Picture
Cells/Adobe
Stock
The
central
feature
of
Twitter’s
outage
last
Wednesday
was
a
message
to
users
that
“You
are
over
the
daily
limit
for
sending
Tweets.”
A
spokesperson
for
network
enterprise
firm
Ookla,
which
owns
outage
monitoring
site
Downdetector,
said
that
on
Feb.
8,
starting
at
10
a.m.
UTC,
about
50,000
Twitter
users
reported
access
issues.
While
the
Twitter
outage
affected
comparatively
few
Twitter
users,
it
could
hold
a
larger
message
about
the
dangers
not
just
to
operations
but
also
security
for
organizations
mulling
big
cuts
in
workforce.
With
just
1,300
active
staff,
Twitter
now
has
80%
fewer
workers
than
the
roughly
8,000
the
company
had
on
its
payroll
before
the
October
2022
takeover
by
Elon
Musk,
by
some
reports.
Among
his
early
decisions
on
taking
the
helm
were
to
shut
down
one
of
Twitter’s
data
centers
and
fire
half
the
workforce.
Jump
to:
Cut
staff
now,
pay
later
Reportedly,
many
of
the
Twitter
employees
who
were
let
go
or
who
have
walked
out
voluntarily
in
recent
months
were
working
on
projects
that
are
fundamental
to
company
operations,
and
former
staffers
and
observers
alike
predicted
that
firing
employees
would
lead
to
just
the
kinds
of
outages
the
company
is
experiencing.
Justin
Cappos,
professor
of
computer
science
at
the
NYU
Tandon
School
of
Engineering,
developer
of
the
in-toto
supply
chain
security
framework
and
a
member
of
the
Linux
Advisory
Team,
offered
a
sports-friendly
analogy:
“Imagine
someone
buys
a
professional
sports
team
then
looks
around
and
says
‘You
know,
we
need
these
coaches
over
here
because
they
call
the
plays,
but
we
don’t
need
the
strength
coach,
the
conditioning
coach
and
we
don’t
need
the
nutritionist.’
So,
when
that
team
goes
out
and
plays
next
week,
they
will
play
about
as
well
as
they
did
last
week,
and
a
week
later
maybe
similar,
but
a
month
later
they
start
to
take
a
hit,
and
then
the
wheels
start
to
fall
off.
That’s
what’s
happening;
he
has
fired
people
who
are
doing
the
work
that
keeps
this
large
distributed
service
running.”
SEE:
Don’t
overlook
supply
chain
security
in
your
2023
security
plan
(TechRepublic)
Adam
Marrè,
chief
information
security
officer
at
cybersecurity
operations
firm
Arctic
Wolf,
concurred
that
the
outage
means
there
are
now
likely
too
many
vacant
IT
chairs
at
the
blue
bird’s
command
center.
“If
an
understaffed
team
is
trying
to
change
things
quickly,
that
can
be
a
recipe
for
unintended
consequences
with
downstream
or
ancillary
dependencies
to
code
you
are
changing,”
Marrè
said.
“They
will
not
have
the
capacity
to
manage
access
provisions
and
offboard
users
in
a
timely
fashion,
and
in
cases
like
an
outage,
get
systems
back
up
and
running
quickly.
“With
an
under-resourced
team,
the
maintenance
of
tools
across
the
enterprise
stack
may
fall
by
the
wayside,
as
priorities
shift
and
adjust
to
reflect
a
team’s
limited
bandwidth.”
Twitter:
Both
outlier
and
emblem
of
job
cuts
in
tech
Twitter’s
staff
cuts
are
unique
because
of
the
extremely
high
percentage
of
the
company’s
total
employee
population
being
offboarded,
but
the
company
is
not
alone.
TrueUp’s
Tech
Layoff
Tracker
found
that
over
400
tech
companies
have
laid
off
employees
in
2023,
with
127,359
people
affected.
Complicating
matters,
over
the
past
several
months,
security
firms
have
also
slimmed
their
ranks,
including
Okta,
SecureWorks
and
Snyk,
Sophos,
Lacework,
and
OneTrust.
SEE:
Top
cybersecurity
threats
for
2023
(TechRepublic)
The
U.S.
Bureau
of
Labor
Statistics
predicted
security
analyst
jobs
will
grow
by
35%
between
2021
and
2031
with
19,500
openings
for
information
security
analysts
projected
each
year
(Figure
A).
Figure
A
Momius/Adobe
Stock
Marrè
said
layoffs
may,
to
some
extent,
constitute
an
adjustment
after
a
hiring
spree
during
the
COVID-19
pandemic.
“Actually
many
companies,
including
tech
companies,
are
still
hiring,”
Marrè
said.
“Set
against
the
backdrop
of
massive
hiring
that
was
done
during
the
years
of
the
pandemic,
the
general
job
cuts
across
the
tech
industry
do
not
seem
as
significant
—
of
course,
job
cuts
are
always
significant
for
those
directly
affected.
“The
good
news
is
there
are
still
many
unfilled
job
openings
out
there
for
tech
workers,
so
optimistically,
this
will
end
up
being
more
of
a
reshuffling
than
a
massive
downsizing.”
With
GitHub
downsizing,
security
automation
taking
up
slack?
Among
tech
cuts
recently
announced,
both
Microsoft’s
GitHub
unit
and
competitor
GitLab
announced
plans
to
downsize
by
10%
and
7%
of
staff,
respectively.
GitHub,
which
has
a
reported
3,000
employees,
will
go
fully
remote,
per
initial
coverage
in
Fortune
—
Microsoft’s
CEO
in
January
announced
plans
to
cut
10,000
jobs
through
fiscal
2023,
or
5%
of
its
workforce.
The
300
jobs
GitHub
plans
to
cut
constitutes
a
relatively
small
number
in
the
scheme
of
things,
but
the
code
hub
is
used
by
over
100
million
developers
and
claims
to
have
more
than
372
million
open-source
code
repositories
used
by
software
builders
worldwide.
Although
employing
open-source
code
has
numerous
security
implications,
Cappos
said
the
advent
of
DevSecOps
has
improved
the
security
environment
and
made
it
easier
for
developers
to
work
fast
within
cloud
environments
like
AWS
without
sacrificing
security.
This
takes
some
pressure
off
of
staff
who
may,
at
least
in
the
short
term,
have
fewer
colleagues
on
hand.
“The
DevSecOps
paradigm
started
with
lightweight
containerization
and
microservice
architecture
because
of
Kubernetes,”
Cappos
said.
“The
way
security
caught
up
is
that
people
have
done
a
lot
of
work
to
make
things
like
Kubernetes
not
as
easy
to
misconfigure.
“There
are
a
lot
of
really
great
software
projects
and
security
projects
in
that
space,
and
Kubernetes
has
a
very
good
security
team
working
on
this.
They
have
made
it
more
difficult
to
shoot
oneself
in
the
foot;
they
have
defined
better
tooling
around
it
so
that
people
who
do
DevOps
work
can
do
security
as
part
of
that.”
Martin
Mao,
co-founder
and
CEO
of
cloud-native
data
and
metrics
company
Chronosphere,
pointed
out
that
Prometheus
is
the
de
facto
standard
of
Kubernetes
monitoring
today.
“We
work
with
Julius
Volz,
one
of
that
project’s
creators,”
Mao
said.
“I
do
think
investments
in
open
source
are
here
to
stay,
and
I
think
every
company
will
continue
to
recognize
that
they
need
to
be
aware
of
issues
and
continue
to
address
them.”
Looking
at
the
past
months’
tech
layoffs,
almost
no
team
within
a
company
is
sacrosanct,
and
Mao
argues
that
at
the
end
of
the
day,
most
companies
would
like
to
automate
more
of
their
human-run
processes
for
scale
and
efficiency.
“It’s
important
to
remember,
though,
that
moving
to
DevOps
or
DevSecOps
or
platform
engineering
means
that
you
are
purposefully
transferring
complexity
from
one
solution
to
another,”
Mao
said.
He
said
that,
in
the
best
of
all
worlds,
security
tech
staff
would
gain
the
same
benefits
as
other
teams
from
working
in
a
DevOps
or
DevSecOps
paradigm:
less
low-level
work,
less
fighting
fires
and
more
time
to
be
proactive
about
their
company’s
security
posture.
Former
staffers
as
attack
vectors
Is
there
an
increased
security
risk
consequent
to
staffing
cuts,
potentially
worsened
by
poor
organizational
hygiene?
Marrè
said
yes,
pointing,
for
example,
to
the
potential
for
insider
threats
after
the
so-called
Great
Resignation
and
the
need
for
proper
protocols
for
deprovisioning
users.
“People
who
have
been
laid
off
may
become
the
next
target
or
vehicle
to
deploy
ransomware
attacks,”
Marrè
said.
“Bad
actors
will
most
likely
continue
to
offer
ex-employees
money
in
exchange
for
user
credentials
to
gain
access
to
critical
systems
and
infrastructures
or
offer
them
money
in
exchange
for
information
about
the
company
which
can
be
used
to
attack
it.
“Insider
threat
is
always
a
risk,
but
large-scale
layoffs
and
widespread
employee
dissatisfaction
increases
that
risk
significantly.”
Transparency
is
key
to
incident
response
Marrè
suggests
that
companies
with
outages,
whether
in
their
cloud
operations,
on-premises
systems
or
customer
engagement
platforms
should:
-
Communicate
clearly
and
effectively
with
customers
about
the
problem,
the
status
and
the
in-progress
solution. -
Make
sure
they
have
plans
to
deal
with
the
increased
workload
per
employee
to
maintain
the
same
infrastructure
and
systems
as
when
they
were
fully
staffed.
He
added
that
preventing
disruptions
requires
retaining
people
in
key
positions
with
institutional
knowledge
of
infrastructure
and
operations,
including
security
operations.
“This
can
allow
organizations
to
maintain
uptime
without
significant
outages
and
remain
resilient
in
the
face
of
incidents,”
Marrè
said.
“Cuts
across
those
roles
can
have
an
asymmetrically
impactful
effect
on
quality
of
service
as
compared
to
other
roles
in
the
company.”
The
risks
of
doing
more
with
less
Mao
noted
that,
across
the
board,
his
firm
is
seeing
that
the
engineering
teams
at
many
tech
companies
are
now
being
asked
to
do
more
with
less
and
that
companies
need
to
pay
attention.
“I
think
that
the
message
here
is
companies
need
to
understand
how
much
work
and
complexity
is
being
absorbed
by
employees
running
around
with
their
hair
on
fire,”
Mao
said.
“Every
outage
has
a
root
cause,
but
during
an
outage,
it
comes
down
to
employees
who
have
to
find,
understand
and
fix
the
problem.”
Chronosphere
recently
conducted
research
showing
that
developers
and
engineers
spend
at
least
a
quarter
of
their
work
time
performing
low-level
troubleshooting
tasks.
“If
a
company
is
asking
fewer
employees
to
monitor
more
systems,
then
there
is
a
higher
likelihood
of
an
issue
slipping
past
undetected
and
spiraling
into
a
much
bigger
problem,”
Mao
said.
“And,
unfortunately,
many
of
the
systems
in
place
today
are
ill-equipped
to
lend
a
helping
hand.”
About Author
