Job cuts have hit cybersecurity companies despite increasing growth from the attacks

A construction team assembles a display for the RSA conference at the Moscone Center in San Francisco, California.

Paul Chinn | San Francisco Chronicle via Getty Images

Nothing has lowered Cybereason’s growth expectations. Rather, the continued rise in ransomware attacks has forced its customers to pay for security systems, anticipating the security software company’s revenue.

But Cybereason is still cutting costs, confirming last week that it is lay off 10% of its workforce, or approximately 100 employees. The reductions follow the dramatic swing in the economy this year and its overcoming stock of software they have conquered the public market.

The Cybereason story resonates with many of the more than 450 vendors attending RSA, the premier conference for security software companies. The scale, scale, complexity, and potential harm caused by cyberattacks mean that no matter how corporate IT and financial departments are responding to inflation and a potential economic slowdown, budgets are expanding when it comes to protecting. data and networks.

The global cybersecurity market is projected to grow at an annual rate of 9.5 percent annually, reaching nearly $ 375 billion annually by 2028, according to Vantage market research. That’s roughly double the projected growth rate for overall IT spending, at least over the next two years, according to Gardener.

However, with the IPO window closed, Cybereason’s plans for its next funding round were under threat. Private capital could have been an option, but probably with painful conditions and an almost certain downside on the part of the company Valuation of $ 3 billion obtained in a funding round last year. The CEO Lior Div opted instead to reduce expenses and preserve liquidity.

Lior Div, Cybereason

Kiyoshi Ota | Bloomberg | Getty Images

“We will work on the assumption that capital would be available, as needed and at the same price,” Div said in an interview this week in San Francisco at the annual RSA Conference, referring to the company’s operational plans last year. “We haven’t been optimized as a company.”

There are no question problems.

A report in April from a security company Sofo said 66% of organizations surveyed were hit by a ransomware attack in 2021, up from 37% the previous year. The average ransom payment has increased nearly fivefold to over $ 800,000, the report said.

Ransomware attacks occur when a group of hackers infiltrates a corporate network and then holds the data hostage, demanding a sum of money from the victim in exchange for access to the data.

The crisis has intensified this year, with the increase in cyber attacks from Russia following the country’s invasion of Ukraine in February. Cyber ​​security authorities from the United States and four allied countries have issued a advisory in April, warning of an increase in cyber activity “in response to the unprecedented economic costs imposed on Russia, as well as material support provided by the United States and US allies and partners.”

Cybereason’s technology is designed to recognize when and how malicious attacks occur by establishing a constant real-time view of what is happening within networks. The company has been particularly effective in helping customers fend off ransomware attacks, thanks to a network of sensors around the world that automatically identify anything suspicious or unknown that hits a network.

Last year, Cybereason raised $ 325 million, taking advantage of an insatiable demand for fast-growing software names. Div said he had only decided to raise $ 200 million, but the money was so free and easy that the company got bigger.

Four months later, the Nasdaq peaked. Since then, the tech-heavy index has dropped 27%. Cybereason’s closest public market rivals, Sentinel One Other Shot of the crowd, decreased by 66% and 35% respectively over that period. Meanwhile, SentinelOne recorded revenue growth of 109% in the last quarter from the previous year, while CrowdStrike grew by 61%.

In general, investors have rotated out of high-growth technology, moving to names and sectors generally considered safer in an environment of inflation and rising interest rates. The IPO market has stopped just like Cybereason was confidential filing of paperwork for an upcoming offer.

“We said, ‘OK, we had planned to leave and now we need to make sure we are fiscally responsible and can continue running the business for many years,’” said Div.

While neither SentinelOne nor CrowdStrike have pulled back from their previous hiring plans, their slide past the broader market has forced pre-IPO and still-early-stage companies to reevaluate their prospects based on the new capital market realities.

Deep Instinct, a start-up that uses deep learning to try to prevent ransomware, cut 10% of its sellers this week. This is despite more than 200% growth in annual recurring revenue last year, a rate of expansion that continued into the first quarter of this year.

Lane Bess, president of Deep Instinct, said the company needed to become more efficient with its sales operations.

“We took a look and said, ‘Where are we most effective in the enterprise?’” Bess said in an interview with RSA. “Are we doing well at the low end of the market, where do we have internal sellers? No. Do we have channel partners who can reach the low end of the market? Yes.”

In late May, cloud security software vendor Lacework said yes 20% cut of its workforce, just six months after raising $ 1.3 billion at a valuation of $ 8.3 billion. The company said a “seismic shift” in the markets forced it to make changes.

“While we don’t have control of the environment around us, we have a responsibility to control how we run our business and make the necessary changes to best position the company for continued and long-term success,” he said. Lacework in a blog post.

Lacework was ranked 25th CNBC’s Disruptor 50 Listwhich was released in May. Cybereason was ranked 41st in its own second consecutive appeared in the list.

Layoffs and hiring freezes at companies that were in hyper-growth mode are likely to have a cascading effect on the labor market in the industry. While every CEO and recruiter will say that competing for top technical talent, especially in security, remains more difficult than ever, market turmoil has led employers to reconsider how they think about compensation.

“It’s less competitive out there because there are fewer startups,” said Todd McKinnon, CEO of octave, a company that provides identity management software for businesses. “We want our pay to be at the top of the market, but not higher. If the market goes down, we don’t want to be slow to adjust.”

Like its publicly traded competitors, Okta has been hammered this year, with its shares down 58%. But there is no shortage of business opportunities. Revenue increased 65% in the first quarter.

McKinnon doesn’t expect a flood of talent to suddenly hit the market, because “private companies still have a lot of money,” he said. Venture capitalists poured a record $ 332.8 billion into US start-ups last year, double the previous year’s amount, according to the National venture capital association.

High-value private security firms such as Snyk ($ 8.5 billion), Tanium (over $ 9 billion), and Illumio ($ 2.75 billion) told CNBC that they have no plans for layoffs or even slow hiring. as they remain well capitalized and are experiencing a boom in business

snyk CEO Peter McKay acknowledged that “the cost of money has increased tremendously from what you could have raised earlier in multiples in the future,” but said his company is doing well after raising $ 530 million last year.

“We don’t have to scale up,” said McKay, whose company technology helps customers quickly spot vulnerabilities in their code. “We have a path to profitability and we have accelerated our path to profitability.”

Charles Ross, chief customer officer of Tanio, said his team is watching to see what customers are doing, but there is currently no sign of slowing down. The company just closed its largest ever first quarter in terms of customers and revenue, having increased its headcount last year by 1,000, or more than 80%.

One thing Ross said he has heard from customers is that they are consolidating their security portfolio into a few essential suppliers and cutting elsewhere. Tanium’s technology gives IT managers visibility into their network to assess threats and see where protection is missing. It typically works alongside software from endpoint security vendors like CrowdStrike or SentinelOne, Ross said.

“They are leading us better together,” Ross said in an interview with RSA.

it’s at I enlightenwhose software helps prevent ransomware and prevents breaches from spreading across networks, CEO Andrew Rubin said the subject of downsizing or abandoning people “wasn’t on the agenda” at the latest meeting of the advice from last month.

“We have absolutely no conversation within the company about firing anyone,” said Rubin, whose company rraised $ 225 million last year. He said the company has “years and years and years and years of catwalk”.

LOOK: SentinelOne CEO discusses keeping an eye on possible cyber attacks from Russia

Leave a Reply