A growing number of tech sector security leaders are unhappy at their level of compensation, with budgets declining and many failing to get a raise last year, according to IANS Research.
The Boston-based research specialist teamed up with Artico Search to compile The Compensation, Budget and Satisfaction Benchmark for Tech CISOs, 2023–2024. It was written up from interviews with 149 tech sector CISOs at organizations ranging from less than $100m in annual revenue to more than $20bn.
Across the sample, 34% of CISOs said they have concerns about their compensation – with higher compensation unsurprisingly corresponding to greater satisfaction.
The size and type of organization will largely determine how much a CISO is paid, according to the study. Those working at publicly listed firms receive the most (around $1m) followed by those at VC-backed tech firms ($793,000).
Read more on CISO concerns: Supply Chain and APIs Top Security Concerns, CISO Survey Shows
CISOs working for private equity-backed tech firms are similarly compensated in cash as those at VC players but get less equity. Those at the bottom end of the scale are at tech firms majority owned by the founder.
By tech sub-sector, earnings are highest for CISOs at cybersecurity vendors, followed by hardware/infrastructure and fintech, the report also found.
“Similar to other sectors, scale begets complexity, which leads to higher compensation packages for CISOs,” explained IANS faculty member, Steve Martano. “Not all CISO roles are equal in tech – some are heavily product-centric roles for scaling organizations, while others are responsible for global teams and eight-figure budgets.”
Contributing to general concern over pay last year was the fact that a third (31%) of responding CISOs didn’t get a raise – an 18 percentage point drop from the previous year.
Macroeconomic challenges and cost-saving efforts could explain both this and the dramatic fall in annual security budget growth, from 30% in 2022 to just 4% last year.
Despite CISO concerns over compensation, a hiring slowdown last year meant the share of tech CISOs who changed employers declined from 34% in 2022 to 19% in 2023. However, that might be about to change: the share of respondents who are considering a job move in the next year grew by 13 points to 78%, the report found.
Concerns over compensation come amid growing workplace pressure. Nearly two-thirds (62%) of global CISOs said last year that they’re worried about being held personally liable for cyber-attacks that occur on their watch.