A month into the new year, many information security professionals are biting their nails as we continue to see dark headlines about technology layoffs in January.
Last month, Alphabet, Microsoft and Amazon all announced job cuts. The numbers for cybersecurity companies are also inflated, with security giant Proofpoint recently announcing that 6% of its employees had pink slips. The company joins cybersecurity vendors Trend Micro, Orca Security, ForeScout, SecureWorks, Rapid7 and others who have laid off employees in recent months.
After the dust settles on January’s layoff numbers, layoffs.fyi estimates that 28,000 workers representing 100 companies will be looking for new jobs in the new year.
The layoffs raise questions about the extent to which layoffs across the broader technology sector represent a job security risk for cybersecurity workers. What will the overall outlook be for cybersecurity vendors, startups, customers, and investors in 2024? You should be wondering if your cybersecurity vendor solutions team could face the next big challenge. mosquito?
Are the job openings half-full or empty?
Despite recent gloomy headlines and depressing statistics, layoffs in the technology sector shouldn’t spook cybersecurity workers, market experts say.
“Cybersecurity is one of the hottest subsectors within the broader technology sector,” said Daniel Ives, managing director and senior equity research analyst at Wedbush Securities. . “The need to protect workloads, endpoints, and vulnerabilities is growing, with the massive shift to the cloud and AI leading the way.”
As others have pointed out, compared to technology sector layoffs in January 2023, the number of layoffs is down by two-thirds. Around this time last year, Google and Microsoft each announced a total of 10,000 job cuts, shocking the market. Other technology-related job cuts added 70,000 jobs in January 2023.
“Inflation appears to be under control, supply chain issues have eased considerably and the worst may be behind us,” said S.C., founder and managing director of Launchtech Communications. said Wayne Schepens, chief cyber market analyst at Cyber Risk Alliance, parent company of Cyber Risk Alliance. media.
Overall, the cybersecurity market is showing signs of recovery. Memories can be short-lived, Schepens points out. Over the past year, companies have been advised by investors and board members to cut costs, primarily amid geopolitical turmoil and economic downturn, he said.
“Things are calming down again for 2024. It’s not a huge improvement, but it’s certainly calming down,” Schepens said. “Technology companies will continue to be conservative, meaning their marketing and sales efforts will continue to be under intense scrutiny.”
In a report on global spending on information security, Gartner said risk management products and services grew 13.4% to $188.3 billion in 2023, compared to 7.2% growth in 2022. I am. Global spending on information security is expected to reach $203.5 billion by 2027.
If only the paranoid survive, will the optimist also thrive?
There is no doubt that cybersecurity professionals are feeling the effects of economic uncertainty in the “post-pandemic” period.
More than a third of cybersecurity teams experienced budget cuts or freezes from 2022 to 2023, according to a joint report by IANS Research and Artico Search. Additionally, of the 14,865 cybersecurity professionals surveyed in the April-May 2023 ISC2 Cybersecurity Workforce Survey, 22% reported cybersecurity workforce reductions at their organization in the past 12 months. Did.
Despite these worrying past trends, experts said the cybersecurity workforce is well-positioned to weather layoffs.
“Recruiting and retaining security professionals remains a priority for security teams as the security talent shortage continues,” said Casber Wang, Partner at Sapphire Ventures.
The numbers back up Mr. Wang. His mid-2023 survey for ISC2 found that 67% of organizations plan to hire new staff to alleviate cybersecurity skills shortages, compared to 62% in the 2022 survey. I understand.
A separate survey of executives also sheds positive light on the cybersecurity job market. While 85% said they expected the ax of layoffs to hit their organizations, only 10% said they expected job cuts to impact cybersecurity. Most of these job cuts were expected to impact human resources (30%), operations and finance (24%), and sales and marketing (22%).
Wedbush Securities’ Ives said the niche market is “relatively protected” from layoffs compared to other markets struggling in the high-tech economy because of high demand for cybersecurity services.
Overall, the U.S. Bureau of Labor Statistics’ Occupation Outlook Handbook (last updated September 2023) predicts that employment for information security analysts will increase by 32% from 2022 to 2032, compared to the average for all occupations. The growth rate is 3%.
Headwinds for cybersecurity vendors
Experts say the cybersecurity field is currently facing headwinds, but they’re just headwinds.
When explaining recent layoffs, tech companies often cite inflation, interest rates and correcting trends in overemployment during the pandemic.
Wang said cybersecurity companies are not immune to the economic realities that affect other technology companies. “During the years of COVID-19, talent was overemployed. So there’s been a natural downsizing across the board,” he said.
Inflation is another unpleasant cybersecurity issue. In 2023 he ended with an inflation rate of 3.4%, while in 2022 the inflation rate was 6.5%, businesses are still affected by high costs and high interest rates, which is another increase in the speed of business. I feel it.
Interest rates soared from near zero at the height of the pandemic to a 22-year high of 5.5% by the end of 2023. Its rapidly rising interest rates are still having a whiplash effect on its balance sheet.
Low interest rates have boosted the technology sector, making it easier for cyber startups to find capital and customers (also benefiting from “cheap money”) to buy their products. When the U.S. Federal Reserve began raising interest rates to cool the economy and curb inflation, cybersecurity startups quickly found it difficult to secure additional funding from lenders and investors. I did. Some people have gone bankrupt as a result.
Meanwhile, as cybersecurity departments struggle to shake off their post-COVID-19 hangover, the threat landscape is shifting toward cloud, identity, the Internet of Things, and generative AI. The race is now on for cybersecurity companies to build better defenses. This race has meant job security for many in the field.
Schepens said there is no sign that cybersecurity will lose its status as a top business priority. He said this is a key catalyst in driving business continuity priorities, mitigating risks and keeping the focus on the devastating impact of cyber-attacks.
What can make cyber stronger without dying?
Wang said the U.S. Securities and Exchange Commission’s (SEC) recently enacted rule requiring companies to report significant security breaches within four business days could lead to an increase or stabilization of cybersecurity spending in upcoming budget cycles. The company justified its spending and predicted it would ultimately end up retaining its existing cybersecurity provider.
Wang said there is a growing recognition among CISOs that regulatory pressures will only increase in 2024, necessitating further compliance efforts. For many companies, increasing cyber compliance requires a larger information security budget.
“This industry is unlike anything we’ve ever seen before. There’s no other space that has such incredible impact on all sectors,” Schepens said.
Cybersecurity startups of 2024
Cybersecurity startups have found an explosive opportunity during the COVID-19 pandemic. Three years later, some startups are still riding the wave, while others have fallen.
For example, IronNet, which went public in 2021 and was valued at $1.2 billion, shut down just two and a half years later, raising concerns that other promising startups will suffer a similar fate. Market experts say that although funding has slowed, there is still an opportunity for startups to advance in 2024.
“It’s a competitive field, but innovation continues to be key,” Schepens said. “Companies, like VCs, will become more selective in where they invest, but opportunities still remain.”
Ives said the need for innovative new approaches to addressing future cybersecurity challenges is always the rocket fuel fueling the startup sector. “With the increasing competition for innovative cyber strategies around AI themes, we would like to see more focus on cloud-driven cybersecurity,” he said.
Experts interviewed by SC Media shared a highly optimistic view of the security market. But it remains to be seen how the next 12 months will unfold, with wild cards such as the economy, interest rates, the presidential election and global conflicts at play.