Good Pay, Poor Sleep: CIISec on UK Cyber Sector Issues
In an increasingly digital world, the demand for cybersecurity has never been higher. Organisations, from small businesses to large enterprises, are doubling down on efforts to protect sensitive data and systems from cyber threats.
However, with such critical responsibilities come high levels of stress, and this has placed a strain on the cybersecurity workforce that even rising wages can’t seem to alleviate.
Yet with more money comes more problems, with a recent Chartered Institute of Information Security (CIISec) report showing that those in the post are over indexing on stress.
Salaries on the rise but stress persists
According to CIISec’s State of the Security Profession report, the average salary for UK-based cybersecurity professionals now stands at £87,204 (US$112,451).
This is more than double the national average wage and represents a substantial real-term increase since 2016, even when adjusted for inflation.
Professionals in the top income bracket are particularly well-compensated, with nearly one in five earning over £150,000 (US$193,428) —a stark contrast to just 7% achieving that figure seven years ago.
This steep rise in wages may appear to be a positive development, particularly in an era of economic uncertainty.
However, the financial rewards are offset by a more troubling trend: many in the sector are under immense stress.
The CIISec report found that over half (55%) of cybersecurity professionals are kept awake at night by job-related anxiety.
For 39%, this stress is so severe it leads them to worry about long-term health risks, such as heart attacks. These figures underscore the strain placed on those responsible for fending off digital threats around the clock.
Shortages and growing workloads
Due to changing global dynamics and the introduction of AI, one issue contributing to this problem is the threat landscape has undoubtedly changed.
The CIISec report reveals that cybersecurity professionals are both hopeful and concerned about AI’s impact on their field.
89% of surveyed professionals believe AI could be exploited by cybercriminals, while 71% see it as beneficial for defenders.
Worryingly, 44% of respondents said their organisations lack policies for safely integrating AI—a gap that could leave companies exposed to unexpected vulnerabilities.
“Educating people just entering the industry will be vital, as they’ll be defending against AI attacks for decades to come,” says CIISec CEO, Amanda Finch.
Yet despite these new issues introducing more work, issues surrounding shortages have persisted for years.
“If the cybersecurity industry wants to attract and keep its talent, it must diversify recruitment practices, hiring based on skills rather than experience or qualifications,” said Amanda.
Currently, barriers to entry—such as rigid degree requirements and experience thresholds—exclude many potentially skilled individuals who may have the aptitude but lack formal credentials.
By focusing on skills, companies could draw in candidates from non-traditional backgrounds, including those with self-taught expertise or transferrable skills from other fields.
Sustaining cybersecurity staff
The data is clear: while cybersecurity professionals in the UK are better paid than ever, this comes with a high cost.
As threats become more advanced, the burden on this essential workforce grows, leading to burnout and a shortage of qualified staff. The escalating stress levels highlight that salary alone is not enough to retain talent in this high-pressure field.
As the World Economic Forum’s (WEF) projection of an 85-million-worker global shortfall looms, the need for action is more urgent than ever.
Only by addressing stress and building resilience can the industry hope to keep up with the growing demand for cyber protection and maintain a stable workforce capable of defending against the next generation of threats.
******
Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024
******
Cyber Magazine is a BizClik brand