According to a recent report by IANS Research and Artico Search, chief security officer turnover is declining from 21% in 2022 to 12% in 2023 and to 11% annually in the first half of 2024. This means that opportunities to increase compensation through job changes are limited.
“The main culprit is macroeconomic conditions,” Nick Kakolowski, chief research officer at IANS Research, told CSO. “There are early signs of momentum, and with 75% of CISOs open to changing jobs, we expect turnover to recover in 2025.” I predicted carefully.
According to IANS Research, CISOs who changed positions saw their compensation increase by 31% on a largely stock-based basis, significantly outpacing standard performance-based pay increases. Security leaders who worked across multiple companies or industries earned 65% more than their peers who stayed at one company.
IANS Research analyzed detailed compensation data of over 750 CISOs across various industries. Results show that despite slowing hiring and shrinking budgets, CISO compensation remains high, with average compensation exceeding $500,000.
CISOs looking for their next destination
A separate report from Blackfrog found that nearly a quarter (24%) of cybersecurity leaders are actively considering a career change.
The vast majority (93%) of security executives considering a career change said that stress or work demands were factors that influenced their decision to change jobs.
Charlie Lyman, co-founder of Trident Search, a professional recruiting company, analyzed that although CSO salaries and benefits are still high, the salary growth rate of CISOs is being suppressed compared to mid-level executives due to the large number of senior executives looking for new roles.
Lyman explained that advances in cybersecurity automation over the past two years have created an oversupply of highly skilled executives in the job market that outstrips demand.
“Over the course of a standard tenure of 18 to 24 months, some CISOs have unintentionally automated their own roles by implementing technologies that streamline their security functions and reduce the need for additional staff,” he added.
Companies are streamlining operations to reduce roles they deem less critical, especially those that can leverage new technologies. The current somewhat depressed economic environment is making the problem even worse.
“Many companies are hesitant to increase their security budgets, so hiring is slowing down,” Lyman explained. “When the market becomes more lively, people who are dissatisfied with their roles may decide to change jobs right away, but many executives are just gritting their teeth and paying year-end bonuses. “I have decided to keep my position while waiting for more employment opportunities to come.”
Some large companies still offer impressive salaries, but these positions are rare. “It will be more difficult for people without exposure to the latest technologies or digital transformation projects to secure new positions, and with the majority of CISO positions being filled through referrals or headhunting, upskilling and networking are important,” Lyman advises.
Professional growth opportunities are important
Benson Varghese, founder of U.S. law firm Varghese Somerset, said companies are increasingly placing importance on the stability of their cybersecurity leadership.
“Many companies are offering retention bonuses and long-term incentives to keep key employees stable. Stock-inclusive pay terms are especially attractive because they align the CISO’s interests with the company’s long-term success. “It’s like giving someone a stake in the fortress they are protecting.”
Factors that drive CISOs to seek new roles include a desire for new challenges, opportunities for advancement, and the dynamism to make a significant impact.
“While financial incentives such as retention bonuses and stock packages play an important role in reducing turnover, it is the intangible aspects such as professional growth opportunities and cultural fit that truly drive CISO commitment,” Varghese said.
There is a trend to comprehensively consider various conditions in addition to salary.
Tarindu Fernando, technology expert at NetSpeed Canada, says the decline in turnover isn’t just due to retention bonuses.
“As we developed our healthcare platform, we saw first-hand how important it is to have a stable and experienced security leadership,” said Fernando. “Companies are increasingly looking to strengthen comprehensive integration requirements, such as not only salary, but also equity shares, benefits, and even executive liability insurance. “It’s a trend,” he said.
Ultimately, as economic uncertainty increases, both companies and CISOs make safe choices. Fernando summarized the current situation by saying, “Companies are hesitant to find a new CISO, and executives think twice before finding a new CISO.”
editor@itworld.co.kr
Source: www.itworld.co.kr
