Cybersecurity: Are Tech Leaders Neglecting Their Security Teams?
In today’s tech landscape, cybersecurity has never been more crucial. With cyberattacks becoming increasingly sophisticated and causing high-profile incidents worldwide, it’s no surprise that the World Economic Forum predicts the global cost of cybercrime to reach a staggering USD $12.2 trillion by 2031, putting cybercriminal operations on par with some of the largest economies.
Despite the undeniable importance of cybersecurity, a concerning trend is emerging among tech professionals, particularly those in cybersecurity roles. According to the latest findings from Harvey Nash’s Tech Talent & Salary Report 2026, cybersecurity professionals are facing a crisis of discontent. Here are some key points from the report:
– Only 29% of cybersecurity professionals received a pay raise in the last year, significantly lower than other tech roles like DevOps and Product Management.
– Cybersecurity professionals rank among the unhappiest in the tech workforce, trailing behind roles like QA/Testing and Infrastructure/Support.
– Less than half (40%) of cybersecurity professionals expect a pay raise in the coming year, indicating a lack of confidence in future rewards.
– Nearly half (49%) of cybersecurity professionals are considering changing jobs in the next twelve months, well above the global average across all roles.
These findings are alarming, especially considering that cybersecurity skills are in high demand globally. It begs the question: are tech leaders neglecting their security teams by not adequately rewarding them?
The risks of under-reward are significant. When cybersecurity teams are not appropriately compensated, supported, and recognized for their crucial role in mitigating business risks, the consequences can be severe. Organizations run the risk of accumulating “risk debt,” where underinvestment in people, tools, and capabilities leads to increased vulnerabilities and operational challenges. This not only impacts the organization’s ability to respond effectively to cyber threats but also exposes them to greater regulatory scrutiny and reputational damage in the event of a security incident.
To address this issue, tech leaders must prioritize investing in their cybersecurity teams. While competitive compensation is essential, it’s not the only solution. Leaders should focus on creating sustainable cyber operating models, providing clear career pathways, training opportunities, and modern tooling to support their teams. Additionally, integrating security into product and engineering practices can help shift the perception of cybersecurity from a barrier to an enabler of innovation.
Furthermore, the rise of artificial intelligence (AI) presents new opportunities for cyber professionals. AI is increasingly becoming a strategic asset for businesses, and cybersecurity experts are well-positioned to lead efforts in responsible AI governance. By leveraging their expertise in identifying and mitigating potential AI-related threats, cyber professionals can carve out new career paths and enhance job satisfaction.
Ultimately, cyber resourcing is a resilience issue that requires strategic attention from organizational leaders. By valuing and supporting their cybersecurity teams, effectively communicating the value of their work to the board, and embracing emerging technologies like AI, organizations can build trust, enhance security posture, and ensure that cybersecurity remains a rewarding and fulfilling career path. Let’s not take cybersecurity for granted; it’s time to properly recognize and empower our cyber professionals.
