Booming Salaries for CISOs, triggered by heightened demand
In a recent report, executive search firm Heidrick & Struggles has shed light on the compensation trends for Chief Information Security Officers (CISOs) in the current equity market climate.
The report suggests that the cooling equity markets could potentially impact the compensation for top CISOs. However, the increased focus on cybersecurity has led to the emergence of a new breed of executive who can effectively manage security requirements while communicating effectively with the board.
According to the survey conducted by Heidrick & Struggles, total compensation for top CISOs reached almost $4.4 million, with $1.6 million being cash compensation. The report indicates a wide disparity between the compensation of average CISOs and outliers, largely influenced by the revenue of their companies.
The survey involved 327 CISOs, and it was found that greater revenue is associated with a greater total compensation for CISOs. The median total compensation for CISOs this year is $971,000, up from $936,000 last year.
Interestingly, the report suggests that if a CISO is promoted into their role and has a longer tenure, they are more likely to be underpaid. For CISOs in their role for five or more years, total cash compensation dropped 3%, as stated in the report.
However, the median-cash compensation for CISOs increased by 15% this year to $584,000. Total cash compensation growth is highest for CISOs in their role for less than a year, up 40% year over year.
The report also highlights that more attention to enterprise cybersecurity has raised the visibility of cybersecurity chiefs. The average salaries for CISOs in the financial services sector were approximately $250,000 to $300,000 in 2021 and increased to around $270,000 to $320,000 in 2022 on the West Coast; in the Mid-Atlantic region, salaries ranged from about $230,000 to $280,000 in 2021 and rose to approximately $250,000 to $300,000 in 2022.
The report further suggests that tenured CISOs may have more compensation opportunities outside of their organization due to high demand for technology talent at the highest levels. Regulators are raising the bar for security standards and disclosure, which could potentially lead to increased demand for experienced CISOs.
Cybersecurity fallouts are heavily documented in financial documents, and the report indicates that the focus on cybersecurity will continue to be a significant factor in executive compensation. The report concludes by stating that the median total compensation is highest for CISOs in the technology and telecommunications or financial services sector, with the highest median-cash compensation in the Mid-Atlantic region.
