The average annual cash compensation for a functional department leader (such as a head of SecOps) at a Fortune 500-size company is 40% higher than the average for the same role at midsize security organizations.

A functional department leader, such as a head of SecOps, at a Fortune 500-size company earns an average annual cash compensation of $307,000.

The average annual cash compensation for a functional department leader (such as a head of SecOps) at large security organizations is $247,000.

The average annual cash compensation for a functional department leader (such as a head of SecOps) at a Fortune 500-size company is about 25% higher than for the same role at large security organizations.

Organisations relying solely on security awareness training (SAT) have visibility into only 12% of risky behaviour.

88% of organisations in financial services saw their apps attacked.

88% of organisations in financial services saw their apps attacked.

More than nine-in-ten of organisations saw their apps attacked in telecoms.

7% of CISOs said their growth in compensation was driven by a change in employers, and this group received an average increase of 31%.

70% of CISOs indicated any raises they received were annual merit-based increases, which on average were 6%.

Strategic CISOs have an annual cash compensation of around $545,000, compared to $385,000 for functional CISOs and $291,000 for their tactical counterparts.

Dual CISOs at large organizations earn an average total compensation (including equity) of $1 million, whereas those who only take on partial IT oversight are closer to the average of traditional CISOs who manage none of the IT functions ($653,000).