CISO compensation packages in North America continued to rise this year, but the gulf between the top and median earners remains significant, according to new data from IANS Research.
The consulting firm polled 566 CISOs in the US and Canada between April and October 2025, to put together its sixth annual CISO Compensation Benchmark Report.
Counting salary, bonus and equity packages together it found an average 6.7% annual growth in CISO compensation this year.
However, the top 1% of CISOs said they earn more than $3.2m in total compensation – roughly 10 times the median and 20 times the value of the bottom 10%. Most of the difference is accounted for by the size of their equity package, but it often also reflects organization size. Perhaps unsurprisingly, Fortune 100 CISOs often far exceed reported averages.
Read more on CISO wages: UK Cybersecurity Wages Soar Above Inflation as Stress Levels Rise
Although compensation is growing nicely for CISOs, they may find their powers of persuasion with the board are increasingly called upon, given that budgets grew only 4% in the same period, according to the report.
This is the slowest they’ve grown in five years and comes at a time of mounting cyber-risk due to investments in AI and cloud which are growing the attack surface, and the evolving threat from a dynamic, well-resourced cybercrime ecosystem.
IANS research from August revealed that budgets grew twice as large (8%) in 2024. Additionally, 47% of CISOs reported an increase in budget this year, down from 62% in 2024, while 39% reported no increase, up from 26% last year.
CISOs Jump Around
The latest IANS study also found an increase in CISO mobility: 15% of respondents changed their employer this year, versus 11% in 2024. However, those who stayed put benefited from new responsibilities and an average compensation rise of 8.1%, versus 5% for those who switched.
Steve Martano, IANS faculty and partner at Artico Search’s Cyber Practice, argued that talented security leaders are still in high demand.
“The market for top security talent is still competitive, but motivations are shifting,” he explained.
“We’re seeing more CISOs prioritize influence, visibility, and culture over pure compensation. The smartest companies are responding by giving their security leaders a true seat at the table, not just a bigger pay check.”
According to the study, 70% of CISOs receive equity, in some cases representing up to half of total pay. Tech and financial services firms are the highest-paying sectors, with average compensation of $844,000 and $744,000 respectively.
Most (71%) CISOs also receive perks such as Directors and Officers (D&O) insurance, deferred compensation plans, improved health packages and executive coaching.