Cybersecurity professionals are almost as likely to not recommend their company as endorse it, according a Feb. 20 report from IANS Research.A study of IT security professionals also found that low morale and waning corporate confidence were rampant. The results suggest that many workers are less than thrilled with their current situation and are looking to move on.Along with IANS Research, the “2025 Compensation Benchmark Report” was conducted with Artico Search and compiled responses from over 500 cybersecurity professionals from the U.S. and Canada between June 2024 and December 2024.Only 33% of those polled would recommend their organization to fellow security professionals, while just over 1 in 4 said they were unlikely to give an endorsement for their employer.“Our research shows one-third of cybersecurity staff and management are promotors,” IANS wrote.“Meanwhile, 28% fall into the detractors category.”The report noted that while the results are not a direct indicator of employee attrition, the responses pointed towards conditions that would lead to security professionals looking to leave a company.An even better indicator was when professionals are asked whether they are looking to leave their current jobs, to which the answer was a resounding “yes.” Overall, 60% of those surveyed said they were either actively looking to find a new position or would consider leaving their current employer for another organization.Those answers varied based on the respondents’ role within the company, and interestingly it was those at the top who were least satisfied.Almost 70% of department heads answered “yes” or “maybe” when asked if they were looking to change their employer within the next 12 months. Meanwhile, those classified as functional staff were considerably less likely to be planning a move.However, those figures come with a caveat: In this case, talk often does not lead to action“Notably, only 9 of respondents reported having changed employers in the past 12 months,” the report notes, “highlighting that, while actual turnover has been low, the expressed intent to leave may reflect latent engagement issues that warrant attention.”Keeping up with overall trends in the IT market, regional variation plays a significant role in what security professionals can expect to be paid. In many cases, organizations factor in local cost of living when setting their salary ranges for security professionals.On the West Coast, the average base salary was $200K, while professionals in the southeast U.S. would only expect to make around $137K, not factoring in bonuses and stock grants.The report noted that while the cost of living could play a factor, the nature of the organizations in the region is also significant when deciding salary. For example, the large number of finance and biotech companies in New York and New England were willing to pay top dollar, as were the tech giants and engineering companies on the West Coast.Not surprisingly, the recommendation for companies looking to hire and retain security professionals was fairly simple: pay them well and offer opportunities for advancement.
