Veritas. Carlyle''s 2016 $7.4B carve-out from Symantec
A backup software business given new life through focused investment
The deal. In January 2016, Carlyle Group and Singapore sovereign wealth fund GIC bought Veritas Technologies from Symantec for $7.4 billion. Symantec had originally acquired Veritas in 2005 for $13.5 billion in a poorly-executed merger and was selling it at a substantial loss to refocus on cybersecurity. Veritas was the market leader in enterprise data backup but had been starved of investment under Symantec.
The thesis. Enterprise data backup was a stable, recurring-revenue business with high switching costs. Customers don't casually migrate their backup infrastructure. Veritas had market leadership but was losing ground to cloud-native competitors (Rubrik, Cohesity, Veeam) because Symantec hadn't invested in modernization. The thesis was: aggressive R&D investment in cloud-native backup, expansion into adjacent data management products, and competitive defense of the installed base.
What they did. Carlyle installed new leadership, dramatically increased R&D spend (over $300M annually), and launched modern cloud backup products including Veritas NetBackup Flex Appliance and the SaaS-based Backup Exec. They expanded into adjacent data management areas. EDiscovery, data classification, ransomware recovery. They also rebuilt the partner channel that had atrophied under Symantec.
The outcome. Veritas remains private as of 2024. The competitive position has stabilized. Veritas has retained most of its enterprise installed base while building meaningful cloud and SaaS revenue. Carlyle has executed dividend recapitalizations returning capital to LPs and the asset is positioned for either an eventual IPO or strategic sale. While the full IRR isn't yet known, the deal is considered successful relative to the troubled Symantec era.
Best practices for VantageOS users. First, mismatched corporate parents (Symantec's 2005 acquisition of Veritas was a stock-deal-driven mismerger) systematically destroy value in non-core divisions. These are among the best PE acquisition opportunities. Second, software businesses with sticky installed bases can withstand periods of underinvestment, but only finite ones. Defending an installed base requires aggressive product modernization within 24-36 months of acquisition or cumulative losses become irreversible. Third, cybersecurity, data management, and infrastructure software have produced strong PE returns because of high gross margins and recurring revenue; but they require deep technical operating expertise to execute well. Generalist PE firms struggle with these categories.