Dozens of Cybersecurity Companies Announced Layoffs in Past Year

Dozens of cybersecurity companies have announced cutting staff over the past year as part of reorganization strategies, in many cases triggered by the global economic slowdown. 

One of the most recent announcements was made by Sophos, which in mid-January confirmed reports that it’s laying off 10% of its global workforce. Roughly 450 people have reportedly lost their job as the company shifts focus to cybersecurity services, including managed detection and response.

At around the same time, identity verification company Jumio also confirmed laying off roughly 100 people. 

In May 2022, cloud security company Lacework announced terminating 300 jobs, representing roughly 20% of its workforce. 

Another company that laid off a significant portion of its workforce last year is OneTrust, which provides privacy, security, and data governance technology. Nearly 1,000 employees were let go, roughly a quarter of the firm’s workforce. 

IronNet, the cybersecurity firm founded by former NSA director Keith Alexander, fired 17% of staff in June and another 35% in September due to significant problems. 

In the fall, Cybereason announced plans to reduce its staff by 17%, just months after cutting 10% of its workforce. In total, the company fired approximately 300 employees. 

Cloud security firm Aqua Security has laid off 10% of its workforce, and Malwarebytes terminated 14% of its staff (around 125 people). Gen Digital, created through the merger of antivirus companies Avast and NortonLifeLock, let go of a quarter of employees, in some cases due to their activities overlapping with the other company’s workers. 

In October, developer security company Snyk — recently valued at $7.4 billion — announced that it had started restructuring and reducing its global workforce, impacting 198 employees, or 14% of its total workforce.

The same month, security and application delivery solutions provider F5 announced cutting approximately 100 roles, representing 1% of its global workforce. 

Enterprise security solutions provider Forescout Technologies has reportedly laid off 100 of 170 employees at its R&D center in Israel, after firing 100 other employees in October. 

The companies that sacked employees cited market conditions, strategic reorganization and shifting priorities when motivating their decision. 

Data from Layoffs.fyi shows that dozens of cybersecurity firms terminated staff over the past year. The list includes Tripwire, Deep Instinct, Pipl, Transmit Security, Tufin, Checkmarx, Varonis, Perimeter 81, and Armis.

On the other hand, many of those who have been terminated may not have any difficulties securing a job at a different company. 

According to a study conducted by the nonprofit (ISC)², the global cybersecurity workforce is at an all-time high, with an estimated 4.7 million professionals. However, the study found that an additional 3.4 million cybersecurity workers are needed, with 70% of the 11,000 cybersecurity professionals who took part in a survey conducted by the nonprofit saying that their organization does not have enough cybersecurity employees.

Related: How a VC Chooses Which Cybersecurity Startups to Fund in Challenging Times 

Related: Predictions 2023: Big Tech’s Coming Security Shopping Spree

Related: Cybersecurity Workforce Study Needs to be Taken with a Pinch of Salt