Despite the rise in cyber attacks and breaches, the cybersecurity industry is by no means exempt from the uncertainty inspired by the current economy.
2023 will likely be remembered as “the year of the layoff.” While many expected that tide to turn after a brutal 2022 that saw more than 130,000 tech workers lose their jobs, these troubling workforce reductions have worsened this year as the industry continues to battle economic uncertainty. TechCrunch has comprehensively tracked these layoffs, which has so far seen more than 240,000 jobs lost in the past 12 months alone, a significant increase compared to 2022.
The cybersecurity sector has been largely immune to the massive headcount cuts that have occurred across the wider industry, but 2023 shows that no sector is immune. Cybersecurity is not the hardest hit sector – the transportation industry seems to have taken that unfortunate prize. But it’s clear that cybersecurity companies are no longer exempt from layoffs, despite a strong workforce and an ever-increasing number of cyber attacks and breaches.
According to data from a layoff tracker Layoffs. For your informationmore than 110 cybersecurity companies have made cuts since the start of 2023. We’ve rounded up some of the most notable ones.
Sophos is cutting 10% of its global workforce, or 450 employees
TechCrunch learned in January that British-based security company Sophos began the year with layoffs affecting 10% of its global workforce, or about 450 employees. TechCrunch first learned of the layoffs after hearing about several employees in India who had been laid off. Sophos blamed the cuts on a “challenging and uncertain macro environment.” The company said in a statement that it is taking the move in part to “achieve the optimal balance of growth and profitability to support Sophos’ long-term success” while adjusting its headcount “to support our strategic imperative to be a market leader in service delivery.” Cybersecurity as a Service.”
Bishop Fox made the cuts in time after the conference ceremony was held
Cybersecurity firm Bishop Fox laid off about 50 employees, or 13% of its workforce, in May — just days after the company threw a party at the RSA security conference that included custom-branded drinks. Bishop Fox, which had about 400 employees before the cuts, said at the time that it had “proactively made these changes in response to the global economic situation and the opportunities we have identified to make our business more efficient.” The company claimed that although demand for its cybersecurity products remained strong, “we cannot ignore market uncertainty and investment trends in this very different global economy.”
NCC Group is conducting two rounds of layoffs months apart
NCC Group, the UK cybersecurity giant, confirmed in August that it would make further cuts to its workforce, just months after laying off 7% of staff, or 125 employees, based in the UK and across North America. TechCrunch learned about the second round of layoffs from a person with knowledge, and NCC later said it would lay off a “small number” of employees in response to “changing market dynamics and customer demands.”
Rapid7 has laid off hundreds of employees and closed offices
Rapid7, an American cybersecurity company, also announced job cuts in August. The company announced plans to lay off 18% of its workforce, affecting more than 400 global employees, which it said was a necessary effort “designed to improve operational efficiency, reduce operating costs and better align the company’s workforce with current business needs.” At the time, Rapid7 — which describes itself as a “hybrid-first” organization — said it also planned to permanently close some office locations as a result of the restructuring.
Bug bounty giant HackerOne is making cuts “essential” for long-term survival
August also saw widespread layoffs at HackerOne, a widely known bug bounty and penetration testing platform. The San Francisco-based startup announced that it will cut up to 12% of its workforce, or approximately 50 employees, affecting employees based in the United States, Canada, the United Kingdom, the Netherlands and other countries. HackerOne has raised nearly $160 million since its inception in 2012, but has blamed the cuts on the macroeconomic climate. “These measures are essential for long-term success,” HackerOne CEO Martin Mikus said in an email to affected employees, describing the workforce reduction as a “one-time event.”
Malwarebytes lays off 100 employees before splitting the company
Capping off a relentless month of layoffs, Malwarebytes has laid off 100 employees around the world as it prepares for a corporate restructuring that has seen the business split in two. The layoffs came nearly a year after Malwarebytes cut 14% of its global workforce. TechCrunch learned of the cuts from a former employee, who said the layoffs occurred just weeks after several members of the company’s executive group were laid off. While many cybersecurity companies have blamed economic headwinds for the decline in headcount, Malwarebytes CEO Marcin Kleczynski told TechCrunch that the layoffs were an expense rationalization exercise. Kleczynski said the company remains “healthy and profitable.”
IronNet shut down after widespread layoffs
IronNet, a promising cybersecurity startup founded by former National Security Agency director Keith Alexander, laid off all of its remaining employees as it prepared to shut down the struggling business in October. In a regulatory filing, IronNet’s president and chief financial officer, Cameron Pfor, said the company has halted all business activities as it prepares for Chapter 7 bankruptcy, effectively liquidating the company’s remaining assets to pay off its remaining debts.