Sophos Sheds 6% of Employees After Closing Secureworks Deal – Source: securityboulevard.com

The closing this month of Sophos’ $859 million deal to buy fellow cybersecurity firm Secureworks came with a 6% reduction of the newly combined company’s workforce.

They layoffs were due in part to the duplication of roles in the companies and jobs that were no longer needed when Secureworks delisted as a public company when it became part of Sophos, a company spokesperson said in a statement shared with the media.

The statement also noted that Sophos, which is privately owned by venture capital firm Thoma Bravo, is “increasing investments in essential competencies with the addition of Secureworks’ and other new leaders and experts who have joined us in key departments over the last year. Staff changes and redundancies are difficult at any time, and we deeply appreciate the contributions of our collective employees globally who have worked hard to bring both companies to where we are today.”

The spokesperson didn’t say how many employees were laid off or how many workers each company had going into the merger, though some estimates had the number of people losing their jobs at about 400.

Building Out the Portfolio

Sophos in October 2024 announced its intention to buy Secureworks, which was a subsidiary of Dell Technologies, as a way to expand its portfolio of security offerings. The deal closed earlier this month.

The company, in announcing the closing, wrote in a blog post that executives had a “full and clear roadmap” for merging the two vendors, pointing to plans to combine the managed detection and response (MDR) and extended detection and response (XDR) and similar capabilities in a single security operations platform as an example.

The platform “enables us to deliver unparalleled cyber defenses for today’s diverse IT environments, including hundreds of built-in integrations,” the company wrote. “This advanced platform will further enhance visibility, detection and response for mitigating cyberattacks, setting a new standard for security operations.”

‘The Number-One Pureplay Provider’

In a YouTube video after the closing, Sophos CEO Joe Levy that the merger with Secureworks makes Sophos “the number-one pure-play cybersecurity provider of managed detection and response, collectively supporting more than 28,000 organizations of all sizes worldwide.”

“With our combined Sophos and Secureworks AI-enhanced technologies and services, we will deliver the most comprehensive, open, and scalable security operations platform in the world,” Levy said. “This includes more than 350 built-in integrations and end-to-end security solutions to defend all critical points in modern IT operations and every critical point in the attack chain, from early risk detection and management to fast response and remediation.”

Vendor and Tool Consolidation Continues

The deal also is among the most recent acquisitions announced in an ongoing consolidation push in cybersecurity as enterprises and SMB continue to gravitate to security platforms and away from the complexity and management headaches of having hundreds of individual cybersecurity tools to integrate and manage.

Some vendors also are partnering to give organizations a single platform with greater capabilities, as seen with the collaboration announced this week between established player Check Point and startup Wiz to integrate their cloud security capabilities.

In a report last year, security and compliance automation firm Tripwire, 25% of the 400 cybersecurity pros polled said they had some or no confidence in their understanding of the security tools they were using. In addition, 45% said they had begun consolidating the vendors they were working with and 21% said they were planning to or considering using managed security services. The key drivers behind the vendor consolidation were improving the security posture (73%), reducing operational management (68%), saving money (66%), and saving time (52%).

“Tool and vendor sprawl is a logistical challenge as well as a security risk, as integrating more and more tools is bound to lead to gaps in defenses,” Tripwire wrote in the report.