Skip naar inhoud

Is tech team remuneration opening up a new form of cyber risk?

Wilt u deze bijdrage aanbevelen? Dat kan via:

Failing to reward cyber security staff in line with increases for other members of the tech team could open up new risks to organisations
It has always a difficult balance for any CTO to ensure that remuneration and reward are spread evenly and fairly across a tech team that encompasses many skills and roles. Every contribution is important and, through the pandemic especially, there are few areas of tech teams that haven’t been putting in long hours to keep organisations functioning and responding with agility and resilience to extremely challenging times.

One of the really key areas of the tech workforce is cybersecurity. About 40% of organisations have experienced an increase in cyberattacks during the pandemic due to the move to remote working, according to the most recent Harvey Nash/KPMG CIO survey. The peak of remote working may be about to come to an end – in the UK at least – but the more hybrid models that most businesses are likely to move to will also present plenty of opportunities for cyber criminals to try to exploit. The upward trend is almost certain to continue.

Couple that with the familiar picture of cyber skills shortages – cybersecurity is rated the most acute shortage area in the whole of tech – and, clearly, attracting and retaining cyber professionals must be among the top priorities of any tech leader.

Despite all these factors, businesses are running the risk of losing the cyber talent they have by failing to reward staff in line with other areas.

The 2021 Harvey Nash Tech salary & hot skills report, in which we conducted research among almost 6,000 technology professionals from around the world, including key markets such as the UK, the US, Australia and Germany, found that two-thirds (67%) of cyber professionals have seen their pay either decrease or stay the same during the pandemic. This compares poorly with many other tech roles.

Our data shows that organizations have instead chosen to focus on rewarding those roles that are related to releasing value and creating agility for the business. Therefore, the top three roles to experience pay rises have been development management/team leadership (59%), design/UX/UI (50%), and quality assurance (50%).

Those working as a CISO or security specialist, meanwhile, were ranked just joint 14th among technology roles worldwide receiving a pay rise in the past 12 months.

Attraction and retention challenge

Of course, it’s not that cyber professionals aren’t well rewarded. We found that the typical permanent salary in the UK for a cybersecurity expert is £75,000, and many well over £100,000, putting them joint fifth on the list of tech-related roles.
Nevertheless, if security professionals see others in the tech team receiving higher increases than them (and people do talk), there will be a demotivating effect. If reward increases don’t keep pace with other roles, the danger is that shortages and the war for talent will become even worse. It will become harder to attract and retain the talent needed as cyber professionals become less loyal, or even begin to specialise in other high-demand areas instead.
Clearly, rewarding staff involved in front-end activities that generate value and increase agility is critically important, but there is a balance to be struck. The signs are that reward strategies have tipped too far in one direction. This could open up a new kind of cyber risk as organisations struggle to attract and retain the security teams they rely on.
Cybersecurity has been a high priority for a number of years, and during that time, remuneration has generally reflected demand. But it seems that the recent crisis has broken that connection as organisations, understandably, have turned towards the customer. Now, though, as we move beyond the crisis, we need to turn back to investing in cybersecurity.
After all, no customer-facing investment will truly deliver value if it fails to deliver customer trust. As many organisations know, the moment their systems are compromised or customer data is breached, trust evaporates quickly and is very hard to rebuild. One saying I often return to is: “Reputation arrives at foot and leaves in a Ferrari.” For me, this really sums it up. Reputation is hard-won and takes time. But the minute trust is broken, it shoots off into the distance.

Getting the balance right

There is no magic solution here – CTOs have finite budgets and can’t hand out generous pay rises to everybody in the entire team every year. They also need to be wary of price escalation – creating a salary war that becomes unaffordable.
Therefore, it comes down to that question of balance, looking across the tech team and thinking about the total mix. It’s also about evaluating the whole reward package, not just headline salaries. Many individuals value additional benefits (pension contributions, health cover, gym memberships, and so on) very highly, as well as flexible working and lifestyle arrangements, and are willing to sacrifice some salary in return. So tech leaders need to bring that lens to the issue as well.
The signs are that reward strategies may have got a little out of kilter – but good CTOs working closely with their HR teams should be able to find ways of putting it back into balance again.

Lees ook:

Help een jongere zijn studie door, doneer nu je oude laptop.

Het zal u vast nog niet ontgaan zijn, maar door de hoge inflatie is alles duurder geworden. In sommige gevallen zelfs te duur, zoals een nieuwe laptop voor een studie.

Wat wil en wenst de ontwikkelaar?

In een krappe ict-arbeidsmarkt is het voor werkgevers interessant te weten wat er onder ontwikkelaars leeft. Bedrijven die de juiste tools bieden, hebben een streepje voor. Een internationaal onderzoek onder ruim zeventigduizend ontwikkelaars uit de Stack Overflow-community geeft inzicht in de trends. Dit rapport is bij recruiters dan ook niet onopgemerkt gebleven. Ze krijgen zo een beeld van hoe developers leren en meer kennis vergaren, welke tools ze gebruiken en waaraan ze behoefte hebben.

TNO: Europa kan tech-overmacht VS en China doorbreken

Zet vol in op de ontwikkeling van 6G, maak Gaia-X volwassen, loop voorop met edge computing en omarm open technologie. Dit zijn enkele aanbevelingen van TNO om in Europa de overheersing van Big Tech en Chinese (5G-)bedrijven te doorbreken.

Subpostmaster campaigning forces government to set up compensation scheme and make interim payments

Subpostmaster campaign group is a step closer to achieving what it was originally set up to do as government launches compensation scheme for its members who did not receive fair payouts

Advies: wacht met 3,5 GHz tot Inmarsat weg is

Het duurt waarschijnlijk tot eind 2023 voordat de 3,5-GHz-frequentieband beschikbaar komt voor openbare mobiele-communicatiediensten. Er is weliswaar veel vraag naar extra frequentieruimte, maar op de daarvoor afgesproken 3,5-GHz-band kan dat storen met noodoproepen van de lucht- en zeevaart. Het ministerie krijgt het advies te wachten totdat satellietbedrijf Inmarsat is verhuisd van het Friese Burum naar Griekenland.

Na sase komt sse (security service edge)

Security service edge (sse) is de evolutie van het sase-framework van Gartner. Door de letter ‘A’ (voor ’access) te verwijderen, wordt duidelijk dat het netwerk niet langer wordt beschouwd als onderdeel van een beveiligingsoplossing. Het is slechts het mechanisme dat de datastromen naar het security- en controleplatform transporteert.

Wilt u deze bijdrage aanbevelen? Dat kan via:

Klaar voor de beste oplossing voor uw IT & ICT-situatie?

Ik heb mijn wachtwoord gewijzigd in “onjuist.” Dus wanneer ik vergeet wat het is, zal de computer zeggen: “Uw wachtwoord is onjuist.”