The cybersecurity industry is facing a new reality as we enter the year 2023. Despite a rise in cyberattacks and breaches, it’s clear that the industry is not exempt from the uncertainty inspired by the current economy. This year has been dubbed the “year of the layoff,” with over 240,000 tech workers losing their jobs in the past 12 months. This is a significant increase from the already rough year of 2022, which saw more than 130,000 job losses. The effects of the current economic climate have hit the cybersecurity sector, with even the once largely untouched transportation industry being the worst affected. It’s become increasingly apparent that no sector is immune to layoffs, including the cybersecurity industry, despite its strong workforce and the constant threat of cyberattacks and breaches.
According to data from layoffs tracker Layoffs.fyi, over 110 cybersecurity companies have made cuts since the beginning of 2023.
We’ve rounded up some of the most notable layoffs in the industry, demonstrating the unfortunate reality that companies are facing.
Sophos – 10% Global Workforce Cut
The Britain-based security company, Sophos, started off the year with a 10% reduction in their global workforce, resulting in approximately 450 employees losing their jobs. The layoffs were first noticed when employees in India were let go, and the company blamed it on the “challenging and uncertain macro environment.” In a statement, Sophos stated that the move was to achieve a balance of growth and profitability, as well as to support their strategic imperative of being a market leader in delivering cybersecurity as a service.
Bishop Fox – 13% Workforce Reduction
In May, cybersecurity firm Bishop Fox laid off about 50 employees, which amounted to 13% of their workforce. This news came just days after the company threw a party at the RSA security conference featuring custom-branded beverages. Bishop Fox, who employed approximately 400 people prior to the cuts, claimed that they proactively made these changes due to the global economic situation. They stated that while demand for their products remained solid, they couldn’t ignore the market uncertainty and investment trends in the current economy.
NCC Group – Two Rounds of Layoffs
U.K. cybersecurity giant NCC Group confirmed in August that they were making further cuts to their workforce, just a few months after laying off 7%, or 125 employees in the U.K. and North America. This news was revealed by a person with knowledge, and NCC later stated that they were letting go of a “small number” of employees in response to changing market dynamics and client demands.
Rapid7 – 18% Workforce Reduction
U.S. cybersecurity firm Rapid7 announced in August that they were laying off 18% of their workforce, affecting over 400 employees globally. This effort was deemed necessary to improve operational efficiencies, reduce operating costs, and better align the company’s workforce with current business needs. Additionally, Rapid7 mentioned that they would permanently close certain office locations as part of restructuring.
HackerOne – Cuts Necessary for Survival
August also saw significant layoffs at bug bounty and penetration testing platform, HackerOne. The company announced they were cutting up to 12% of their workforce, or approximately 50 employees across the United States, Canada, the United Kingdom, the Netherlands, and other countries. Despite raising close to $160 million since their inception in 2012, the layoffs were attributed to the macroeconomic climate. HackerOne’s CEO stated that the reductions were necessary for long-term success and were a one-time event.
Malwarebytes – 100 Global Layoffs
In the midst of a company split, Malwarebytes laid off 100 employees globally, marking the second year in a row they have made significant cuts. These layoffs were announced just weeks after several members of the company’s C-suite were let go. The CEO attributed the layoffs to the need to rationalize expenditures, stating that despite the economic climate, the company remained profitable.
IronNet – Shuttering after Layoffs
Finally, in October, cybersecurity startup IronNet, founded by former NSA director Keith Alexander, announced that they were shutting down after laying off all remaining staff members. In a regulatory filing, the company’s president and CFO stated that they had ceased all business activities and were preparing for chapter 7 bankruptcy. This news came just a year after the company eliminated 14% of its global workforce.
