Following substantial layoffs in the security sector during 2023, new job cuts ushered in the new year. Now with the all-but-certain impact of AI on cyber thieves, defenders and growth, is the cybersecurity market expanding or is it quietly contracting?
How would either condition affect MSSPs and MSPs? Is the ever-increasing volume of cyberattacks enough to keep the market growing with the demand for trained security professionals? Ultimately, how will zero days, ransomware and data breach after data breach play out for the cyber protectors?
While most, if not all analyst projections point to cybersecurity growth and upward spikes in employment, there are some indicators that the market may instead be set up to shrink.
Jobs in the IT sector, as a function of market conditions, continue to be impacted in 2024. Some of the layoffs this year are an extension of the job cuts announced in 2023. Last year, technology market makers Amazon, Cisco, Meta, Microsoft, Google, IBM, SAP, and Salesforce, along with dozens of smaller companies, many of them cybersecurity specialists, cut tens of thousands of jobs across the board.
Early returns show the same could happen this year. According to the website layoffs.fyi, a tech layoff tracker, in the first three weeks of 2024some 74 technology-associated companies across the board in multiple industries have laid off workers. Of those, four are notably cybersecurity-related in one form or another: Trend Micro, Orca, Veeam and Citrix.
At this same time last year, seven security companies had laid off nearly 1,000 workers. When viewed sequentially, three security-specific companies cut employees in December 2023.
After a massive hiring spree during the first years of the pandemic, start-ups and established technology companies let workers go when faced with higher interest rates that made it more perilous to fund new projects, along with an about face to chase profitability rather than growth. That’s a typical equation in uncertain times.
Following two years of massive layoffs at IT companies, 2024 was expected to be a year of recovery for the IT industry. But no watershed has yet emerged. Still, there are many bright spots, among them the U.S. Bureau of Labor Statistics that estimates a 35% increase in information security analyst jobs between 2021 and 2031. And, according to Statista, the security market worldwide is projected to witness a substantial increase in revenue, reaching a staggering $23.7 billion by 2024.
The cybersecurity market size was valued at $154 billion in 2022 and is projected to grow from $172 billion in 2023 to $425 billion in 2030, for a 14% CAGR during the forecast, according to a Fortune Business Insights report.
Market growth statistics are well and good but there are still some unsettling signs for the market ahead.
Caroline Wong, chief strategy officer at Cobalt, a pentesting specialist, wrote in a recent blog post that 2024 will bring a “cultural shift among cybersecurity professionals,” as workers get “burnt out” from being asked to do more with less owing to budget cuts and layoffs.
This “struggle to prioritize their work” has a “dual implication” for the future, Wong wrote. “Security activities are not going to be at the same level as when they had greater investment [and] security controls will have gaps and known vulnerabilities [that] will fail to be addressed,” she said.
In addition, Wong said that insider threats from people with “personal economic motivation” could exploit their access to sensitive company information. And the “interplay” between regulatory requirements, increasing cyber threat and “resource constraints” will “test the resilience of organizations.”
What about the current trends prompted by the mass layoffs? How might the security market be contracting? Will future growth hinge on AI? Here’s what we know:
Worldwide, but especially between the U.S., China, Russia and the rogue nations, an arms race is going on to capture AI leadership both for offensive and defensive purposes as well as white hat innovation.
Skyrocketing growth estimates notwithstanding, combining economic factors with market dynamics could lead to a contracting security market.
D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.
D. Howard Kass
HPE and Microsoft cyberattacks related to Midnight Blizzard threat actors, SolarWinds perpetrators.
Sponsored by Arctic Wolf
MSPs need to develop a comprehensive security strategy that moves beyond a reliance on individual tools, Arctic Wolf asserts.
Jim Masters
Today’s news also covers NTT DATA, CYFIRMA, HaystackID, Option3 and Enclave.
