Cybersecurity companies have laid off hundreds of workers in recent months, as concerns mount that an economic downturn will delay funding rounds, and squeeze the amounts investors are willing to commit.
Since midyear, cyber services and technology providers across the industry have been shedding staff, sometimes in multiple rounds of cuts to their workforces. The layoffs have spanned departments, including sales, marketing, research and development, and technical roles.
Cybersecurity is seen by some as relatively insulated from economic downturns, as hacks continue to plague companies of all sizes and because of the billions of dollars invested into early-stage businesses. But cybersecurity companies often run through cash at high rates, analysts say.
Cybereason Inc., a Boston-based startup that had planned an initial public offering in 2022, said in June it would lay off around 140 people, or roughly 10% of its workforce. Then, in October, it made further cuts of around 17%. Cybereason declined to comment beyond its Oct. 26 blog post discussing the restructuring and additional cost cuts in areas like marketing.
In August, email security firm Malwarebytes Inc. laid off around 125 people, or roughly 14% of its global workforce, a spokesperson confirmed. Marcin Kleczynski, the company’s chief executive, described the cuts in a statement as a reorganization of the business to focus on its fastest-growing areas, which include partnerships with managed service providers, and software such as its threat-detection platform.
Application security provider Snyk Ltd., which announced $196.5 million in Series G funding on Dec. 12, also cut 14% of its workforce. The startup is now valued at $7.4 billion—about a 12% decrease from when it raised funding in September 2021. Snyk declined to comment beyond a corporate blog post on Oct. 24 discussing the cuts.
Other companies that have cut staff in recent months include cloud-security providers F5 Inc. and Aqua Security Software Ltd. F5 eliminated fewer than 100 roles, or about 1% of its global workforce, a company spokesperson said. Aqua declined to comment beyond a Dec. 5 memo to staff from Chief Executive Dror Davidoff announcing layoffs affecting 10% of its workers.
Even internal security teams at large technology firms haven’t been spared—Patreon Inc., a crowdfunding platform, laid off about 17% of its workforce in September, including the five members of its security organization. A Patreon spokesperson said the change was “part of a longer-term strategy to continue distributing security responsibilities across our entire engineering team and bring new areas of expertise into Patreon internally.”
Fears of a recession and the effects of corporate actions such as mergers and acquisitions have spooked companies across sectors, many of which have enacted sweeping cuts to staff. Facebook parent Meta Platforms Inc. said in November it will lay off 11,000 people.
Head count is often the first area where companies can make cuts to ensure they stay solvent until funding is secured, said Mark Sasson, co-founder and managing partner at staffing firm Pinpoint Search Group, which specializes in cybersecurity.
Early-stage companies have grown accustomed to readily available funding in recent years. But they are now being told by their investors that their next rounds could be delayed—and might not be as large as they were hoping.
“The extremism of the pandemic era caused massive cash that they were able to raise, and massive cash burn they should have been more cautious about,” said Dave DeWalt, founder and managing director of venture-capital firm NightDragon LLC.
SHARE YOUR THOUGHTS
How would a layoff at one of your cybersecurity providers affect your security strategy? Join the conversation below.
The majority of laid-off cyber workers so far aren’t in technical roles, said Allie Mellen, an analyst at Forrester Research Inc. “If they do get laid off, they’ll get hired at one of the more financially stable firms that don’t actually have to take part in layoffs, or are looking to actually hire through this,” she said.
Pinpoint is receiving multiple queries a day from cybersecurity professionals of all levels who have been let go or expect to be, Mr. Sasson said.
Sumo Logic Inc., a publicly traded cloud-based data and analytics firm, is one company that has used the turmoil as an opportunity to bring in fresh talent. The company has hired about 15 people into its security department in the past year from companies that either laid off workers or shut down, said George Gerchow, Sumo’s chief security officer.
“There were a ton of startups that are no longer there. It’s really helped companies that are more mature and public-facing, like ours, scoop up that talent,” he said.
Write to Belle Lin at belle.lin@wsj.com and James Rundle at james.rundle@wsj.com
Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8