Redundancies are being made all across the tech playing field. Once untouchable companies like Amazon, Microsoft, and Meta are all feeling the pinch. Needless to say, it’s a strange time to work in any kind of tech recruiting field.
There was a time when “a job in tech,” or especially “a job in cybersecurity” was a safe bet. But have those times changed? What’s happening? Is a job in cybersecurity – especially one at the Big Five – still recession-proof?
Let’s explore things from our perspective as cybersecurity recruiters operating on both sides of the Atlantic.
Let’s start with a bit of a history lesson. Big tech has been on an upward trajectory since the 2000s – as evidenced by their hammock-lounges, their foosball tables in the break room, and their elegant, sprawling campuses. The “noughties” were a pivotal, formative time for many of the household tech names we know today: Amazon, Google, Meta (formerly Facebook), and more – with search, e-commerce, and social media platforms being particular rising stars at the time.
Despite some slowing around the 2007 financial crisis, big tech by and large went from strength to strength; something that came to a head in 2020 with the COVID-19 pandemic.
As we all adjusted to life under lockdown, particularly well-placed tech companies – in both the B2B and B2C realms – started riding high. On the whole, as working from home took hold, B2B tech services like collaboration software saw user numbers grow. And as people were spending more time at home, e-commerce B2Cs benefited as those who could afford it were learning new skills and treating themselves.
We know we’re grossly oversimplifying here and we don’t want the businesses and people who became insolvent during the pandemic to go unrecognised. Yet there was a distinct attitude brewing in tech all this time: that they are too big to fail.
Yet, as always, pride comes before a fall.
CNBC reports that big tech companies have laid off 70,000 employees in the last year. Forbes reports that 81,000 employees lost their jobs in major US layoffs in January 2023 alone, including massive cuts at big tech companies. Amazon is laying off more than 18,000 people. Microsoft announced 10,000 layoffs on 18th January. Meta is allegedly setting the stage for layoffs following thousands of “subpar” performance reviews.
All in all, big tech lost $7.4 trillion in 2022. Amazon has broken many records in its years as a tech behemoth, but its most recent “accolade” is becoming the first publicly traded company to lose $1 trillion dollars. Second in terms of losses is Microsoft, who lost $889 billion in value last year. Headlines like these are likely to drive both new and existing investment away.
Let’s zoom out of big tech losses for a second and take a look at the past three years – not as techies, not as recruiters, but as humans.
At the time of publishing, it will have been three years since the onset of the COVID-19 pandemic. A lot can happen in three years, and it certainly has. We’ve seen countless lives inexorably changed by a brutal, ongoing pandemic and a brutal, ongoing war on the frontiers of mainland Europe. We’re seeing a slow-burn workers’ revolt happening around the western world as people are fighting for their work and their worth. And we’re also in the midst of a crushing, inflation-fuelled cost-of-everything crisis.
Needless to say, it’s been a rocky three years for many of us. And now, as whispers abound about a looming recession and further economic uncertainty, individuals, businesses, and investors are all tightening their belts. Collective belt-tightening affects the whole market. It’s simple economics: when people and companies have less to spend, they spend less.
And naturally, when there’s less money to go around, investors start watching the pennies too. Therefore, external investment in anything becomes harder to secure.
When it comes to both boosting profits and seeking investment, big tech firms are in a rather difficult position. They have to endure these inevitable losses under the microscope of public scrutiny, airing their dirty PR laundry for all to see, whether they like it or not. This runs the risk of further withering investment, shrinking opportunities, and exacerbating losses.
Oh, to be a fly on the wall at the big tech firms’ boardrooms when the big layoff sharpie was the only thing being employed. Though even without having the inside scoop, we do have a couple of opinions.
We all know that when economic waters get choppy, companies often jettison costs to stay afloat; and jobs are one of the first, ongoing costs that often finds itself adrift. When it comes to job losses at smaller companies, we feel this is the most likely culprit.
But let’s look at some of the larger tech providers for a second, through the lens of our above modern history lesson. We think it’s the “too big to fail” attitude that did these companies the most damage. Boom hiring practices always set companies up for a fall when the inevitable bust comes, and for those who managed to capitalise on the pandemic, this rise and fall has been particularly acute.
Within many of these companies, more hands were needed to fuel new (possibly pandemic-related) profits; often quite quickly, and therefore without much forethought. So technical hiring managers might have been given somewhat of a blank cheque to make sure the techy lights stayed on – which resulted in them soaking up tech talent like a sponge.
Now, sadly, the unhindered growth of the noughties and 2010s is no longer tenable. Assuming that nearly two decade’s worth of tech gains were going to continue unabated was a risky, short-sighted bet, yet one that many tech businesses took. Because many leaders are sadly of the mind that growth is automatically good, whenever and however it comes.
These organisations brought people on, firmly stuck in a growth mindset – oblivious (or deliberately blinkered) to any bust that would inevitably come. Let us not forget that infamous quote from Edward Abbey “Growth for the sake of growth is the ideology of the cancer cell.”
Before the recent layoffs, big tech firms were famously oversubscribed, with one industry expert describing them as being “drunk on hiring.” These redundancies redress this balance, but do so in a way that is incredibly painful to thousands of individuals.
But market fluctuations have rocked the tech world before now – just look at the dot com bust. Overconfidence in an internet-fuelled future excited venture capitalists in the late 90s. Eager to uncover the latest .com golden goose, a lot of overconfident, speculative investments were made. Tech rode high, but much like today’s speculative overconfidence in neverending growth, it couldn’t last forever. It’s no surprise that comparisons are being made between the two situations.
Before we bring it back around to our finishing statements, let’s remind ourselves of three departments that, in our experience, often get cut when the chips are down (not counting any “last-in, first-out” job-chopping). However, we’d argue that sweeping cuts in any of these departments can wind up shooting yourself in the foot, especially when not handled properly.
This one’s most relevant to our audience. Sadly, security operations of all stripes can be seen as a bit of a cost centre to those who don’t understand their importance – a black hole that eats up money and resources and spits out little in return. But, if you’re here, you know what a dangerous game that is to play if you don’t retain a certain level of security talent or replace it with an outsourced service like an MSSP.
Yes you can outsource the work, yes you can outsource the risk (to an extent), but you will never outsource the consequences of an attack. And let’s not forget that cyber attacks can lead to job losses in and of themselves.
As recruiters, it pains us to say this. But when jobs are being shed, there’s little use for the people who bring more people on. It’s just one reason why investing in a “pick-up, put-down” recruiting service like ours is particularly attractive to businesses. Sorry, internal recruiters.
This one is a little left field, but it does have a shred of relevance. Any investment in marketing often gets chopped in times of uncertainty. Yet when companies pull promotional plugs out without much planning or foresight, they limit their ability to find new business – and to therefore secure the future of remaining jobs.
There’s also an argument to be made that marketing departments’ belt-tightening may have contributed to the reported reduction in ad spend with big tech companies.
Not 100%, no. But there is a silver lining here.
Despite the massive cuts made across departments at tech firms, Fortune Education reports that they largely impact product teams, recruiters, marketing, and sales roles. They quote VillageMD CISO Dan Walsh in saying that cybersecurity layoffs have been “few and far between.” Walsh continues “There’s still more jobs open than there are people to fill them.”
Let’s not just take one man’s word for it. The global cyber security skills shortfall is still huge, with the (ISC)² Cybersecurity Workforce Study 2022 finding that the world is in need of 3.4 million cybersecurity professionals, a figure that is up by over a quarter compared to the previous year. According to the report, the US was short 410,695 cybersecurity professionals, and the UK was in need of 56,811.
Let’s not forget the most likely reason why those in the infosec world are still so in-demand: because cyber crime isn’t going anywhere. Cutting a couple of jobs may bag the company an extra few hundred thousand pounds/dollars at the end of the year, but one well-placed cyber attack can wipe millions off the profit and loss sheet, and cause unquantifiable reputational losses. Cut the wrong infosec jobs, and a company risks catastrophic losses – and potentially more layoffs as a result.
And as more companies suffer cyber incidents, the more the importance of infosec personnel will be brought into sharp focus.
In the longer term, we feel that we’re still seeing the growing pains of an industry that is still relatively young compared to the likes of old players like banking and manufacturing – industries that have been around for centuries, not decades. As the tech industry matures and stabilises, we feel that it will naturally see cycles of boom and bust.
However, we feel it will get stronger after every “bust” and emerge like a phoenix, powered by ever-developing user needs and the latest tech advances.
It may be true that infosec jobs will weather the current storm better than other roles but, personally, it does concern me to see a lot of infosec leaders on the market. When employers perceive that they have a choice of talent, it can become a bit of a buyers’ market, wherein salaries get budgeted at less than the roles are worth.
However, lowering security salaries during a fallow period is equally as shortsighted as the issues above. As soon as the market picks up again, the average going rate for security leaders will too; and those on lower salaries may well leave for more lucrative opportunities. The employer will then have to inevitably put their rates back up to industry standard to attract someone new.