With Brad Arkin at the helm, Salesforce's security team reportedly shrank from ~300+ to 188 engineers over two years, aligning with company-wide restructurings amid AI adoption and efficiency drives. No public data specifically attributes incident spikes to these cuts, but one has to ask. The volume of breaches has fueled speculation about under-resourcing in security.
Do they regret the security headcount drop? No explicit statements, but the incident surge (from sporadic in 2024 to widespread in 2025) and AI backpedaling suggest possible hindsight regrets and prioritizing efficiency over robust defense in a high-threat landscape like Salesforce.
Major Incidents-
Late 2024 – Early 2025 Vishing Wave (UNC6040)
June–July 2025 Major Vishing Campaign (UNC6040)
August 2025 Salesloft Drift OAuth Breach (UNC6395)
September–October 2025 Extortion & Leak Escalation (Scattered LAPSUS$ Hunters)
Late 2025 – Early 2026 Follow-On Incidents