cyber trends half ( 54 %) identified burnout as their most significant personal risk , up from 48 % in 2022 .
To address this , organisations must prioritise succession plans and / or retention strategies to prevent CISOs from exiting unnecessarily . There is room for hope , however , as 80 % of respondents agree that , within their roles , they are able to invest in leadership and development to build or enhance team capabilities .
More opportunity for CISOs though challenges remain
The demand for cybersecurity leadership and the specialised skills that come along with it , as well as diversity in executive positions , has become increasingly crucial within organisations , executive teams and at the board level . The survey sheds light on the fact that companies are now seeking to broaden their horizons , venturing beyond traditional industry-and IT-specific criteria when selecting CISOs . They are actively searching for the most qualified executives for the role , with a focus on diversity in terms of gender , race or ethnicity , as well as industry and functional expertise .
While the role of the CISO is increasing in importance , many organisations aren ’ t prepared for the long run . The survey found that almost half ( 41 %) of respondents say their company does not have a succession plan in place for the CISO role , though more than half of those that do not have a plan are developing one . This underscores the need for organisations to prepare for unforeseen departures of CISOs and ensure they have a solid plan developed to seamlessly transition responsibilities .
Furthermore , the survey reveals that while over half of respondents expressed a belief that their corporate board possesses only partial or no knowledge and expertise required to effectively respond to cybersecurity presentations , only 30 % of CISOs currently sit on a corporate board . This is a notable leap from the 14 % who said the same in the prior year , yet still unveils a concerning gap in board expertise .
“ It is encouraging to see a leap in the number of CISOs sitting on corporate boards , but there is still work to be done in terms of board knowledge and expertise in cybersecurity ,” added Scott Thompson , Partner at Heidrick & Struggles . “ And while we applaud the increase in CISOs on boards , other executives can serve as cyber experts on boards including CIOs , CTOs , GCs , Chief Risk Officers and many others . One size does not fit all – each board can decide what kind of cyber expertise fits its needs . But this is no longer an area boards can ’ t take seriously .”
As risk heightens , so does CISO compensation
As seen in previous surveys , CISOs across regions are seeing increased compensation . From an industry perspective , CISOs in the financial services industry reported the highest average total compensation , while those in the technology and services industry received the highest average annual equity / LTI .
Compensation trends by region :
• US : Similar to previous years , US CISOs generally report the highest compensation . For CISOs in the US , reported median total cash compensation increased 6 % year over year , to US $ 620,000 in 2023 . Median total compensation , including any annualised equity grants or long-term incentives , also increased , up to US $ 1,100,000 this year .
• Europe : The average total cash compensation for CISOs in Europe was US $ 457,000 . Average total compensation , including any annualised equity grants or long-term incentives , was US $ 552,000 . As in the US and Australia , those in the financial services industry reported the highest average total cash compensation , at US $ 623,000 . In Europe , those in healthcare and life sciences reported the lowest . Average annual equity / LTI was highest for those in technology and services .
• Australia : The average total cash compensation for CISOs in Australia was US $ 368,000 . Average total compensation , including any annualised equity grants or longterm incentives , was US $ 586,000 . As in the US and Europe , those in the financial services industry reported the highest average total cash compensation , at US $ 501,000 .
The role of the CISO is continuing to evolve to meet the rapid pace of disruption and new challenges organisations face every day – and with that , leaders must recognise their unique yet important position in organisations . u www . intelligentciso . com
21