Tech titan Microsoft is welcoming in Q1 of 2025 by implementing new job cuts across a number of divisions in its business.
Targeting employees across gaming, experience and devices, sales, and security, the news of job losses comes hot off another Microsoft announcement of separate and unrelated performance-related job cuts across its business.
Business Insider reported that a Microsoft spokesperson said the layoffs would affect a small number of employees without specifying exact numbers.
Examining the Layoffs
Affected employees started receiving notifications on Tuesday about layoffs in Microsoftβs security unit.
Although the company does not publicly disclose the breakdown of employees across specific divisions like security, Microsoftβs overall global workforce floats at around 228,000 employees.
Microsoft security is twofold: it creates enterprise security tools such as Microsoft Defender for Endpoint and Microsoft Sentinel whilst also maintaining Microsoftβs own security.Β
The cut has not been specified as to where it will land. Yet, the announcement is surprising, seeing as how only last year the company expanded itsΒ Secure Future Initiative, making security the βtop priorityβ for every employee.
βIf youβre faced with the tradeoff between security and another priority, your answer is clear: Do security,β
Microsoft CEOΒ Satya NadellaΒ told employees in an email last year.
Contextualising the Development
Microsoftβs focus on security came from what the US Department of Homeland Security called βa cascade of security failuresβ.
It stated, βMicrosoftβs security culture was inadequate and requires an overhaulβ, given the companyβs ubiquity and role in the worldβs technology ecosystem.
This damning indictment resulted from a 2023 hack, where an alleged Chinese hacking groupΒ breached MicrosoftΒ Exchange Online email and stole thousands of US government emails.
Equally, In 2024, Russian hackers broke into MicrosoftβsΒ systems, spied on staff inboxes and stole emails from its customers.
Days after millions of Windows PCs went down across the world due to a bug Microsoft systems experienced with the Crowdstrike update, its services like Microsoft 365 and Microsoft TeamsΒ were taken offline by a Distributed Denial of Service (DDoS) attack. Microsoft said in an update its attempts to stop the DDoS attack actually amplified it.
So bad were the recent failings that Microsoft CEO Satya Nadella took a voluntary pay cut of $5 million over the companyβs cyber failures
How Security Could Take a Hit
Although its productivity and business process offerings are not affected, the knock-on effects of these layoffs could begin to hit Microsoftβs main meal ticket.
The fact that the security segment of its division is subject to layoff and performance-related cuts could see a chunk of its workforce reduced.
This means that fewer employees will have to do the same amount of work to keep Microsoft as safe as before.
Not only is the cybersecurity sector perennially understaffed, but the advance in AI has meant that already-stretched teams are having to deal with more sophisticated and numerous attacks.
A 2024 ISACA study found that nearly two-thirds of cybersecurity staff say job stress is growing, with AI-augmented attacks being a contributing factor.
UCaaS on the line
Microsoft products are continuously undergoing vulnerability testing and patching as part of security processes.
Some come from the investigation of an attack uncovering how attackers got in, whilst others are part of routine testing to update and secure their products continuously.
One recent raft of patches announced in January released as part of its Tuesday round-up saw them highlightΒ 159 vulnerabilities,Β 12 of which are critical and include no less than eight zero-day exploits.
Three of those found are known to be under active exploitation, according to Microsoft.
Previous patches found in 2023 concerned Microsoft Teams, in which Microsoft stated, βThe attacker does not need privileges to attempt to exploit this vulnerability.β
All it involved was an attacker tricking the victim into joining a Teams meeting to enable a remote code execution in the context of the victim user.
By reducing its security team at a time of increased threats and when Microsoft is ill-prepared to defend against them, Microsoft increases the threat to users of its communication solutions.
Whether it is a loss of Teams service, as experienced in the DDoS attack, or the lack of security on its Microsoft email platform, which led to an email breach, itβs hard to see how cuts to security can provide better service.
Microsoftβs AI Ambitions
These security division cuts come at a time when Microsoft, and indeed many other large tech companies, are reducing costs elsewhere across their business so they can redivert funds to the ongoing AI race.
Microsoft just this month announced plans to spend over $80 billion constructing data centres to process AI workloads in the 2025 financial year.
Plus, Last week it announced a new 365 Copilot Chat solution, which adds pay-as-you-go AI agents to the existing chat experience for Microsoft 365 customers.
