It pays to be a CISO. More than half of these cybersecurity leaders earn up to $400,000, according to survey results released Tuesday by IANS and Artico Search. The annual compensation for the top 10% surpasses $1 million per year, the 2023 CISO Compensation Benchmark Study found.
CISO salary increases are slowing down, with average total compensation for CISOs up 11% this year, but down from a 14% average increase in 2022. The share of CISOs earning compensation increases this year was also down; just 80% of CISO saw base salary increases, down from 90% last year.
The lower pace of compensation increases for CISOs is purely an economic reality, according to Nick Kakolowski, research director at IANS.
Security budget growth scaled back this year amidst economic uncertainty, inflation and increased borrowing costs, which impacted funding for cyber talent, the report said.
In the U.S. the average total compensation for CISOs reached $550,000 this year, according to the survey of 609 security professionals in the U.S. and Canada. Nearly two-thirds of the survey respondents work for organizations in the finance, healthcare and technology sectors and nearly half work at companies with less than $1 billion in annual revenue.
With cyber threat recognition on the rise and budgets squeezed, organizations are largely asking for more from CISOs, Kakolowski said via email.
The CISO role is going through a transition similar to what CFOs went through with compliance to the Sarbanes-Oxley Act and what CIOs encountered during digital transformation efforts, Kakolowski said.
This might elevate CISOs’ roles within their organizations, but rarely to the highest corporate level. Only 1 in 5 CISOs are considered a C-level executive at their organization, according to the report.
“Cybersecurity is a critical part of doing business and, as more organizations recognize that, CISOs are being elevated — in terms of compensation and influence — to a similar level as other specialists in the C-suite,” Kakolowski said.
Despite these changes, CISOs remain consistent in their hunt for new career opportunities. Those considering a job change in the next 12 months jumped from two-thirds of CISOs surveyed in 2022 to three-quarters of CISOs surveyed this year.