Security analysts in North America get significantly higher salary than in EMEA and APAC.

Edward Gately, Senior News Editor

December 20, 2019

8 Min Read
Cybersecurity Roundup, security roundup
Shutterstock

If you’re a cybersecurity professional and your New Year’s resolution is getting a new job, there are a lot of things to keep in mind in terms of opportunities and pay.

Cynet has released the results of its 2019 survey of cybersecurity professionals, examining pay rates measured against employee achievements, education, skills and more. More than 1,300 participants from diverse industries globally participated in the survey, which was administered this quarter.

Yiftach Keshet, Cynet‘s director of product marketing, tells us one of the drivers of the survey was to gain more detailed insight into what may be limiting qualified candidates from potential job opportunities.

“What the survey showed is that, indeed, there are certain employee attributes that could be reducing the qualified pool of potential employees,” he said.

For cybersecurity professionals planning post-holiday job searches, there should be a focus not just on education, but actual skills in order to differentiate a cybersecurity candidate’s capabilities from potentially competitive applicants, Keshet said.

“As having high-value skill sets were more closely related to higher compensation, the data justifies security professionals continually building upon their knowledge base,” he said.

The data backs detailed salary profiles for five popular security positions: security analyst, threat intelligence specialist, security\cloud security architect, penetration tester and security director\manager.

Among the findings:

  • Security analysts in North America get significantly higher salary than in EMEA and APAC, with more than 80% earning between $71,000 and $110,000. In contrast, less than 35% in EMEA and 21% in APAC earn equivalent salaries.

  • All analyzed positions feature similar salary range distributions for both employees with or without a degree in computer science or a related engineering field.

  • Banking and finance provide the highest salaries in the industry, for both strategic management and tactical positions.

  • Individuals were analyzed across all positions; quality professionals with little experience were at the top of the payment curve, while seasoned veterans were at the bottom.

  • Individuals that pivoted from an IT occupation to a cybersecurity position earned more than their peers who started out in cybersecurity.

  • With the exception of security analysts, all other positions included periodic bonuses with annual rates ranging from 1%-10%.

  • There is a significant shortage of women in security positions, with the highest percentage in the 20-29 age group with 6% in overall positions.

  • Within the five analyzed positions, the highest percentage of women were found in the security director/manager position at a rate of 10%.

“The No. 1 most surprising finding was that a cybersecurity professional’s portfolio of skills was of equal or more importance when it comes to earning higher wages,” Keshet said.

The data provides average, low and above average rates of pay as they relate to the IT security position they are assigned to, which will help security providers to better align their pay structures so that they are in a better competitive position to attract and retain talent, he said.

“Whether under the title of CISO, director of security or even CIO, one cannot protect their organization single-handedly,” said Eyal Gruner, Cynet’s…

…founder and CEO. “At the end of the day, a cybersecurity professional is part of a team, which makes recruiting and retaining talent an imperative.”

PSA Adds Defendify to MSSP Program

Defendify, a SaaS-delivered cybersecurity platform designed for small businesses, is a new partner in PSA‘s MSSP program.

PSA is a consortium of professional systems integrators (SIs) and the MSSP program is designed to help SIs diversify their service offerings and “realize the full potential and benefits of a managed services business model,” the organization said.

Aragon-Candice_PSA.jpg

PSA’s Candice Aragon

Candice Aragon, PSA spokesperson, tells us that with Defendify, “the value for our integrators is immense.”

“They can use Defendify to protect their own organizations as well as extend it to their customers,” she said. “This is an easy-to-understand, easy-to-deploy solution at an affordable price structure that will allow our integrators to sell a profitable risk-mitigation solution to their customers.”

PSA’s MSSP program is about a year old, and in that year PSA has added 12 strategic partners with “top-of-class” offerings, Aragon said.

“Likewise, 20% of our integrators have signed on to incorporate recurring revenue into their business models,” she said. “In 2020, we anticipate integrator participation in the program will double. Partnering with PSA means an expanded network, ample learning opportunities, project partnerships and more. Crowdsourcing lessons learned is a key part of combating cyberthreats and PSA is a thought leader in the space.”

Defendify adds multiple layers of protection to existing baseline defenses. Its cybersecurity dashboard offers assessments and health grades, recommendations and reports, policies and procedures, alerts and notifications, a stolen password scanner, employee awareness training tools, scanners that search for vulnerabilities found on IoT and network devices, and more.

“We’re thrilled to partner with PSA and empower its members to succeed with a comprehensive cybersecurity solution that’s simple, affordable, flexible and scalable for their diverse small business customer base,“ said Rob Simopoulos, Defendify’s co-founder. “The Defendify platform provides a single pane of glass, focuses on automation, and works continuously to improve security posture as small businesses grow and threats continue to evolve.”

eSentire, CrowdStrike Team up for Cloud-Delivered Detection and Response

eSentire has partnered with CrowdStrike to bring cloud-delivered detection and response solutions to the midmarket.

Combining the managed threat hunting capabilities of eSentire with CrowdStrike’s endpoint protection solution and  proactive threat-hunting services will help stop advanced threats, eSentire said.

Braden-Chris_eSentire.jpg

eSentire’s Chris Braden

Chris Braden, eSentire‘s vice president of global channels and alliances, tells us his company’s partners will see new opportunities to employ its managed detection and response (MDR) solutions for their customers who have a Linux environment or who rely heavily on cloud infrastructure for their core IT architecture.

“Offering our partners a choice in endpoint detection and response (EDR) and next-generation antivirus (NGAV) vendors enables them to provide the most effective solution to a greater number of customers and prospects,” he said. “Adding CrowdStrike’s endpoint protection capabilities to our platform provides our customers with greater choice. Be it CrowdStrike or Carbon Black, both solutions have earned strong reputations in the cybersecurity…

…community, and we want our customers to be able to choose the right endpoint solution for their needs. We have both MSSP and reseller agreements in place with CrowdStrike.”

eSentire will gain a competitive advantage from the CrowdStrike partnership through the ability to deliver MDR services to more clients regardless of their core operating system, use of cloud platforms or utilization of mobile devices in their workforce, Braden said.

“We will now also be able to offer to our prospects and our partners a simpler route to market for those customers who have already chosen to implement the CrowdStrike platform, and for our channel partners who have already, independently, chosen to resell CrowdStrike,” he said.

“We are partnering with eSentire to ensure that midmarket organizations benefit from the protection of a powerful and proven MDR solution that complements our next-generation endpoint protection solution,” said George Kurtz, CrowdStrike’s CEO and co-founder. “Both companies are committed to delivering simplicity, efficacy and effectiveness of the most advanced endpoint protection, services and security expertise required to stop breaches.”

Asigra to Help Public/Nonprofit Organizations Fight Cybercrime

Asigra, a cloud backup, recovery and restore software provider, has unveiled a new program focused on defending the backup repositories and data of Canadian public/nonprofit organizations against cyberattacks.

The purpose of the program is to ensure the recovery of data that otherwise may have become compromised as a result of malicious malware or ransomware attack loops that prevent the recovery of data and often put large volumes of personally identifiable information (PII) at risk, the company said.

Farajun-David_Asigra.jpg

Asigra’s David Farajun

David Farajun, Asigra’s CEO, tells us the program will create opportunities for new and existing Asigra partners.

“All such participants will generate revenue for the delivery partner, and also provide potential opportunities to supply other services beyond cyber-secure backup services,” he said. “It enables Asigra to give back to the nonprofit sectors community who may be targeted. It drives growth for our partners and therefore for Asigra.”

Like many organizations dealing with a cyberattack, the last resort for recovery relies on a functioning disaster recovery or backup solution in place, according to Asigra. Unfortunately, hackers now have designed ransomware and other malware to seek out secondary storage systems in order to compromise a clean retrieval of the information, it said.

As a result, these organizations no longer have a way to reinstate their data, and therefore are faced with either relinquishing or paying a ransom, which can be especially high for public and nonprofit entities, it said.

As a Canadian company, Asigra is planning to help protect these organizations by partially donating a large percentage of its cybersecurity-enabled backup technology to Canada’s list of public and nonprofit organizations.

Read more about:

MSPs

About the Author(s)

Edward Gately

Senior News Editor, Channel Futures

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like