Security practitioner salaries have grown by a considerable amount in the last 12 months, but so has the stress associated with the role, according to new research.
A survey of UK cyber professionals between October 2023 and March 2024, conducted by CIISec, found the average wage for a security worker now stands at £87,205.
This is roughly £10,000 higher than the 2023/24 average which was just above £70,000, and almost £25,000 higher than the £62,144 average salary in 2016/17.
When adjusted for inflation the average salary for a cybersecurity professional in the UK has risen 7% in real terms.
But being remunerated this handsomely appears to come at a cost, CIISec found, with 21% of security staff working long hours that are classified as being ‘overworked’.
The report noted that over half (55%) of the respondents said the stress associated with this was keeping them up at night. The fear of suffering a cyber attack was cited by 39% of respondents as hurting their ability to relax at home.
The financial impact an incident could have on their organization was also a considerable factor fuelling stress among 20% of cyber pros, constituting a five year peak.
CIISec’s report noted that mismanaged intrusions can become notorious and haunt those responsible for mitigating the attack. Accordingly, CIISec found that cyber professionals are twice as likely to remember a poorly handled attack than a well-handled one.
What pushes cyber pros to leave their jobs?
Overall, the State of the Profession report found cyber professionals were less positive about staying in their current role than they were last year.
When asked if they see themselves working for the same employer in two years’ time, 20% of respondents said no, compared to just 13% in 2022/23
Although the majority of respondents reporting the stress associated with their role was keeping them awake at night, stress and overwork were no longer listed as one of the top five reasons for leaving their job, CIISec found.
Instead, professionals cited remuneration as the primary reason for leaving their job, despite the fact that this year constitutes a new high for security salaries.
Scope for progression, insufficient training, poor management, and boring work were listed as the four other top factors pushing cyber professionals to look for new roles.
A Blackfrog study of security leaders from the UK and US challenges this finding however, reporting 93% of respondents said stress and job demands were driving the decision to leave their roles.
Blackfrog reported that 45% of security decision makers said they had used drugs or alcohol to manage their heightened stress levels.
When asked what was fueling this anxiety, 42% said they worried about AI-powered attacks, whereas 37% said malware and ransomware attacks caused them the most stress.
Dealing with the flood of alerts and notifications was another factor fuelling burnout among security professionals, the report found, with 63% of respondents saying their team experiences ‘alert fatigue’ that desensitizes them to the urgency of security events.
Virtually every respondent said they are overworked to some degree, with 98% working on average an extra nine hours per week beyond their contract, and 15% stating they worked more than 16 hours over their contracted time.
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
Cyber attacks against UK firms dropped by 10% last year, but experts say don't get complacentNews More than four-in-ten UK businesses were hit by a cyber attack last year, marking a decrease on the year prior – but security experts have warned enterprises to still remain vigilant.
-
Unlock profitability with Cove Data ProtectionWhitepaper Agile risk management starts with a common language
-
Ransomware missteps that can cost youWhitepaper Agile risk management starts with a common language
-
The big book of selling data protectionWhitepaper Agile risk management starts with a common language
-
London council claims it faces 20,000 cyber attacks per dayNews Hammersmith and Fulham Council reportedly faces up to 20,000 attempted cyber attacks each day.
-
Detection is not enough: Exposed assets require rapid mitigation to reduce and eliminate riskWhitepaper Agile risk management starts with a common language
-
850,000 patients may have been affected in the Globe Life breach after firm revises victim listNews US insurer Globe Life has revealed more than 850,000 patients may have been impacted in a data breach after initially believing only around 5,000 were impacted.
-
Tata Technologies hit by ransomware attackNews A ransomware attack forced the technology provider to shut down several IT services
