Governance & Risk Management
,
Operational Technology (OT)
,
Vulnerability Assessment & Penetration Testing (VA/PT)
50 Staffers Axed as Dragos Sees Longer Sales Cycles and Smaller Initial Deployments
Dragos has axed 50 workers after longer sales cycles and smaller initial deployment sizes caused the industrial cybersecurity vendor to miss its first quarter revenue target.
See Also: Live Webinar | Breaking Down Security Challenges so Your Day Doesn’t Start at 3pm
The Baltimore-area company revealed plans Tuesday to reduce its 550-person staff by approximately 9% – or about 50 people – to ensure Dragos can maintain its independence through a successful initial public offering or Series E funding round in the coming years. The layoffs are part of a broad cost-cutting effort that includes reduced travel, training and marketing expenditures as well as tool and data consolidation (see: 5 Critical Controls for ICS and OT Cybersecurity Strategy).
“We continued to win forecasted deals, but sales cycles lengthened,” co-founder and CEO Robert Lee wrote Tuesday in an email to employees. “While OT cybersecurity technology-buying continued at a high rate, many new customers reduced the initial deployment size of our technology. Following a review of our pipelines and bookings forecast, we lowered our base forecast for the year.”
OT Cybersecurity Will Be Prioritized as Market Recovers
As a result, Lee said, Dragos has made cuts to align its spending with the company’s new financial goals. The company plans to reduce spending on everything from hardware and software to consulting, office space and employee benefits, but Lee said Dragos couldn’t avoid staffing cuts given that salaries plus benefits are more than nine times greater than the company’s next largest expense line.
“So long as we stay focused on that plan and achieve it, there will be no further layoffs.”
– Robert Lee, co-founder and CEO, Dragos
Laid-off employees will receive two months of severance, healthcare coverage through August, an extended period for buying their equity, help from the Dragos recruitment team in preparing resumes and finding potential positions, and the option to have a Dragos vice president serve as an executive sponsor and provide coaching to support their success in finding another job, according to Lee.
“So long as we stay focused on that [new annual] plan and achieve it, there will be no further layoffs,” Lee said. “It is my view that as the market recovers, we will continue to see OT cybersecurity prioritized by global companies, and the sale cycles, payment timelines and project sizes will return to and exceed their pre-downturn levels.”
Dragos boosted its headcount in recent years as demand for securing operational technology and industrial control systems increased dramatically. The company’s workforce grew by 78.6% in 2021, 41.1% in 2022 and 5% so far in 2023, according to IT-Harvest. Dragos’ business development, sales and engineering organizations have grown by 36%, 18% and 16% over the past year, according to LinkedIn.
Dragos Becomes 27th Cyber Firm to Disclose Layoffs in 2023
The company hasn’t disclosed outside funding since October 2021, when it completed a $200 million Series D round led by Koch Disruptive Technologies and BlockRock at a $1.7 billion valuation. Lee told CRN at the time that Dragos would use the proceeds to expand beyond electric customers, push deeper into Europe, and get half of the company’s business flowing through the channel within two years (see: Dragos CEO on Opening Execs’ Eyes to OT Security Threats).
“A lot of focus has always been on our technology, helping people get visibility and insights and inventory inside of their operational technology environments, detecting vulnerabilities and threats, and what to do about it,” Lee told Information Security Media Group in an interview published in February. “That’s the core of what we do.”
Dragos is well regarded by analysts and was recognized by Forrester in November 2021 as the fourth-strongest provider of industrial control systems security behind Cisco, Claroty and Tenable. Forrester praised Dragos for having very strong ICS threat intelligence, incident responders and consultants, but it chided the company for a lack of integrations and containerization for sideloading onto industrial gear.
“Dragos’ strategy of being the go-to vendor for ICS incident response, threat intelligence and penetration testing has worked well for driving interest in the Dragos Platform,” Forrester analyst Brian Kime wrote.
The volume of layoffs in the security industry has slowed after a flurry of job cuts at the start of the new fiscal quarter in January and early February 2023. Only 12 cyber vendors have disclosed layoffs in the past four months, and F5, Zscaler, Snyk and SentinelOne cut 623, 177, 128 and 105 staffers, respectively. In contrast, 15 security companies announced layoffs during just the first 40 days of 2023.