Cybersecurity Compensation Trends (USA)

Cybersecurity Compensation (USA) Report
Cybersecurity Compensation (USA) Report:

Since the outbreak of COVID-19, cyber-attacks have increased exponentially in the United States as businesses were unprepared for such attacks and lacked the proper personnel to safeguard their digital assets. For eleven consecutive years, the United States has been rated as the leading country in terms of the average total data breach cost, which is a staggering $9.05 million – more than double the global average. The healthcare industry incurs the highest cost of a breach, followed by finance, pharmaceuticals, technology, and energy. 

To deal with the continuous cyberattacks, companies in the United States have spent more than $150 billion in 2021. This is a 12% increase compared to 2020, with half of the spending on security software. As a result, security software has become a priority for companies, as it is crucial in safeguarding network and application access and detecting cyber threats. 

The demand for cybersecurity professionals is outstripping the supply, as businesses in the United States require an additional 500,000 highly skilled professionals to overcome security threats. Demand for cybersecurity talent is similar for large and small companies due to major cyberattacks in recent history. However, large firms can grab the bulk of the talent by offering higher wages and better incentives.  

In 2020, the median salary for a cybersecurity professional in the United States was $103,590. That same year, the median salary for all workers in the United States was $41,950. As you can see, working in the cybersecurity field pays more than twice as much as the average job in the United States. On top of that, a cybersecurity job pays $12,700 more per year on average than other IT jobs. 

The core-cyber roles focused on cybersecurity are offered a higher salary than the core-enabled roles, as there is a greater demand for skillsets in this area. For example, the role of cybersecurity architect is in greater need and often pays more than US $150,000 per year. 

The Federal Government has been failing to attract highly ranked professionals as they cannot match the wages offered by the private sector due to budget constraints. In addition, the hiring process often takes longer in the government sector, which deters many top candidates from applying for roles. 

According to Global Knowledge’s 2020 IT Skills and Salary Survey, having a cybersecurity certification can earn you up to US$18,000 more than your non-certified counterparts. According to the survey, the top-ranked cybersecurity certifications are CISM, CRISC, and CISA. 

In terms of top-paying cities for cybersecurity analyst positions, San Francisco takes the lead with a median salary of US$90,000. Washington, DC, and New York following closely behind.  

Financial services, on average, spend 10% of their IT budgets on cybersecurity, which equates to approximately 0.2% to 0.9% of company revenue, or $1,300 to $3,000 spent per full-time employee.