The company's about-face, which came in the beginning of 2016, was reported by Reuters in June. Clark's interview is the first detailed explanation a Symantec executive has given about the policy change.
In an hour-long interview, Clark said the firm was still willing to sell its products in any country. But, he added, "that is a different thing than saying, 'Okay, were going to let people crack it open and grind all the way through it and see how it all works'."
While Symantec had seen no "smoking gun" that foreign source code reviews had led to a cyberattack, Clark said he believed the process posed an unacceptable risk to Symantec customers.
"These are secrets, or things necessary to defend (software)," Clark said of source code. "It's best kept that way."
Because Symantec's market share was still relatively small in Russia, the decision was easier than for competitors heavily invested in the country, Clark said.
"We're in a great place that says, 'You know what, we dont see a lot of product over there'," Clark said. "We dont have to say yes."
Symantec's decision has been praised by some western cyber security experts, who said the company bucked a growing trend in recent years that has seen other companies accede to demands to share source code.
"They took a stand and they put security over sales," said Frank Cilluffo, director of the Center for Cyber and Homeland Security at George Washington University and a former senior homeland security official to former President George W. Bush. "Obviously source code could be used in ways that are inimical to our national interest," Cilluffo said. "They took a principled stand, and thats the right decision and a courageous one."
Reuters last week reported that Hewlett Packard Enterprise (HPE) allowed a Russian defense agency to review the inner workings of cyber defense software known as ArcSight that is used by the Pentagon to guard its computer networks.
HPE said such reviews have taken place for years and are conducted by a Russian government-accredited testing company at an HPE research and development center outside of Russia. The software maker said it closely supervises the process and that no code is allowed to leave the premises, ensuring it does not compromise the safety of its products. A spokeswoman said no current HPE products have undergone Russian source code reviews.
ArcSight was sold to British tech company Micro Focus International Plc in a sale completed in September.
On Monday, Micro Focus said the reviews were a common industry practice. But the company said it would restrict future reviews of source code in its products by "high-risk" governments, and that any review would require chief executive approval.