CISO salary growth slowing - and they're expected to seek change

Tech-oriented CISOs tend to earn more than those focused on compliance

clock • 2 min read
Most CISOs earn either less than $400,000 or above $700,000 a year, survey finds

Most CISOs earn either less than $400,000 or above $700,000 a year, survey finds

The pay disparity between the highest-earning and lowest-earning Chief Information Security Officers (CISOs) is expanding, as top executives' salaries rise at three times faster than their counterparts in lower positions.

These findings are based on the most recent results of IANS' study, which surveyed a total of 660 CISOs and other security executives - although the majority, 600 respondents, were in North America.

The survey, conducted between April and August 2023, showed that average CISO wages are either below $400,000 or above $700,000.

Most (52%) earn less than $400,000 annually, while 20% are paid $700,000 or more.

Only 6% of respondents fall in the $500,000 - $600,000 range, and 8% earn between $600,000 and $700,000.

The average increase in CISO compensation rose 11% this year, a decrease from the 14% seen in 2022.

Notably, pay did not increase for one out of every five CISOs.

The percentage of security leaders receiving higher retention bonuses fell to 12%, from the previous figure of 21%. Additionally, the proportion of CISOs with "substantial" equity packages was down to 8%, from the previous 24%.

"At a macro level, CISOs had a good year as significant compensation increases continued despite a challenging economic environment," said Nick Kakolowski, senior research director at IANS.

"On closer inspection, we're seeing CISOs getting elevated in the business, taking on a larger scope and being exposed to increased liability. Commensurate compensation increases aren't extending into the middle and lower quartiles of the market. We expect CISOs to seek change as a result - something evidenced in 75% of respondents saying they are considering a job change in the next 12 months."

However, the study also highlighted a more competitive landscape for the CISO role. It identified a fall in the number of companies actively searching for CISOs.

As organisations became more cautious with their recruitment budgets and implemented hiring freezes this year, there was a significant decline in job switching among CISOs.

Only 12% of CISOs reported switching positions in the last 12 months, a notable fall from the 21% who did so in 2022.

According to the study, having a strong technical background yields higher compensation than a background focused on business risk management.

CISOs with a technical orientation earn roughly 15% more compared to those with a more GRC (governance, risk and compliance)-leaning background.

The most lucrative skill combination involves a technical background with expertise in product security or application security; CISOs with these qualifications have an average total compensation of $700,000.

The financial services and technology sectors were the highest-paying for CISOs this year. Financial security leaders reported an annual average compensation of $728,000, while those in the tech industry had an average compensation of $678,000.

On the other hand, CISOs in the legal and manufacturing sectors had the lowest total compensation (on average), averaging $550,000.

You may also like
Interview: The role of curiosity in security leadership


How it helped one CISO shape his security strategy

clock 11 January 2024 • 5 min read
Leaked documents reveal Microsoft staff pay data


Salary ranges, bonus information and stock awards among leaked info

clock 18 October 2023 • 2 min read
Tricks of the trade: Securing cloud-first at Kingfisher

Cloud and Infrastructure

Keeping development and cloud teams within the security guardrails takes a bit of know-how, says security lead John Day

clock 25 May 2023 • 5 min read
Most read

'Microsoft Copilot is a gimmick', says top CIO

28 February 2024 • 2 min read

Cyber incident disrupts another UK university

25 February 2024 • 2 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Corporate

Sony announces major layoffs and closes London Studio

Sony announces major layoffs and closes London Studio

Major studios such as Insomniac, Naughty Dog, and Guerrilla Games will feel the impact of job cuts

clock 28 February 2024 • 3 min read
Inside KKR's $3.8bn offer for VMware EUC

Inside KKR's $3.8bn offer for VMware EUC

Private equity firm KKR has offered $3.8bn for the End User Computing business

Steve Burke, O’Ryan Johnson
clock 27 February 2024 • 5 min read
Google, Anthropic announce measures to combat election disinformation

Google, Anthropic announce measures to combat election disinformation

Anthropic's AI will steer people towards reputable sources while Google will launch a 'prebunking' campaign

clock 19 February 2024 • 3 min read