Yahoo cuts a quarter of its cybersecurity team amid controversy
- Yahoo's cybersecurity team, known as The Paranoids, has seen significant layoffs, affecting around 25% of its workforce.
- The red team, dedicated to offensive security, has been entirely eliminated, indicating a major shift in security strategy.
- These changes are part of a broader restructuring within the technology unit, aiming to focus on critical security priorities.
In 2024, Yahoo, a major American internet company, underwent significant changes in its cybersecurity team, resulting in considerable layoffs. Reports indicated that approximately 25% of The Paranoids, Yahoo's cybersecurity division, have been laid off, with estimates of 40 to 50 personnel lost from a total of 200. This decision appears to be part of a broader restructuring within the organization's technology unit led by Valeri Liborski, who was appointed as Yahoo’s chief technology officer in September. The elimination of positions reflects a strategy shift as Yahoo aims to adapt to evolving security needs and expectations. Furthermore, the so-called red team, which specialized in offensive security operations, was entirely dissolved. This team was responsible for conducting cyberattack simulations to detect vulnerabilities within Yahoo's systems before actual hackers exploited them. Their removal has raised concerns among employees about the company’s commitment to thoroughly addressing potential vulnerabilities. In the context of an increasing cyber threat landscape, such a move may suggest a troubling shift away from proactive security measures. Yahoo confirmed the layoffs and emphasized that this strategic adjustment, which includes transitioning offensive security operations to an outsourced model, stems from the maturation of its security program. The spokesperson for Yahoo stated that the security program had evolved significantly over the last seven years, achieving recognition as a leading industry operation. The intent behind these layoffs and structural changes appears to be to focus resources more effectively on priority security initiatives, ensuring high standards of protection for users and Yahoo's platforms. However, concerns remain about the effectiveness of outsourcing vital security operations. Relying on external parties for offensive security, which was previously managed internally by skilled professionals within The Paranoids, could create gaps in oversight and responsiveness to emerging threats. As Yahoo makes this shift, it must balance potential cost savings with the security realities of a continuously shifting digital landscape, where the risks from cyberattacks are ever-increasing.