Heidrick and Struggles, global executive search and leadership consulting firm, has published its 2021 Global Chief Information Security Officer (CISO) Survey. The report, which took place in March and April of 2021, analyses how the CISO role is structured, to whom they report and who reports to them, and data on compensation including current base salary, bonus for the most recent fiscal year, and annualized equity or long-term incentive pay, as well as joining bonuses. The study found that the recent pandemic as well as the growth of modern technology has made cybersecurity a real concern and the importance of CISOs has grown exponentially as a result.
The 2021 Global Chief Information Security Officer (CISO) Survey, with 354 respondents, found that the focus of CISOs is no longer on endpoint security, at 13%; it is now aimed towards network / cloud security, Identity / access management and data security, at 47%, 38% and 35% respectively. This highlights the importance firms are putting on their digital security and customer privacy. With cyber-attacks and ransomwares becoming more common, the attention of organisations must be moved towards prevention instead of remedy.
Commenting on the findings, Guy Shaul, Principal at Heidrick & Struggles, London said: “Cyber attacks are at the height of popularity recently and the pandemic has caused most things to turn digital, thus the security risks have also been raised. The total number of breached records was almost 4 million, as of June 2021. With this growth, the role of the CISO has expanded with it, their advice to boards and firms are of high importance and one that must be taken seriously. A company’s revenue is at stake.”
Adam Vaughan, Partner at Heidrick & Struggles, London also spoke about the findings: “The role of the CISO has become even more important in the past year, as digital technologies became more prevalent and remote working became the norm in many industries," he said.
When comparing US and UK salaries of those surveyed, quite a difference is highlighted. In the US, the overall media cash compensation is $509,000 ($326,000 median base salary and $153,000 median bonus) whereas in the UK this is the equivalent of $421,000 (£306,000 overall; constituted of £226,000 median base salary and £80,000 median bonus). In the UK, median pay by industry ranges from £176,000 to £351,000, depending on the sector.
Considering their role during the pandemic, CISOs were among the many IT professionals who scrambled early in 2020 and made significant contributions to the success of their companies through the pandemic. That was on top of CISOs’ already large portfolios, which cover everything from securing systems from attack to simultaneously managing increased regulatory scrutiny and use of the data these systems contain.