GoKawiilDenis Medvedev via iStock / Getty Images Plus
Follow ZDNET: Add us as a preferred source on Google.
ZDNET's key takeaways
There's a big mismatch between demand and rewards in cyber.
Working pressure is only likely to increase due to the use of AI.
Security staff should focus on strategy and communication skills.
Almost 20% of organizations have reported a major security attack in the past two years, and the threat environment, whether due to criminal activity or the rise of new AI-enabled models, such as Anthropic's Mythos, continues to evolve at breakneck speed. However, the cybersecurity professionals who help their enterprises manage these challenges don't feel adequately rewarded -- and most are fed up with the situation.
That's the conclusion from the newly released Harvey Nash Global Tech Talent & Salary Report, which surveyed over 3,646 technology professionals globally. While 19% of respondents reported a major attack at their firm in the past 24 months, those working in the security specialism were the least likely to report a pay increase over the last year.
Also: These 4 critical AI vulnerabilities are being exploited faster than defenders can respond
Only 29% of cyber professionals said they'd received additional compensation for their efforts, which is in stark contrast to other roles, where at least half of tech professionals received a pay increase in 2025, specifically in DevOps (56%), product management (51%), and business analysis (50%).
... continue reading