CISO wages 'hit €1m' as firms seek top security talent
Protecting a business from cyber attacks has moved beyond the IT manager's position
Businesses are increasingly appointing chief information security officers (CISOs) to oversee their security, paying them upwards of 1million (850,000) to keep businesses safe from hacks, according to DHR International.
The executive search firm explained the move is in response to an increase in the number of attacks and mounting costs of cyber threats to businesses.
"It's no surprise to see the financial value that top European firms now place on the role of CISOs, particularly given that the GDPR will be coming into effect a year from now," Cindy Provin, chief strategy officer at Thales e-Security said.
"More importantly however, these figures are evidence that the startling rise of cyber-attacks year-on-year has caused boardrooms to recognise the dangers of hacking for companies' bottom lines, reputation, customer retention and employee confidence."
The WannaCry ransomware is a great example of the severity of a cyber-attack, DHR International, affecting a huge array of businesses, including public services such as the NHS. Tens of thousands of companies were hit across 150 countries and DHR International explained the impact was evident.
"CEOs have started to lose their jobs over data breaches and the financial impact of some individual data breaches now runs into the tens or hundreds of millions of euros," added Gert Strzebecher, Partner at DHR International.
"An issue as serious as that gets its own seat at the board. Every corporate wants to avoid being the first major company put out of business by a cyber-attack that has got out of control."
Previously, it would have been an IT manager's role to take control of cybersecurity strategy, but it's now grown into a senior management role in its own right, with the main duties designing, implementing and managing cyber security, carrying out the testing to make sure criminals can't break through defences and responding to problems when they occur.
"In order for companies to prevent the sensitive data from falling into the hands of a malicious hacker, and becoming tomorrow's headlines, it is critical that boardrooms feature cyber and data security prominently on their agendas," Provin added.