17 Mar 2015
Earlier this year, Peter Metzger, vice chairman at executive recruiter CTPartners, was quoted in a Wall Street Journal blog:
What is driving the salary upwards could be linked to the following:
CISOs out there who feel their salaries are underpar would be wise to brush up on their business and technical acumen. For instance, CISOs should consider:
In the last six months, we have seen a one-third increase in total compensation packages for Fortune 100 companies. In some cases, big banks are paying over $1 million. Healthcare companies are paying over $1 million, big insurance companies are paying over $1 million. Total compensation is $500,000 to $600,000 in other industries.
This was not the first time we heard about CISO salaries going up. Last year, Computing published an article that stated, “In a year in which IT investment is expected to grow, the biggest rise in salaries of all IT leader roles in the UK will be for chief information security officers (CISOs).”
Now, $1 million USD (£675,000 GBP) is not chump change by anyone’s standards. Obviously, not every global firm will stump up that sort of cash. For instance, a little web digging shows the UK average salary for a CISO to be around £85,000 ($125,000 USD) across the UK. These salaries are still however comfortably above the median wages in London and New York prime locations. The median Inner London salary being recently estimated at around £35,000 ($52,000 USD), while last year, Manhattan’s Battery Park City median was estimated at $105,000 (£71,000 GBP)
The upshot however is clear: reputable CISOs are increasing their negotiating power with potential employers and clients.
The upshot however is clear: reputable CISOs are increasing their negotiating power with potential employers and clients.
What is driving the salary upwards could be linked to the following:
-
Organisations are worried about cyber attacks.
Recent high-profile hacks - such as those that hit Sony, Target, eBay, and Domino’s Pizza - raise concerns that companies networks and data are vulnerable. Having a reputable CISO on-side to help mitigate against being the next victim is highly attractive. -
Increased digital complexity within the organisation.
With BYOD and remote working comes additional flexibility and increased opportunity for greater productivity for employees and stakeholders alike, but it also underlines the need for a security strategy that is both fluid (to adapt quickly to new technologies, services and applications) and as airtight as possible to avoid a SNAFU security situation. -
Expertise and thought leadership a must.
Organisations don’t just want someone to add a layer of security on top of performance-enhancing strategies. They need a senior thought leader who not only understands the business opportunities for a specific organisation, but has a proven track record for implementing the required processes to ensure business continuity and growth.
CISOs out there who feel their salaries are underpar would be wise to brush up on their business and technical acumen. For instance, CISOs should consider:
- Attending and presenting at conferences, forums and events where industry experts share the latest case studies and findings;
- Building a network of CISOs by joining groups and sharing contact information;
- Publishing articles and presenting on the latest security best practices;
- Keeping abreast of security-related news;
- Gaining experience creating and implementing security strategies; and
- Ensuring that all security training is up to date.
If you are a CISO looking to brush up on your skills, we can help. We host security related conferences all around the world, and are always on the look out for talented senior security representatives from all industries to attend and speak at our events as well as contribute to our blogs. Learn more at AKJ Associates.
Tags: CISO salaries employment security packages responsibilities tips
