Good Pay, Poor Sleep: CIISec on UK Cyber Sector Issues

Share
With the WEF projection of an 85-million-worker global shortfall looms, the need for action is more urgent than ever. PICTURE: Getty
A CIISec report highlights how, despite average salary for UK cybersecurity professionals being over double the countries average, stress over indexes

In an increasingly digital world, the demand for cybersecurity has never been higher. Organisations, from small businesses to large enterprises, are doubling down on efforts to protect sensitive data and systems from cyber threats. 

However, with such critical responsibilities come high levels of stress, and this has placed a strain on the cybersecurity workforce that even rising wages can’t seem to alleviate.

Yet with more money comes more problems, with a recent Chartered Institute of Information Security (CIISec) report showing that those in the post are over indexing on stress.

Salaries on the rise but stress persists

According to CIISec’s State of the Security Profession report, the average salary for UK-based cybersecurity professionals now stands at £87,204 (US$112,451). 

This is more than double the national average wage and represents a substantial real-term increase since 2016, even when adjusted for inflation.

Professionals in the top income bracket are particularly well-compensated, with nearly one in five earning over £150,000 (US$193,428) —a stark contrast to just 7% achieving that figure seven years ago.

Youtube Placeholder

This steep rise in wages may appear to be a positive development, particularly in an era of economic uncertainty. 

However, the financial rewards are offset by a more troubling trend: many in the sector are under immense stress. 

The CIISec report found that over half (55%) of cybersecurity professionals are kept awake at night by job-related anxiety. 

For 39%, this stress is so severe it leads them to worry about long-term health risks, such as heart attacks. These figures underscore the strain placed on those responsible for fending off digital threats around the clock.

Shortages and growing workloads

Due to changing global dynamics and the introduction of AI, one issue contributing to this problem is the threat landscape has undoubtedly changed. 

The CIISec report reveals that cybersecurity professionals are both hopeful and concerned about AI’s impact on their field. 

89% of surveyed professionals believe AI could be exploited by cybercriminals, while 71% see it as beneficial for defenders. 

Worryingly, 44% of respondents said their organisations lack policies for safely integrating AI—a gap that could leave companies exposed to unexpected vulnerabilities. 

“Educating people just entering the industry will be vital, as they’ll be defending against AI attacks for decades to come,” says CIISec CEO, Amanda Finch.

Yet despite these new issues introducing more work, issues surrounding shortages have persisted for years.

“If the cybersecurity industry wants to attract and keep its talent, it must diversify recruitment practices, hiring based on skills rather than experience or qualifications,” said Amanda.

CIISec CEO, Amanda Finch

Currently, barriers to entry—such as rigid degree requirements and experience thresholds—exclude many potentially skilled individuals who may have the aptitude but lack formal credentials.

By focusing on skills, companies could draw in candidates from non-traditional backgrounds, including those with self-taught expertise or transferrable skills from other fields.

Sustaining cybersecurity staff

The data is clear: while cybersecurity professionals in the UK are better paid than ever, this comes with a high cost. 

As threats become more advanced, the burden on this essential workforce grows, leading to burnout and a shortage of qualified staff. The escalating stress levels highlight that salary alone is not enough to retain talent in this high-pressure field.

As the World Economic Forum’s (WEF) projection of an 85-million-worker global shortfall looms, the need for action is more urgent than ever. 

Only by addressing stress and building resilience can the industry hope to keep up with the growing demand for cyber protection and maintain a stable workforce capable of defending against the next generation of threats.

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand

Share

Featured Articles

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

FS-ISAC CISO JD Denning explains the cyber strategies financial providers need to adopt in order to stay afloat in the wave of cyber attacks

Darktrace Reports 692% Surge in Black Friday Cyber Scams

AI cybersecurity firm Darktrace reveals increase in brand impersonation attacks targeting retailers, with holiday-themed phishing attacks rising 327%

KnowBe4 Launches AI Agents to Counter Phishing Threats

AI Defense Agents aim to measure and reduce human cyber risk as AI-powered attacks increase, with new tools for automated training and threat simulation

Gen Reports 614% Rise in Command Prompt Manipulation Scams

Cyber Security

SAVE THE DATE – Cyber LIVE London 2025

Cyber Security

AWS Targets Cloud Security with Incident Response Platform

Cloud Security