Published on: November 17, 2023
Researchers with the Information Security Insights and CISO Guidance (IANS) and talent-hunting company Artico found that the top 25% of companies are paying up to $500’000 for talented cybersecurity personnel.
Cybersecurity experts are needed more than ever as hackers have seriously stepped up the amount of data breaches, hacks, and exploits they pull off. A company requires a strong cybersecurity defense team, but to retain them, they need to offer competitive wages.
The report found that the number of cybersecurity employees and their wages scaled with revenue. While smaller firms may need one-to-nine cybersecurity employees, massive corporations require hundreds of specialists.
Fifteen percent of businesses are approaching (or already at) a milestone that requires them to hire a SecOps for their security organizations.
“For 15% of CISOs, the head of AppSec is a likely or critical hire, followed by 13% for a head of IAM,” explains the report.
Finding solutions to these various concerns is one of the main concerns for any company’s Chief Information Security Officer (CISO). Most firms follow a similar pattern when it comes to organizational patterns. For example, Fortune 500 companies would typically have 4 layers of staff underneath the CISO.
Large Enterprises, companies with revenue ranging from $400 million to $6 billion, would use between 2-3 layers of cybersecurity experts under their respective CISOs.
Smaller firms would typically avoid bureaucratic layers and opt for a team of specialists that each manage their own set of tasks — each employee typically has multiple responsibilities.
The wage floor across these various specializations (including CISOs, SecOps, risk, compliance, etc) varies. That said, researchers found that the earnings in these fields average at $523’000, and total compensation is $640’000 with equity.
The floor does vary by specialty, for example, a Deputy CISO’s floor is up to $465’000. The company an employee works for and its size also factors into how much it can afford to pay experts.
As the demand for cybersecurity experts continues to rise dramatically, companies are paying increasingly competitive wages.