The role of CISOs has grown during pandemic says research

CISOs said the focus is no longer on the endpoint security as it once was but now on data and network/cloud security in the Heidrick and Struggles report.

Heidrick and Struggles, global executive search and leadership consulting firm, has published its 2021 Global Chief Information Security Officer (CISO) Survey. The report, which took place in March and April of 2021, analyses how the CISO role is structured, to whom they report and who reports to them, and data on compensation including current base salary, bonus for the most recent fiscal year, and annualized equity or long-term incentive pay, as well as joining bonuses. The study found that the recent pandemic as well as the growth of modern technology has made cybersecurity a real concern and the importance of CISOs has grown exponentially as a result. 

The 2021 Global Chief Information Security Officer (CISO) Survey, with 354 respondents, found that the focus of CISOs is no longer on endpoint security, at 13%; it is now aimed towards network / cloud security, Identity / access management and data security, at 47%, 38% and 35% respectively. This highlights the importance firms are putting on their digital security and customer privacy. With cyber-attacks and ransomwares becoming more common, the attention of organisations must be moved towards prevention instead of remedy.

Commenting on the findings, Guy Shaul, Principal at Heidrick & Struggles, London said: “Cyber attacks are at the height of popularity recently and the pandemic has caused most things to turn digital, thus the security risks have also been raised. The total number of breached records was almost 4 million, as of June 2021. With this growth, the role of the CISO has expanded with it, their advice to boards and firms are of high importance and one that must be taken seriously. A company’s revenue is at stake.”

Adam Vaughan, Partner at Heidrick & Struggles, London also spoke about the findings: “The role of the CISO has become even more important in the past year, as digital technologies became more prevalent and remote working became the norm in many industries," he said.

When comparing US and UK salaries of those surveyed, quite a difference is highlighted. In the US, the overall media cash compensation is $509,000 ($326,000 median base salary and $153,000 median bonus) whereas in the UK this is the equivalent of $421,000 (£306,000 overall; constituted of £226,000 median base salary and £80,000 median bonus). In the UK, median pay by industry ranges from £176,000 to £351,000, depending on the sector.

Considering their role during the pandemic, CISOs were among the many IT professionals who scrambled early in 2020 and made significant contributions to the success of their companies through the pandemic. That was on top of CISOs’ already large portfolios, which cover everything from securing systems from attack to simultaneously managing increased regulatory scrutiny and use of the data these systems contain.


Featured Articles

IT and OT security with Ilan Barda, CEO of Radiflow

Cyber Magazine speaks with Radiflow’s CEO, Ilan Barda, about converging IT and OT and how leaders can better protect businesses from cybersecurity threats

QR ‘Quishing’ scams: Do you know the risks?

QR code scams, or Quishing scams, are rising and pose a threat to both private users and businesses as cyberattacks move towards mobile devices

Zero Trust Segmentation with Illumio’s Raghu Nandakumara

Head of Industry Solutions at Illumio, Raghu Nandakumara, offers insight into the proposed ban on ransom payments and how businesses can utilise Zero Trust

Is the password dead? Legacy technology prevents the shift

Network Security

Fake Bard AI malware: Google seeks to uncover cybercriminals

Technology & AI

Gartner report highlights threat of supply chain attacks

Cyber Security