Network Detection & Response , Security Operations
IronNet Lays Off 17% of Staff 10 Months After Going Public
Company Says the 55 Layoffs Will Boost Efficiency, Cut Expenses and Preserve CashNearly one-fifth of IronNet's workforce will depart the threat detection firm founded by a retired four-star general just 10 months after the company went public by merging with a special purpose acquisition company.
See Also: Planning for 2025: Detection engineering with the Elastic Global Threat Report
The McLean, Virginia-based cybersecurity firm will lay off 17% of its employees, with 55 workers set to reenter the job market this week. IronNet was founded in 2014 by retired Army Gen. Keith Alexander, who spent a decade as director of the U.S. National Security Agency and headed up Cyber Command for four years.
IronNet declined to answer Information Security Media Group's questions about which departments, roles or geographies were most heavily affected by the layoffs. "Due to market conditions, on June 22, 2022, IronNet … committed to and communicated a workforce reduction plan," the company disclosed Friday in a regulatory filing.
The company frames the layoffs as part of a "broader plan" to gain efficiencies and reduce expenses. Alexander today is officially a co-chief executive in charge of the technology strategy, having brought on board in early 2019 former Zscaler and Duo Chief Operating Officer Bill Welch to serve as co-CEO and take the reins on the go-to-market side of the operation.
The layoffs are part of a spate of reductions in force in the cybersecurity industry, particularly in late-stage startups feeling a new imperative to conserve cash resources. IronNet's announcement shows that newfound caution among investors may extend beyond startups and include publicly traded companies struggling to significantly grow revenue and demonstrate a path to profitability.
Revenue Stagnates Amid Contract Delays
It's been little more than a year since IronNet agreed to go public at a $1.2 billion valuation by merging with a shell company. IronNet began trading on the New York Stock Exchange on Aug. 27, 2021, at $13.44 per share, and the company raised $267 million to accelerate revenue growth and expand its product portfolio (see: IronNet Goes Public by Merging With LGL Systems).
Since going public, IronNet's stock price has plummeted 81% and is trading at just $2.57 per share as of midday Monday with a valuation of only $259.4 million. That makes IronNet the second-smallest publicly traded security cybersecurity firm by valuation, ahead of only email security software company Cyren.
Shareholder rights groups have sued IronNet, alleging the company made false and misleading statements and failed to disclose known adverse facts. An IronNet spokesperson tells Information Security Media Group the case doesn't have merit, adding that the company plans to vigorously defend itself against the claims.
Alexander told investors earlier this month that IronNet's annual recurring revenue declined by $7.2 million in the quarter ended April 30 due to two delayed contract renewals for public sector customers and a lost renewal opportunity stemming from IronNet not achieving FedRAMP Authority to Operate. IronNet's revenue increased by 4.9% to $6.7 million, falling short of analyst expectations of $7.2 million.
He chalked up the declining value to "timing and bureaucracy, not a lack of perceived value by our customers," during a June 14 earnings conference call.
IronNet Chief Financial Officer James Gerber told investors during the same call that the company's financial position relative to cash and liquidity can remain sound with ongoing careful management. Gerber said the company hadn't yet drawn on its equity line with Tumim Stone Capital and will continue to benefit from having options for liquidity thanks to being a public company.
"We will continue to take a disciplined and balanced approach to growth, being mindful of cash preservation and with a goal to get as close to cash neutral as possible," Gerber said. "We believe the network effort potential of our business model - enabling us to bring in a community of customers via single strategic deals coupled with tight expense management - will enable us to strike this balance."
Despite the layoffs, IronNet reaffirmed Friday that it expects revenue for the fiscal year ending Jan. 31, 2023 to increase by nearly 25% to $34 million. The company also still expects annual recurring revenue for the 2023 fiscal year to grow by 50% to $48 million, IronNet said it its Friday SEC filing.
"Some of the lost revenue is not lost; it's delayed and it stays in part," Alexander told investors earlier this month. "We believe the company is on a sound financial position with our cash and other things."
Unlucky Number 7
IronNet is the seventh security vendor this month to publicly disclose layoffs. Many security vendors have begun to slow hiring and prune operating expenses as macroeconomic storm clouds obscure future funding sources. Late-stage startups want to make their cash on hand last longer as financial backers grow more cautious with their money.
Emerging vendors have to grapple with an initial public offering market that has essentially dried up and investors unwilling to offer valuations anywhere near 2021 levels. The security layoffs in recent weeks have until now occurred exclusively at mature startups, many of which had been expected to file for an initial public offering in the next year or two.
Among them is Aura, which late last week disclosed it had laid off 70 employees as a result of customer acquisition strategy changes just a year after raising $350 million. The layoffs came about as a result of an agreement inked with MetLife earlier this year that made it Aura's exclusive go-to-market partner for the employee benefits channel.
Two weeks ago, endpoint and patch management startup Automox confirmed layoffs via LinkedIn. Exact job cuts weren't disclosed, though Layoffs Tracker reported the company had reduced its workforce by about 18%, or 75 employees.
A few days earlier, privacy and data governance firm OneTrust laid off 25% of its staff - or 950 workers - due to the markets wanting to see a more balanced approach between growth and profitability, CEO Kabir Barday wrote in a blog post. This is the second time OneTrust has laid off employees in the past three years, as the firm cut 10% to 15% of its roughly 1,500-person staff in April 2020 due to COVID-19.
Also during the week of June 6, deep learning firm Deep Instinct cut 10% of its salespeople, Crunchbase and CNBC reported. That's despite growth of more than 200% in annual recurring revenue in 2021, a rate of expansion that continued into the first quarter of this year. Lane Bess, chairman of Deep Instinct, told CNBC at RSA Conference 2022 that the company had to get more efficient with its sales operation.
At the start of June, Cybereason laid off 10% of its employees in response to deteriorating market conditions less than a year after raising $325 million. Like OneTrust, endpoint security vendor Cybereason has been backed by Japanese conglomerate SoftBank, which led Cybereason's financing rounds in 2015, 2017 and 2019.
Lacework, meanwhile, announced on May 25 that it had laid off 20% of its employees to strengthen its balance sheet. The layoffs came only six months after the San Jose, California-based cloud security vendor had raised $1.3 billion on an $8.3 billion valuation. Like OneTrust and Cybereason, Lacework had been expected to go public this year before macroeconomic conditions made that a non-starter.