Before we reimagine anything, we need a shared picture of the current surface โ what Norton ships, the health of the brand, the systemic gaps, and the metrics we're trying to move. This is the baseline every prototype is measured against.
Four pillars, organized by the job they do. The footprint is broad โ the problem isn't feature gaps, it's that Laura doesn't know most of these exist, and the ones she does use are invisible.
The core antivirus heritage โ protecting devices, browsers, and network activity. This is what most customers still think Norton is.
Real-time scanning, threat detection, behavioral monitoring across Windows, Mac, iOS, Android.
Two-way firewall monitoring inbound and outbound traffic for PC and Mac.
Bank-grade encryption on public Wi-Fi, up to 10 devices on top tiers.
Browser extension that blocks malicious sites and warns on suspicious links in results.
Store, generate, auto-fill credentials across devices. Free and bundled tiers.
10โ500 GB of cloud storage depending on tier. Ransomware mitigation.
Webcam hijack detection and notification for Windows.
The on-demand diagnostic that checks device health, vulnerabilities, and dark-web exposure.
AI-powered scam detection for texts, emails, and calls. Newer addition.
The reactive identity brand. Monitors for signs of identity compromise and reimburses losses when things go wrong. Strong among Norton's 45+ cohort.
Scans forums and breach databases for exposed personal info โ SSN, email, phone, bank accounts.
1-bureau or 3-bureau depending on tier, with real-time alerts on credit file changes.
New account openings, address changes, court records, payday loan applications.
Help canceling and replacing contents if wallet is lost or stolen.
U.S.-based agents who work cases to restore identity if theft occurs.
Reimbursement for stolen funds, personal expenses, and legal fees up to $1M on top tier.
The most recent investment area โ removing personal info from data brokers and controlling what's exposed online. Still underutilized by the base.
Scans top people-search sites and flags where personal info appears.
Helps opt out and remove personal info from data broker sites.
Monitors Facebook, Instagram, LinkedIn, etc. for compromised or risky activity.
Anti-fingerprinting technology that blocks websites from profiling Laura's browser.
Tools for the household. The most on-brief for Laura's stated anxieties โ but poorly discovered and rarely activated by existing subscribers.
Parental controls โ screen time, content filtering, location tracking, school time mode.
Up to 10 devices across a household on Select/Ultimate/Advantage tiers.
Monitors what kids watch on YouTube and Hulu on their devices.
Restricts access during school hours to only approved educational sites.
The signals leadership is seeing โ from brand perception to product usage to competitive pressure. This is the "why now" for the reimagination.
In a category that has moved toward AI, identity, and holistic "digital life" protection, Norton is still filed mentally under "the thing you installed on your Dell in 2008." The brand has extended far beyond antivirus โ but the perception hasn't kept up.
Laura wants it handled โ so Norton stays silent. But silence means she never sees the value she's paying for. Engagement is low, perceived value is low, and renewal becomes a quiet negotiation with a charge she doesn't remember authorizing.
Norton's paying base concentrates in 45โ65+, with a median HHI of ~$142K. Strong on loyalty, but structurally declining. Younger builder-phase users don't install a security suite โ they assume their phone or bank handles it. New acquisition is expensive.
Banks now offer dark web monitoring. Apple offers private relay. Google offers password managers. iOS has on-device threat detection. The standalone security category is being absorbed by platforms โ and Norton has to justify its seat at a table that's getting smaller.
Not bugs โ structural holes. These are places where Norton could credibly play and isn't, or where the product model doesn't match how Laura actually lives.
Norton sees device signals. It sees identity signals. It sees dark web signals. It rarely connects them. A scam text, a suspicious login, and a new credit inquiry within 48 hours should trigger one unified alert โ not three disconnected ones Laura has to piece together.
"Up to 10 devices" is a license count, not a family model. Laura has no view into what's happening on her mom's iPad or her 12-year-old's phone. The product is sold as a family plan but operates as a set of individual accounts.
Genie Scam Protection is a start โ but it's still a classifier, not an agent. Laura wants Norton to decide and act on her behalf, not hand her a yellow warning triangle. The brand is positioned for agency but the product is still set up to ask permission.
Every Norton feature is reactive โ it alerts on something that has already happened. Nothing tells Laura what to prepare for. She's buying a house, starting a 529, planning a trip โ Norton's models know all of this and say nothing about the risks ahead.
Norton Money exists. N360 exists. To Laura they're the same brand, but the products don't talk to each other โ a financial anomaly in Norton Money doesn't trigger identity protection in LifeLock. The "one Norton" story is a promise the surface area doesn't deliver.
Upgrade prompts look like storefronts, not recommendations from a fiduciary. "Add VPN for $4.99/mo" doesn't match how Laura thinks about her risks. She wants someone to say "given your situation, here's what you need" โ and mean it.
A 3-tier mandate-based model is one of the locked outcomes of this sprint. Current SKUs will be mapped here once the tier framework is settled.
This section will hold the three-tier pricing framework once the sprint team locks it โ likely some variation of protect โ prepare โ manage, priced to match Laura's willingness-to-pay for mental-load relief.
The North Star and supporting metrics this sprint's winning concept will be measured against. To be finalized with Travis and Leena.
This section will hold the metric framework once it's agreed. Likely candidates include weekly active households, Laura-verified satisfaction score, tier-upgrade conversion, and 12-month retention delta versus the current experience.