Back to News

Symantec: From SBIR Grant to Cyber Giant

News SBIR Program
Symantec's SBIR Success from the Ashes

An Unlikely Beginning in a Living Room

In 1979, a team of Silicon Valley researchers set out to do the impossible: teach an ordinary personal computer to alphabetize a list of words – a task so demanding it typically required a Cray supercomputer(**). The effort was led by Dr. Gary Hendrix, a young artificial intelligence researcher, and it sounded quixotic enough that many doubted it could be done. Yet, in the nascent spirit of high-tech innovation, the National Science Foundation agreed to bet on the idea. Through a then-experimental program called the Small Business Innovation Research (SBIR) initiative, NSF awarded Hendrix’s startup a Phase I grant of $25,000, followed by a $220,000 Phase II grant when early results looked promising. It was a long-shot investment in fundamental research – essentially, teaching computers to understand and sort language – at a time when such work had no obvious commercial application.

The grant proposal had been cobbled together in a hurry. With just days before the deadline, Hendrix and colleagues worked out of his living room to write their pitch(**). Rather than pursue a flashy goal like robotics, they responded to an NSF solicitation for manufacturing improvements by applying natural language processing to factory data. “We wrote a nice little system that ran on the Apple II,” Hendrix later recalled, “and by golly it would parse sentences and it would come out with the types of structures that we would need to go to a database”. In other words, the team built a rudimentary program allowing a computer to understand plain English commands and retrieve information – a major step toward making computers more accessible to ordinary people. Impressed by this Phase I success, NSF delivered the larger Phase II infusion of $220,000 in 1981, enabling the researchers to continue refining their language-processing system.

Birth of Symantec from the Ashes

Hendrix’s fledgling venture was called Machine Intelligence Corporation, and like so many Silicon Valley startups, it struggled to find its footing. By 1982, only months after receiving the NSF funds, the company ran out of money and went bankrupt. But the story was far from over. At this crucial juncture, Dr. Hendrix didn’t fold up shop – instead, he doubled down. Using the remaining SBIR funds, he and a core team of four researchers pressed on with their project, effectively rebooting the enterprise under a new name. Hendrix called the new company Symantec, a playful portmanteau of “syntax,” “semantics” and “technology,” reflecting its roots in natural language software. What could have been the quiet demise of a small research project instead became the genesis of a software firm that would one day be synonymous with cybersecurity.

With Symantec’s formation in 1982, Hendrix set out to commercialize the technology developed under the SBIR grant. He envisioned an advanced natural-language database system as the company’s first product. In 1985, Symantec released that product – a software program simply called Q&A. Far from an antivirus utility, Q&A was a database and word processor with a twist: it allowed users to ask questions of their data in plain English, and get answers without writing complex code. This user-friendly innovation, built directly on the linguistic research funded by the NSF, was a breakthrough in making personal computers less intimidating. Q&A quickly proved a hit. It generated about $1.4 million in sales in its debut year, validating Hendrix’s belief that technology “regular people” could use would find a broad market.

By the late 1980s, Symantec was thriving on the back of Q&A’s success. The company broadened its software lineup and saw revenues climb rapidly. When Symantec went public on Wall Street in 1989, Q&A still accounted for roughly one-third of its $50 million in annual revenue. In total, the family of products that sprang from that original SBIR-funded idea had earned $50 million in sales by the end of the decade. A once-improbable idea – sorting and querying words on a humble microcomputer – had been transformed into a fast-growing business. “Symantec was off and running,” as one retrospective put it, and it all began with a small government grant.

From Natural Language to Norton Antivirus

Even as Symantec flourished with its pioneering database software, the technology landscape was shifting. The late 1980s brought personal computing into the mainstream, and with it new opportunities – and threats – that few had anticipated in 1979. Symantec’s leadership soon recognized that the company could not survive as a one-product wonder. Under CEO Gordon Eubanks (who took the helm in 1984 after a merger), Symantec pursued a strategy of expanding into other niches, often by acquiring smaller software makersfundinguniverse.comfundinguniverse.com. The most fateful of those moves came in 1990, when Symantec acquired Peter Norton Computing, a firm known for its utility software and the iconic Norton suite of programs.

The Norton acquisition proved transformative. Almost immediately, Symantec’s sales tripled within a year of folding Norton’s products into its lineup. Norton’s programs – which included disk utilities and, soon, antivirus tools – aligned perfectly with a growing need: as more households and businesses got online in the 1990s, protecting computers from viruses and security threats became a pressing concern. Symantec gradually made Norton’s Internet security software the centerpiece of its business, shifting focus from general productivity tools to consumer and enterprise cybersecurity. This pivot would define the company’s identity for decades to come. By the early 2000s, Symantec (through its Norton brand) was a household name in PC security, the company’s yellow shield logo synonymous with antivirus protection worldwide.

It’s a long way from natural language processing to network firewalls and antivirus scans, but in Symantec’s case one led directly to the other. The technological DNA of Symantec – the expertise in parsing and managing information – made it well-suited to tackle security, which is ultimately about analyzing data (like files or network traffic) for threats. And the commercial success enabled by that first SBIR-funded product, Q&A, gave Symantec the resources and credibility to attract top talent and investors for its next chapters. Hendrix noted that the breakthrough enabled by the SBIR project had “the intellectual and commercial pizzazz to quickly attract $14 million of venture capital and IPO investment”, bringing in top-flight managers, scientists and engineers to fuel the company’s growth. In his words, the SBIR grant was the “magic catalyst” that opened the door to a wide range of new possibilities – including the Norton deal that vaulted Symantec into the cybersecurity stratosphere. Hendrix later reflected that without the SBIR program’s support for his radical idea early on, “much of [Symantec’s] economic growth would not have happened”.

A $10.7 Billion Legacy and Counting

Four decades on from that risky 1979 grant, the payoff has been extraordinary. Symantec grew into a global cybersecurity powerhouse, at one point employing over 17,000 people in more than 40 countries. Its products, especially the Norton Antivirus line, became staples for consumers and businesses looking to protect their computers. Perhaps most striking, the modest $245,000 investment by NSF ultimately helped create a company worth billions. By 2019, Symantec’s operations had become so valuable that its enterprise security division alone was acquired by semiconductor giant Broadcom for $10.7 billion in cash(**). In that transaction, Broadcom obtained Symantec’s name and business-oriented security products, while the consumer-focused Norton line continued as a standalone company. The successor to Symantec – now known as NortonLifeLock Inc. – today has an estimated market value of about $15 billion. Measured against the initial SBIR grant, that’s roughly a 61,000-fold return on the government’s investment – a staggering ratio more akin to a venture capital home run than a public research project.

Symantec’s journey has not gone unnoticed by the stewards of the SBIR program. In 2011, the U.S. Small Business Administration inducted Symantec into its SBIR Hall of Fame, recognizing the company as an “outstanding example” of the program’s values and impact. This honor highlighted how a small high-risk award can lead to outsized economic and technological benefits. The Hall of Fame plaque, in effect, links Norton Antivirus’s ubiquity back to that bold decision by NSF in the pilot years of SBIR. It’s a reminder that even the world’s leading cyber security firm once needed a helping hand from Uncle Sam at a critical juncture.

The SBIR Program’s Farsighted Vision

The tale of Symantec’s origin holds a deeper lesson about the role of government in spurring innovation. In the late 1970s, the SBIR program itself was a novel experiment. Brainchild of an MIT-trained venture capitalist-turned-government administrator named Roland Tibbetts, SBIR was created to empower small businesses to conduct cutting-edge research and development that would “advance the state of the art and stimulate the American economy”. It was, in essence, an early public sector venture fund – but with a crucial difference. Unlike traditional venture capital, which typically demands a clear market application and quick returns, SBIR could take the long view. It could fund fundamental R&D simply because it had the potential to push boundaries, without any guarantee of immediate payoff.

Symantec’s story showcases this unique foresight in action. When NSF backed Hendrix’s natural language project, there was no way to foresee the rise of the internet or the eventual necessity for consumer antivirus software – concepts that would have sounded like science fiction in 1979. The grant wasn’t aimed at building a security company; it aimed at a foundational technology in computing (teaching machines to handle human language) that, only in a roundabout way, decades later, helped enable a new industry. SBIR operated as a patient investor when no private investors were willing to step in. In those early days, Hendrix’s company was “still far from creating a product” and struggled to attract financing until SBIR support gave it credibilityfundinguniverse.com. The program’s structure allowed federal agencies like NSF to seed the building blocks of future industries – in this case, the algorithmic and AI underpinnings that would prove critical in filtering spam emails, detecting viruses, and shielding online data in the years to come.

This capacity to nurture long-term, high-risk research is what makes SBIR a powerful engine for innovation. Breakthrough ideas often have much wider economic leverage than their initial market suggests, as Hendrix observed. Private capital might have scoffed at funding an idea as esoteric as natural language parsing on a PC with no obvious buyer. But SBIR’s vote of confidence not only yielded immediate research progress – it also sent a signal that drew in venture capital and top talent, amplifying the project’s impact manifold. In effect, the government’s early involvement de-risked the technology enough for the market to take notice. The eventual creation of a multi-billion-dollar cybersecurity leader can be traced as a direct lineage from that first SBIR grant. It’s a dramatic example of how patient public investment in “core science” can translate into massive downstream economic growth and even spawn entirely new sectors.

From a Spark to an Industry

The $245,000 NSF award that gave Symantec its start now reads like a fantastically savvy investment – one that any Silicon Valley venture firm would envy in hindsight. Of course, it was never intended to create an antivirus giant. But that is precisely the point. The SBIR program enabled researchers to pursue a promising avenue (natural language AI) for its own sake, trusting that useful applications would emerge in time. In doing so, SBIR planted a seed. Decades later, that seed grew into a company that guards millions of people’s computers around the world. The modern consumer cybersecurity industry, led by firms like Symantec/Norton, thus traces one of its origin stories back to an unlikely source: a government check written at a moment when a small company – and a big idea – teetered on the brink of collapse.

In an interview many years later, Gary Hendrix still marveled at how pivotal SBIR had been to Symantec’s rise. “SBIR was the magic catalyst,” he said, that set everything in motion. It is a testament to the program’s vision that a bankrupt linguistics startup could reinvent itself as an internet security trailblazer, thanks to a little patience and trust from a government willing to bet on the future. The next time you update your antivirus software or secure your digital data, remember that it all began in a California living room with a radical idea, a stack of words to sort – and a small grant that made the world of difference.