Chief Information Security Officers supervise information systems for their organization, and are in charge of coming up with, proposing, and implementing workable solution for minimizing security threats the organization faces.
It is a complex and stressful job, and CISO salaries have been rising and rising in the last few years, fueleded (no doubt) by the data breaches, ransomware and cyber espionage attacks that have become a daily occurrence.
“CEOs have started to lose their jobs over data breaches and the financial impact of some individual data breaches now runs into the tens or hundreds of millions of euros,” Gert Stürzebecher, a partner at recruiting firm DHR International, told City AM.
With the negative impacts these breaches have on the companies’ bottom line, as well as the looming deadline when the General Data Protection Regulation is set to take effect (May 2018), it’s no wonder that the salary for some Chief Information Security Officers at top European firms is slowly reaching the €1 million mark.
With the advent of the General Data Protection Regulation, companies face fines that could go up to €20 million or 4% of their total worldwide annual turnover (whichever amount is greater). Until that day comes, the maximum fine they can receive for a data breach is much, much lower.
Add to all this the explosion of cyber attacks companies are hit with, and you can see why the demand for a good CISO is on the rise and, suddenly, such an expert seems a good investment for bigger firms.
Unfortunately, as the average CISO pay continues to rise, and the pool of quality CISOs continues to be limited, smaller companies will be simply priced out. They will have to make do with less talented and/or unproven security officers, and live in the hope that the impact of a breach is not disastrous.