Q: Your financial year ended March 31, and for the first three quarters you reported modest growth in your non-GAAP top line (2%, 7%, and 6%, respectively), but a reduction in your non-GAAP net profit for all three periods. What happened?

A: Nobody had ever done before what we did when we acquired Veritas, namely merging two $2bn-plus software companies together. We merged a $2.6bn company with 6,800 staff with a $2.1bn one with 7,300, in a transformational transaction designed to change the tenor of the resulting entity. Much of the heavy lifting is now behind us and we’re heading towards more predictably consistent financials. We slowed up on the integration in some areas and, on reflection, sometimes we went too slowly. Also, there were surprises along the way that were outside of our control. In the period 2002 to 2004, there were 100 medium- to high-risk viruses, whereas in 2005 to 2006 there were six, and that kind of thing means your revenue changes. The market for the core products of Symantec was down, while stealth attacks like phishing and fraud grew.

Q: There’s also the issue of a change in the licensing model. What’s happening on that front?

A: We’re going over to a more subscription-based model. On the consumer side of our business, we’d sell a box in a store and would recognize 80% of the revenue up front, with the other 20% over 12 months, which left us susceptible to volume vagaries. So there we went over to a full subscription mode, in which we recognize all the revenue on the balance sheet and take it on the P&L over 12 months. That makes for better predictability.

Q: Do you want to take your enterprise business over to a subscription model too?

A: I want to move more of that business to this more predictable basis, not 100%, but more than we had. The consumer business has seasonable volume changes, so 100% at ratable [on a subscription basis] is more appropriate there. For enterprise, 60% to 70% ratable would be ideal.

Q: And how close are you to achieving that?

A: Not close enough. It’ll take us a couple of quarters to achieve that degree of stability and insight.

Q: You bought Veritas to get into storage software and you’ve since added desktop management with the Altiris acquisition. Is there the potential for more M&A, and if so, where?

A: There are other opportunities to add value in this way. We’re an acquisitive company and we’ll buy more things. It’s unlikely we’ll buy in network management, but in storage, systems, and security management, yes.

Q: You were rumored to be circling round RSA before it was bought by EMC last year.

A: Some of the things RSA had in the areas of consumer ID management and security would fit better in our portfolio than EMC’s. RSA has a hardware token-based IDM business, but it’s not the market leader in IDM, which is dominated by companies with a formidable directory capability, such as Microsoft with Active Directory and the LDAP vendors. We won’t be buying anyone in IDM.

Q: How about the growing trend towards software as a service or SaaS, will you participate?

A: Some of our technologies, such as back-up, lend themselves well to the SaaS model, and you already start to see some online [service] capabilities in our Norton 360 service for the consumer market. If you have photos and digital content, you get 2GB online to back them up to our data centre and leave them there. We’ll do the same for SMB, where the back-up opportunity is to replace the tape that goes into the back of the boss’s car. Then in email: why manage your own Exchange server, and why have a spam administrator? Some of these services will debut this year.

Prior to joining Symantec, Thompson was at IBM, where he held senior positions in sales, marketing and software development. In September 2002, President Bush appointed Thompson to the National Infrastructure Advisory Committee to make recommendations regarding the security of the critical infrastructure of the US. Today Thompson is a member of the board of directors of UPS, Seagate, and Teach for America. Thompson also serves as the chairman of the board for the Cyber Security Industry Alliance, an advocacy group. In April 2006, Forbes magazine published a list of the most highly compensated CEOs, in which Thompson was ranked at number 8 with total compensation of $71.8m.