At least three cybersecurity firms — Sophos, Okta and now Secureworks — announced staff cuts so far this year, creating fresh uncertainty in a sector largely considered immune to economic doldrums.
Secureworks on Tuesday informed employees it plans to reduce its workforce by 9%, eliminating about 200 jobs, according to a regulatory filing. The move follows Okta’s decision to cut its workforce by 5%, or about 300 jobs, and Sophos’ plan to eliminate about 450 jobs, roughly 10% of its staff.
The job cuts at multiple cybersecurity firms suggests a broad enterprise push to tighten spending will carry consequences deeper into a market considered safer than most.
“Cybersecurity along with a few other categories have been relatively insulated due to pent-up demand coupled with the critical nature of the category,” Michael Diamond, technology analyst at Futurum Research, said via email.
“In general, layoffs, like mergers and acquisitions, definitely add an element of risk since there is always the threat of losing intellectual capital, which can have a detrimental effect,” Diamond said.
The percentage of job cuts are in line with moves from big tech providers. Amazon and Google cut about 6% of their workforce and Microsoft reduced headcount by 5%.
The potential long-term impact of layoffs, which are dependent on the business areas impacted, include speed to market and innovation, talent recruitment and retention, client perception and market share losses, according to Paul Furtado, VP analyst at Gartner.
No role or business function is protected from widespread layoffs and “in some cases, cybersecurity staff will be part of that rightsizing activity,” Furtado said. People, process and technology all contribute to an organization’s security posture.
Secureworks and Okta declined to say which business units or positions were impacted by the layoffs. A Sophos spokesperson said the move will potentially affect all functions in the company, and described the changes as a difficult, but necessary step to advance innovation.
A Secureworks’ spokesperson said the announcement won’t infringe on the company’s ability to innovate.
Analysts suspect relatively few cyber-focused staff have been impacted by this wave of layoffs.
“For enterprises, headcount reduction is a reality now and one might assume that cutting security headcount will lead to eventual doom for the company,” Zeus Kerravala, founder and principal analyst at ZK Research, said via email.
“However, it can act as a catalyst to rethink how security is done,” Kerravala said. “There is an expression that necessity is the mother of invention and smaller security teams will force businesses to rethink security.”