By Trevor Daughney, VP of Product Marketing, Exabeam
Annually, Exabeam conducts a Cybersecurity Salary, Skills, and Stress Survey* to gain insight on trends in the salaries of security professionals, as well as education levels, job satisfaction and attitudes toward innovative and emerging technologies such as artificial intelligence and machine learning.
This year’s survey sheds light on parity gaps in gender and diversity hiring, along with employee burnout and fatigue. Additionally, the survey revealed more positive findings in the industry’s interest in machine learning, job security and stable median salaries.
Persistent Parity Gaps for Gender and Diversity Staffing
When we consider the continuous threats and external adversaries that cyber professionals face, we understand that fighting them often requires a multidisciplinary approach. Building a diverse team of people creates a more holistic view of the problem and delivers a range of valuable problem-solving skills. In that way, diversity truly improves the overall outcomes of the team.
Yet, among the security analysts surveyed in the United States, UK, Canada, India, Australia, and the Netherlands, 91 percent of respondents of the survey were male – up from 90 percent in 2018 – representing the gender disparity in cybersecurity.
A wide racial disparity continues, with African-Americans represented by less than three percent of respondents to the survey. Of the total number of respondents, the majority, or 65 percent, identified as Caucasian. People of Latino/Hispanic descent made up just 13 percent of respondents. Even fewer (9 percent) were Asian followed by people of Middle-Eastern descent (4 percent).
The lack of diversity among the representation in this survey is a microcosm of the wider problem plaguing the cybersecurity industry.
Industry struggles with achieving and maintaining a work-life balance
Stress and work-life balance are important aspects of any profession, and survey participants reported that both factors significantly affected their work—indicating struggles with both burnout and fatigue.
These unfortunate realities of the role are being exacerbated by a skills shortage and an unrelenting barrage of advanced cyberthreats. Sixty-two percent of professionals in the sector cited their jobs are stressful or very stressful, and 44 percent don’t feel they are achieving a work-life balance. Further, while a minority of respondents (40 percent) were actively looking for a new job, more than half (51 percent) said their reasons for doing so were poor compensation and unsupportive senior leadership.
Despite this, 78 percent stated that they would recommend a career in cybersecurity, with 58 percent of participants stating that the challenge in the workplace was the most important aspect of their job.
One obvious strength of the security space is that there are plentiful opportunities to take risks and innovate. However, if employees are stressed, don’t feel supported by executive leadership, or don’t enjoy balance in their lives, it’s difficult to achieve their full potential. Therefore, companies must focus on inclusion and building productive environments where teams can deliver exceptional work.
Automation is welcome and seen as helpful, yet is currently underutilized
When it came to discussing automation, AI and SOAR solutions in their work, 80 percent of participants stated that the tools could improve security in their organizations. Also, 65 percent stated that they did not feel professionally threatened by automation compared to 10 percent who said that they feel threatened.
Despite this feedback, only 16 percent said that they use some sort of automation in their work, and over a third (36 percent) stated that they had no plans to use automation at all, despite that it could help them and improve security.
This suggests that while professionals aren’t worried about automation impacting their jobs negatively and possibly improving their workload, they still prefer to work manually without the assistance of automation technology. This could, in turn, contribute to the increased levels of stress and work-life imbalance reported.
Industry indicates job security
On a positive note, jobs in the security sector have staying power since nearly half (41 percent) of professionals surveyed have been building a career in the industry for 10 years or more. Seventy-one percent say they are satisfied or very satisfied with their jobs and responsibilities, which is a downturn from 2018 when 83 percent of respondents reported their satisfaction. Seventy-six percent feel secure or very secure in their current role. Somewhat unsurprising was that 78 percent of participants said they would recommend a career in cybersecurity.
Median salaries remain stable and in-line with expectations
Unchanged from 2018 were median salaries, which averaged between $75,000-$100,000. Roughly 71 percent of cybersecurity professionals stated that they were either satisfied or very satisfied with their salary, with the highest satisfaction response rates for those earning between $100,000 and $150,000.
Cybersecurity salary breakdowns by demographics provided interesting insights. While only 9 percent of participants identified as women, they reported the same average median salary ($75,000 – $100,000) as their male counterparts. Likewise, while there were less than a dozen participants who identified as African-American, these professionals reported the highest median salaries based on a racial breakdown. Caucasian professionals reported an average median salary range of $75,000 – $100,000.
In an increase from 2018, participants reported increased median cybersecurity salary ranges in Asia, matching North American salaries at around $75,000 – $100,000 per year. Of the new regions we added to our questionnaire, professionals in the Middle East also reported median salaries of $75,000 – $100,000.
Download the full cybersecurity salary report for more on how cybersecurity professionals responded to trends in the field.
*This year’s survey was compiled from an international pool of 479 security professionals who work in cybersecurity, threat management, or information security.
About the Author
Trevor Daughney, vice president of product marketing. Trevor Daughney is Vice President of Product Marketing at Exabeam. Trevor is a marketing executive with a track record of building high performing teams to take enterprise cybersecurity SaaS and software technology and turn them into successful global businesses. Prior to Exabeam, he led enterprise product marketing at McAfee, Ping Identity and Symantec. Trevor approaches marketing with a global mindset and builds on his experiences living and working in the US, Canada, and Asia. He has an MBA from the University of California, Berkeley.