The cybersecurity labor market: layoffs and uncertainty.

The ever-changing cyber labor market has seen stormy seas as 2023 has begun, and the US federal government and military have not been free from the effects. Today we begin a series on the state of the Big Tech and cyber labor markets, the potential risks associated with a transitioning workforce, the Defense Department’s new cyber workforce management strategy, and US federal and military cyber workforce.

The cybersecurity labor market.

We’ve previously discussed ISC2’s “How the Cybersecurity Workforce Will Weather a Recession” report, which details the anticipated impact of economic hard times and related factors on the cybersecurity workforce as this year unfolds. The research showed that the cybersecurity workforce is highly regarded by executives. With layoffs recently hitting the tech sector in general, 87% of the survey’s C-Suite respondents note that a cut to their cybersecurity teams would mean more risk for the company, so much so that 31% of those surveyed noted cybersecurity to be the least likely department to feel the impact of layoffs. Cyber professionals were also at the top of the list for many executives when it comes to rehiring, with 51% of respondents saying cybersecurity professionals would be a priority to rehire.

However, even with responses like these from executives, cybersecurity workers have not been exempt from the economy’s wrath. Within the first two months of 2023, we’ve already seen major players in the sector – such as Sophos, Okta, and Secureworks – make cuts to their teams, Cybersecurity Dive aptly noted earlier this month. Tanium, not itself laying people off, made mention of the cuts seen in big tech as well: Alphabet, Google’s parent company, saw cuts to 12,000 employees, with Amazon slashing their labor force by 18,000 and Dell, IBM, Microsoft, and SAP also recording major reductions in their staff.

Offboarding and former-insider threats.

Tanium made its observations in the context of considering that out-of-work tech experts could easily, regrettably, be tempted to find work in the criminal underworld. Layoffs are stressful, and those affected may present problems for their old organizaiton. Some employees may become a kind of insider risk (perhaps a former-insider risk), Tanium observes, as companies’ offboarding processes may not be adequate to a period of layoffs. 

The underworld as a competing labor market.

Another, related consideration, as Dice discussed last week, is the uptick in recruitment for cybercriminal tech and IT. A Kaspersky study analyzing the cybercriminal labor market (discussed here late last month) identified some pretty high-paying job opportunities in cybercrime, with the highest salary shown for a developer listed as $20,000 a month, although the median pay for the listings averaged between $1,300 and $4,000 a month, which still isn’t bad, especially if the work is taken on as a side hustle. These recruitment-minded cybercriminals were also seen offering many benefits that are reminiscent of their above-board counterparts, such as paid vacation and sick leave, as well as flexible scheduling, the kind of package recruiters are wont to call “competitive.” Dice does, however, note that though desperate times may call for desperate measures, the risks associated with pursuing a criminal career are not worth the benefits, with experts emphasizing that these high-paying, high-benefit listings are often seen offered to Russian and Eastern European-based users, where the pickings for decent tech jobs are slimmer than they are in, for example, even a Silicon Valley undergoing a round of corporate downsizing. These job listings also operate, at some level, on a perverse kind of honor system: those in these positions may not see payment at all. (There may be something to be said for the proverbial honor amongst thieves, but you rely on that honor at your own risk.)

For a look at the US Department of Defense and its approach to the cyber workforce, see CyberWire Pro.

For notes on the US Military Services' approach to cyber staffing, see CyberWire Pro.