- 46% of CISOs identify AI and machine learning as the most critical cyber risk
- 71% of CISOs recognize stress related to their role as the most significant personal risk, up from 59% in 2022.
- 41% of CISOs have no succession plan
- 30% of CISOs are now on corporate boards, up from 14% in 2022.
Chicago, June 21, 2023 /PRNewswire/ — Even as the job market cools, the role of chief information security officer (CISO) is maturing as organizations’ technical needs and risks grow and escalate, according to the report. is. 2023 Survey of Global Chief Information Security Officers (CISOs), It was released today by Heidrick & Struggles (Nasdaq: HSII), a leading provider of global leadership advice and on-demand talent solutions. To ensure success and continued organizational sustainability, organizations and leaders must recognize her CISO’s critical role and prepare for the future. This includes considering robust succession planning, investing in cybersecurity expertise and leadership development, and offering competitive compensation packages.
An additional survey by Heidrick & Struggles found that 76% of CISOs were very or completely willing to change companies over the next three years, highlighting the importance of succession planning and their focus on retention strategies. More emphasis is put on.
“The growing importance of cybersecurity in today’s landscape and the increasing professional and personal risk organizations face, has led to a major shift in the role of the CISO,” he said. Matt Aiello, partner of Heidrick & Struggles. “Leading-edge companies are taking steps to de-risk the CISO role while also improving their overall cyber We are strengthening our program.”
Occupational and personal risks have never been higher
The role of the CISO continues to grow in importance as digital technologies, especially artificial intelligence, become more prevalent and concerns over cyberattacks, especially ransomware, rise. When it comes to organizational risks, 46% of CISOs cite artificial intelligence and machine learning as the most significant, followed by geopolitical risks (33%) and cyber risks such as ransomware, malware, insider threats and nation-state/state attacks. attacks (19%). . More than half of respondents said they do not believe the most critical cyber risks threatening them today will be the same five years from now.
Along with technological advances and more sophisticated threats, CISOs are also facing increasing pressure to stay ahead of the curve, leading to stress and burnout. This continues to be the top personal concern for CISOs each year, as evidenced by his 71% of respondents who said it was related to stress. The most significant personal risk to his role is a worrying uptick from his 59% in 2022. 54% cite burnout as their most significant personal risk, up from 48% in 2022.
To combat this, organizations should prioritize succession planning and retention strategies to prevent CISOs from leaving unnecessarily. However, there is room for hope, as 80% of her respondents agree that, within her role, she can invest in leadership and development to build or enhance the capabilities of her team.
Challenges remain, but more opportunities for CISOs
Cybersecurity leadership and the associated professional skills, as well as the demand for diversity in executive teams, are becoming increasingly important at the organizational, executive and board levels. The survey highlights the fact that companies are now looking to broaden their horizons beyond traditional industry- and IT-specific criteria when selecting a CISO. They actively seek out the best-suited executives for the role, focusing not only on industry and functional expertise, but also on gender, racial and ethnic diversity.
While the role of the CISO has grown in importance, many organizations are unprepared for the long-term outlook. Nearly half (41%) of the respondents in the survey said their company does not have a succession plan in place for his CISO role, but more than half of the companies that do not have plans do. I found it inside. This underscores the need for organizations to prepare for his CISO’s unexpected retirement and develop a solid plan for a seamless transition of responsibilities.
Additionally, the survey found that more than half of respondents said their company’s board of directors has only partial or no knowledge or expertise necessary to effectively respond to cybersecurity presentations. while expressing their belief that only 30% of CISOs currently serve on their boards. This is a notable increase from the 14% who gave a similar response last year, but it still reveals a worrying gap in board expertise.
“While the number of CISOs on corporate boards is increasing exponentially is encouraging, there is still work to be done in terms of board cybersecurity knowledge and expertise,” he added. Scott Thompson, partner of Heidrick & Struggles. “While we applaud the increase in CISOs on the board, other executives, including CIOs, CTOs, GCs, chief risk officers and many other executives, can also serve as cyber experts on the board. One size. does not fit all, each board can decide what kind of board can decide.” Cyber expertise fits that need. But this is no longer an area that boards cannot take seriously. ”
As risk rises, so do CISO rewards
As seen in previous surveys, CISO compensation in each region is increasing. From an industry perspective, financial services CISOs reported the highest average total compensation, and technology and services CISOs reported the highest average annual equity/LTI.
Compensation trends by region:
- America: As in previous years, US CISOs generally report the highest pay. For CISOs usareported a 6% year-over-year increase in median total cash compensation, $620,000 Median total compensation, including annualized equity subsidies and long-term incentives, also increased, up to 2023. $1,100,000 this year.
- Europe: The average total cash compensation for CISOs is Europe was $457,000. Average total compensation, including annualized equity grants or long-term incentives, is $552,000.like usa and Australiathose in the financial services industry reported having the highest average total cash rewards. $623,000.of Europe, those in healthcare and life sciences reported the lowest. Technology and services had the highest average annual capital/LTI.
- Australia: The average total cash compensation for CISOs is Australia was $368,000. Average total compensation, including annualized equity grants or long-term incentives, is $586,000.like usa and Europethose in the financial services industry reported having the highest average total cash rewards. $501,000.
The role of the CISO continues to evolve in response to the rapid disruption and new challenges organizations face every day. Along with that, leaders need to recognize their unique and important place within the organization.
regarding 2023 Global Chief Information Security Officer (CISO) Survey
annual Survey of Global Chief Information Security Officers (CISOs) Consider both organizational structure and compensation for this increasingly important role. For this report, Heidrick & Struggles compiled organization and compensation data from his Spring 2023 survey of 262 of her CISOs worldwide. Although most hold the title of chief information security officer, respondents also include chief security officers and senior information security executives. This report contains organizational data from respondents. usa, Europeand Asia Pacificand respondents’ compensation data usa, Europeand Australia.
About Heidrick & Struggles
Heidrick & Struggles (Nasdaq: HSII) is a leading provider of global leadership advice and on-demand talent solutions, serving the senior-level talent and consulting needs of the world’s top organizations. In our role as trusted leadership advisors, we work with our clients to develop future-ready leaders and organizations in areas such as executive search, diversity and inclusion, leadership assessment and development, organizational and team acceleration, culture shaping, and more. Integrate our services and offers in – Independent talent solutions on demand. Heidrick & Struggles pioneered the profession of executive search over 65 years ago. Today, the company offers integrated talent and human capital solutions, helping one team of leaders at a time to change the world for their clients.® www.heidrick.com
media contact
Bianca Wilson
Americas Public Relations Director
Hydrick and the Struggle
bwilson@heidrick.com
View Original Content: https://www.prnewswire.com/news-releases/heidrick–struggles-annual-ciso-survey-reveals-ai-and-machine-learning-pose-the-most-significant-cyber -risks -while-stress-levels-reach-new-heights-301853479.html
Source: Hydrik and the Struggle
