Two-thirds (67%) of cybersecurity professionals have not received a pay rise in the past 12 months, despite cyber being rated as the scarcest technology skill in the world, according to a new study by recruitment firm Harvey Nash.
The global survey of almost 6000 technologists showed that the rate of pay increases in cyber compared poorly to many other tech positions. For example, while ethical hackers, information security analysts, CISOs and cybersecurity consultants were the cyber roles in most demand, CISOs and security specialists were only ranked 14th among tech roles receiving a pay rise in the last 12 months.
Despite the critical role of security pros during the shift to remote working, companies were more likely to offer pay rises to those tech roles linked to creating value and agility for the business, such as development and user experience. The three roles most likely to be given a pay rise were development management/team leadership (59%), design/UX/UI (50%) and quality assurance (50%).
However, those in cybersecurity roles were less likely to experience a salary decrease (6%) than any other tech job.
In total, four in 10 tech experts received a pay increase in the last 12 months.
Interestingly, the report also ranked CISOs and security specialists as fifth in the list of tech positions most likely to be automated in the next 10 years. This result may be due to the expanded attack surface following the shift to remote working, necessitating more widespread use of automation to detect attacks.
Bev White, chief executive, Harvey Nash Group, commented: “Technology roles are hugely important and deserve to be well paid. In today’s environment where cyber threats are ever-present, security roles, in particular, are critical to the success of organizations and should be properly remunerated. But despite the key role that security specialists have played in keeping businesses protected during the unprecedented challenges of the pandemic and the move to mass homeworking, this doesn’t seem to have translated into pay rises for the majority of cyber professionals.
“Instead, organizations have chosen to reward those individuals that have led or supported their focus on developing innovative ways in which they can pivot their business and build new systems with a customer/outward focus. This has meant that roles such as Development Management/Team Leadership and Design/UX/UI have been rewarded the most.
“While one can see the rationale behind this, it is vital that organizations don’t score an own goal by under-rewarding their cyber teams – and then facing an exodus of talent looking for better remuneration elsewhere. There is a balance to be achieved, but the signs are that the reward strategies of many businesses have perhaps tipped too far in one direction.”