The rise of the million dollar CISO

No Comments

While the average total compensation for CISOs at large enterprises is $700K, those at $20B+ firms average $1.1M, with top earners exceeding $1.3M. These people are often managing $100M+ security budgets and teams of over 200 staff.

A new report from IANS Research along with Artico Search looks at data from more than 860 CISOs, including 406 at enterprises with $1B+ in annual revenue.

It finds that nearly half of CISOs at $20B+ firms hold EVP/SVP-level titles and meet with boards quarterly. At $1B–$2B companies, only 27 percent report this level of access. Responsibilities are widening too, many CISOs now oversee business risk, digital innovation, and third-party risk -- even as silos remain.

"We clearly see the more senior-level EVP/SVP CISOs are spending their time on change
management, security strategy and cross-functional work, while VP-/director-level CISOs are doing more technical and operational tasks in their day-to-day work," says Steve Martano, IANS Faculty and executive cyber recruiter at Artico Search.

Among other findings large enterprise security budgets range from a few million to over $100 million. On average, companies are spending 0.35 percent of their revenue -- or roughly $3.5 million per $1B.

Among the concerns highlighted budget dissatisfaction ranks highest, especially among CISOs at $1B–$20B organizations. Despite the demands of the job there is a good deal of loyalty, with CISOs at the largest firms averaging over 11 years in their role and often bringing multi-sector experience. However, a third say they are open to new roles within 12 months.

On average, large enterprise CISOs have more than eight years of experience in the role, often
across multiple employers and industry sectors. Organizations in the $20B+ segment
are more likely to employ CISOs with deep, sector-specific experience.

"One of the challenges CISOs face is they have only reported to tech, led technical teams and managed technical budgets," says Matt Comyns, co-founder and president of Artico Search. "When elevating to an enterprise CISO role, the position is less about technical acumen and more about business risk and business alignment. In some respects, the market is training technical leaders in a way that is mismatched from the aspired job of CISO."

You can get the full report from the IANS site.

Image creditJames Group Studios, Inc./Dreamstime.com

No Comments
Got News? Contact Us

Recent Headlines

Instagram announces support for the most commonly used photo aspect ratio

No prizes for guessing what's to blame for the latest problem that stops Windows 11 booting (yep, it's another OS update)

Your WhatsApp status just got a huge upgrade that injects creativity and personality

The rise of the million dollar CISO

Why now is time to build sustainable accessibility into organizational culture

Get your hands on the new Windows Share feature and try out Click To Do enhancements with the KB5058499 update for Windows 11

The launch of Windows Backup for Organizations sees Microsoft making it easier to move to Windows 11

Most Commented Stories

Say 'no thanks' Microsoft Windows 11 and 'yes please' to AnduinOS 1.3

64 Comments

Windows 7 Reloaded solves Windows 11's biggest problem -- download it now

41 Comments

Nintendo says your Switch 2 isn’t really yours even if you paid for it

27 Comments

Move over Windows 11, Windows 12 is the Microsoft operating system we need

25 Comments

Microsoft has finally relented and is giving Windows 11 users the new Start menu they want

23 Comments

Ditch Microsoft Windows for ALT Workstation 11: A Russian Linux distro with a modern GNOME desktop

16 Comments

Trump tells Apple: Make iPhones in America or face 25 percent tariff

15 Comments

Crapfixer 1.0 is here to fix Windows 11 and turn it into the operating system you deserve -- download it now!

13 Comments

© 1998-2025 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.