to Greg Clark [CEO of Symantec]. In 2017, amid the changes Symantec was facing regarding the enterprise business and the integration of [web and cloud security vendor] Blue Coat Systems, he saw an opportunity to buy LifeLock. He is a visionary leader, and he believed that consumers would come to see that they need cybersafety in much the same way that they need insurance in the physical world. When Symantec bought LifeLock, the idea was to offer the first integrated platform in the industry that provided cyber protection to consumers across many pillars – from device and identity protection to personal privacy and data security, all the way through to connected homes.

We started to build toward that portfolio, and 15 months ago we launched the first Norton 360 integrated platform, which provides consumers with an interactive dashboard view on their cyberhealth. We now have the architecture in the platform to provide new, innovative functionalities that add value to the membership platform.

Norton 360 is consumer-led, so if a consumer just wants to buy a single product, they can. However, they can also increase their level of protection as they need it

 

RUI CARDOSO: Geographically, NortonLifeLock is still highly levered to the U.S. market. How do you continue to build your brand outside of the U.S., and is the LifeLock model transportable across borders?

 

NATALIE DERSE: We are still very much a U.S.-based business in terms of percentage of book – it’s currently about 70% U.S. versus 30% international. However, we see that as a huge opportunity to expand geographically.

From a LifeLock perspective, the piece that is social-security based – obviously that is U.S.-centric – but we see a lot of opportunity in our solutions for security in general. Norton 360 will not necessarily be a U.S.-centric product on a go-forward basis; we are expanding and looking for ways to provide that security and identity component across the integrated platform.

From a geographic location perspective, we are driving innovation not only in terms of product solutions but also from a marketing perspective. We elevated our marketing spend five quarters ago from about $200 million to $300 million annually, and we diversified across the channels we were spending on. A large chunk of the spend went into the international market to expand awareness of the Norton 360 integrated platform online and through social channels, to build awareness and grow internationally.

 

RUI CARDOSO: Are there certain markets where you think you can gain traction more quickly or where you think it will take longer to establish the brand?

 

NATALIE DERSE: We successfully launched Dark Web Monitoring in Japan – that’s been a real success for us, and we’re looking similarly across the Asia-Pacific region. Within Europe, we think there’s a lot of potential given our current penetration levels there. The standouts there, we believe, are France, England and Germany, but we’re not turning down any opportunities for growth.

 

RUI CARDOSO: Avast Software’s business model is the “freemium” model, where they give you the software and hope you upgrade to a more premium package. How do you compete with a model like that? In addition, how do you compete with companies like Microsoft, which wants its clients to be protected but hasn’t been as focused on this market? How do you maintain your strong barriers to entry?

 

VINCENT PILETTE: At the core, it’s important to recognize what our mission is, which is providing cybersafety to everyone.

As I mentioned, there is a large gap between users of the internet (billions) and the number of users who actively pay for cybersecurity (100 million), so we’ve seen more activity as businesses try to unlock that broader market value. How we get to market can be different than that of other companies. You mentioned Avast – that’s a business model on one side of the spectrum that distributes some product at lower functionality for free, and that gives them a very broad funnel from which they are trying to upsell and cross-sell. On the other side of the spectrum, you have companies such as McAfee Corp., which is very linked to PC manufacturers, offering trials on the PC and trying to convert those users.

We are somewhere in the middle. With our e-commerce platform, we deal directly with consumers but offer a premium value product.

These are all ways to get to consumers. I have no sacred cows in terms of distribution; we are looking at all of the best ways to distribute. Whether it’s offering a lower level of cybersafety to be able to touch more customers and then upgrading to different membership levels as we increase the value – or on the other side, working with PC manufacturers. While we like the fact that we are user centric versus PC centric, if partnering with a manufacturer or distribution or services company would help us reach more customers, we will consider it.

When you talk about bigger companies, such as a Microsoft making security a more robust part of the operating system – I think we have an entirely different mission. Our mission is to provide safety for consumers’ digital lives, versus other bigger companies that basically provide those digital services. Our focus is 100% on cybersafety.

As always in business, the best way to offset commoditization is to continue to innovate and move some of the value into the free space at the lower level of membership and constantly add new functionalities and new experiences

 

RUI CARDOSO: Do you think the importance of scale in operations will grow, and if so, do you see the need for more industry consolidation? What would the role of NortonLifeLock be in that type of scenario?

 

VINCENT PILETTE: Scale can be both a benefit and a curse. Scale enables you to hear from more customers and to invest more in innovation. Scale can also be a challenge because it can prevent you from being nimble, innovative and fast-moving.

A few companies have shown in the past that they can have scale and be nimble. We will try to do both.

Do we see more consolidation in the industry? We don’t know, but we believe consolidation is one element of a potential strategy on how to reach more consumers in terms of cybersafety. We also believe in the organic development of our current portfolio, in constantly moving forward the value-add, the user experience and the functionality of Norton 360. And finally, we believe in adding new digital safety services that continue to expand the portfolio. We will contemplate all three aspects of that strategy.

 

RUI CARDOSO: You mention a blessing and a curse; I think that’s a good lead into my next question. Natalie, you joined the company at a time of high profitability. It was a cash cow within the Symantec umbrella, and now you have to invest to regrow the business and get growth back on track while also maintaining high margins. What are some of the things you’re looking to do to maintain those high profitability levels while investing?

 

NATALIE DERSE: I would start by saying we’re very proud to report 50% total company operating margins in Q3 fiscal 2021; it’s the first time we’ve been able to report and deliver on that since the divestiture. It really puts us on a solid path to be on that annualized $1.50 earnings-per-share target that Vincent announced about a year ago.

In addition, we’ve been growing relatively consistently in the mid-single-digit range on reported billings and we’re seeing customer account growth, pretty consistent revenue growth – to touch on what I said earlier, the health of the business model is very robust.

To your question on investment – it’s a fun position to be in. We have a high appetite to drive an accelerating rate of growth, but not at any cost. We spend a lot of time evaluating and discussing this. We do have the capacity to invest on a consistent basis, but we’re not going to throw money at any initiative prematurely. We’re in this for the long haul in terms of building a sustainable and profitable business, with steady and consistent growth.

We elevated the level of marketing investment significantly and continue to spend at levels of approximately $75 million per quarter, but we didn’t just spend more; we reallocated within those channels, have allocated much more to digital, have invested internationally, and expanded in our affiliates. So the spend profile of $300 million looks a lot different than it did a year ago.

Why not pour more money into the funnel? We may, and we evaluate that option on an ongoing basis. Right now, though, we still think we have a lot of powder left in that $300 million to drive growth, to drive efficiencies and reallocate even further.

In addition to that, beyond the marketing component, we are always looking for ways to invest in long-term organic growth but also inorganic growth. We have a lot of discussions about how we’re going to invest in our innovation, drive that product roadmap, and strengthen our product value proposition in the market for our customers.

 

RUI CARDOSO: As you’ve added more innovation and more bundling of products, do you find that customers are stickier now? What are renewal rates now, and where were they two years ago?

 

NATALIE DERSE: We’ve delivered four quarters in a row now of customer account growth, and we’re especially proud of that given that when we divested, we were in negative customer account growth, so obviously churn being much higher than the additions. Now, we’ve not only recovered from that, but on an ongoing basis, we are going to try to continue to drive positive customer account growth, although it’s going to get harder to continue that at the rate of growth we’ve been experiencing.

And it’s the same situation with the investment behind the growth. We’re now into five quarters of elevated marketing growth and that’s obviously going to pose some challenges in terms of how you continuously drive and accelerate that rate of growth, but we do believe there are opportunities there.

Turning to renewal rates, we know that first-year retention is the lowest of our portfolio, and strengthens as customers increase in tenure, so we know what we’re facing in terms of positive customer account growth, but we believe we’re well positioned for that. As we’re starting to hit the 12-month mark with some of the new customers, we’re seeing some green shoots on the Norton 360 integrated platform, with retention rates at or above what we have historically seen (although this is still very early data). As customers start to hit their first anniversaries with us, we are spending a lot of time thinking about what our value proposition looks like, what our cross sells and upsells are, how we’re communicating with our customers on the message of cybersafety, and how we can help protect them.

 

RUI CARDOSO: You touched on this a little already, but now you have a fresh start with all the free cash flows the business is generating. What are some of the top priorities for deploying that cash?

 

NATALIE DERSE: I would point to our capital allocation strategy: of course, one is dividends. Another critical tenet is opportunistic share buybacks; we have about $1.6 billion authorized, of which we’ve used $1 billion, and we evaluate that strategy on an ongoing basis.

Yet another area of our capital allocation strategy is inorganic growth. We evaluate M&As from all perspectives that could be complementary under that cybersafety umbrella, such as product innovation and the ability to enter new or adjacent markets

 

VINCENT PILETTE: Now that I have Natalie as my CFO, I can be a lot more single focused about business growth and as Natalie mentioned, inorganically, we’re looking at all the opportunities. When you do that, you also look at what your alternatives are: what already exists in the market, what has been developed as a prototype product or business, and evaluate whether by buying it, you can shorten the development cycle, including the risk and the time associated with that development.

 

RUI CARDOSO: In addition to the transition at the company level, there’s also been a bit of a transition at the board level, and there are a lot of varying interests: private equity, shareholder activists, and shareholders that have representation as well. What has it been like working with the board, and what is their perspective on the future path of the company? Have they been supportive of taking a long-term approach to the business?

 

VINCENT PILETTE: The last year has been my best experience in terms of executive/board relationships. We reduced the size of the board when it became NortonLifeLock and brought on people with consumer-centric views who are very supportive of driving transformation. Due to COVID-19, we started to engage in a monthly review of many different issues with the board, and they’ve been supportive of the transition, and the board collectively has helped me and the management team to really shift the mindset from transitioning and a financial focus to the strategic overall vision and ambition we have.

As some members of the board leave, we will continue to bring on new members with a focus on consumer experience, operating experience, and diversity. As we look at addressing every consumer in the world, we also want to have a similarly diverse company.

 

RUI CARDOSO: We have a couple of audience member questions that I want to make sure we get to before we wrap up. The first question is, “Have you used the pandemic crisis to make or bring forward some hard decisions, and what would be one or two that you would highlight?”

 

VINCENT PILETTE: I don’t know if the pandemic was the driver of hard decisions. Frankly, since I joined the company, we’ve made hard decisions: selling the enterprise business, focusing on the consumer, reducing the board, changing the leadership team, reinvesting in marketing.…

Like many companies, the pandemic has helped us understand that there are many ways of working. Outside of all the ways that we’ve tried to address how to provide internal support, COVID-19 has reinforced our belief that more and more of consumers’ lives will be lived online, and they will need protection

 

RUI CARDOSO: Security specialists have been highly coveted assets. How do you attract and retain very specialized people like that?

 

VINCENT PILETTE: A year ago, it may have been tough, but we’ve had a pretty good success rate of hiring this year. The culture of the company, our recent success and the quality of the brand have helped, and frankly, when we talk about our vision, I think people understand the opportunity they have to build a lot more.

 

RUI CARDOSO: A final question from an audience member: “When you look across the tech landscape, there are a lot of stocks that have done extremely well. How do you view valuations in tech and in particularly, your stock?

 

VINCENT PILETTE: When we split the company into enterprise and consumer, we had certain hypotheses, and as some of the audience members may have read, Broadcom was already circling around Symantec. Many investors contacted us at that time and advised us that if Broadcom offered what had been circulating in the newspapers at the time – somewhere around $26 and $28 per share – then we should sell at that price.

However, we were always convinced that the company was worth more, and the approach Rick and I took was very simple. We had already arrived at a certain value for the enterprise business when we re-examined the consumer division. We knew that it was a $2.5 billion business with the ability to deliver an annualized $1.50 in EPS, but then we started to look at different scenarios for growth. It was declining at the time, but the market was growing, so we figured that if we reinvested, within one to three years we could grow by low- to mid-single digits (3%-5%) in the mid term. Then we took a 5% business, delivering $1.50 in EPS in a market that could grow in the high single digits, and we believed it should be valued – and you pick your number here; 15x to 20x EPS – and we had a valuation, at the time, that was well in excess of what investors thought. It’s also well in excess of what it is today, but that’s because we need to build the credibility and sustainably deliver accelerated growth.

So, we were very convinced when we got an offer of $11 billion for the enterprise business, which was a lot more than the discounted cash flow of the turnaround of the enterprise. We sold it and what remained was the consumer business with a $1.50 in EPS, growing at low single digits – and maybe at high single digits, and I’ll let you apply whatever multiple you want on that business, but we think it’s a lot more than what it is today.

 

RUI CARDOSO: That’s fantastic – we’re grateful as shareholders that if there was an offer at $26-$28, that you didn’t take it!

As shareholders, we’ve done well by this stock, and we’d like to thank you, Vincent and Natalie, for joining us today to help us, through this deep dive of NortonLifeLock, to highlight how we invest.

Thank you also for a job well done so far with the transformation at the company.

 

VINCENT PILETTE: Thank you for being investors and for your support. We appreciate it.

 

Download PDF

 

Related Topics and Links of Interest

 

©2020 Beutel, Goodman & Company Ltd. Do not copy, distribute, sell or modify this document without the prior written consent of Beutel, Goodman & Company Ltd.

This is an edited transcript based on a conversation with Vincent Pilette, CEO, and Natalie Derse, CFO, of NortonLifeLock Inc., and is disseminated with the company’s express permission. This document is not intended, and should not be relied upon, to provide legal, financial, accounting, tax, investment or other advice. This is not an invitation to purchase or trade any securities. Beutel, Goodman & Company Ltd. does not endorse or recommend any securities referenced in this document.

Subscribe to our newsletter