CISOs Receive Smaller Raises and Bonuses in 2023

Written by

CISO salary growth has slowed with 20% receiving no raise at all in 2023, according to a new study by IANS Research and Artico Search.

The research found an average total compensation increase of 11% over the past 12 months. This represents a reduction of 14% from the previous year.

The average base salary increase was 7% in 2023, falling from 10% the previous year.

IANS surveyed over 600 CISOs from the US and Canada between April and August 2023 to compile the research.

It also revealed that fewer CISOs received bonuses and equity packages increases this year. 

Widening Salary Gap Between CISOs

There is a widening gap between the top and bottom earning CISOs, according to the report. The average total compensation across all participants was $550,000, with a median of $388,000.

Over half (52%) of CISOs surveyed earn under $400,000 per year. This is made up of 30% whose total earnings are below $300,000, and 22% who take home between $300,000 and $400,000.

There is a much smaller proportion of ‘middle earners,’ with 6% receiving between $500,000 and $600,000 per annum, and 8% earning between $600,000 and $700,000.

At the higher end, 20% of CISOs have an annual compensation that exceeds $700,000.

The survey found that CISO salaries varied significantly between different industries. Finance and tech firms pay the highest average salaries, at $728,000 and $678,000, respectively.

CISOs working in legal, healthcare and manufacturing have a much lower total compensation package, ranging from $327,000 to $378,000.

Are CISOs Satisfied with Their Salaries?

The report found that 75% of CISOs are considering a job change within the next 12 months, up from 67% in 2022. Nick Kakolowski, senior research director at IANS, said the growing responsibilities of the CISO role are not being matched in terms of the additional compensation being offered.

“On closer inspection, we're seeing CISOs getting elevated in the business, taking on a larger scope and being exposed to increased liability. Commensurate compensation increases aren't extending into the middle and lower quartiles of the market. We expect CISOs to seek change as a result,” he commented.

Steve Martano, partner and executive recruiter for Artico Search's cyber practice, highlighted the economic downturn as the primary factor in the lower growth in CISO pay, leading to less opportunities to land large-scale pay rises by changing companies.

Martano advised three things CISOs can do to improve their marketability, including:

  • Strengthening their personal brand
  • Elevating their competence in business acumen
  • Improving their executive presence to position themselves strongly with prospective employers.

What’s hot on Infosecurity Magazine?