Over three quarters of cybersecurity professionals were not granted a pay rise last year, contributing to feelings of being undervalued among half of the workforce and prompting many to consider seeking a new role in the near future.
A new Harvey Nash Global Tech Talent & Salary Report, published on April 27, found that information security professionals were also amongst the most pessimistic about the prospects receiving a pay rise in the next year.
Just 45% of employees in cybersecurity expect that they may receive a pay increase during the next 12 months, the specialist global technology recruitment firm found.
This is a stark contrast with the three quarters of those working AI and machine learning who expect to see a pay increase in the same period.
Cybersecurity professionals are the third most likely group of employees to be classed as unhappy in the technology industry. The Harvey Nash report found that 23% of information security employees described themselves as unhappy in their role, just behind quality assurance and testing staff (24%) and infrastructure and support staff (25%).
Few Organizations Increase Investment in Cybersecurity
This job dissatisfaction comes following several significant cybersecurity incidents which had major consequences during 2025.
For example, the ransomware attack against Jaguar Land Rover had a noticeable impact on the UK economy. Meanwhile, it was revealed that data breach at Change Healthcare was by far the largest ever to hit the health industry.
Despite the magnitude of these incidents, for the most part, cybersecurity professionals said that they haven’t seen any change in attitude to their roles. Just 22% said that their organization had increased resources for cybersecurity following widespread coverage of major incidents.
“The data should be a wake-up call. We’re asking cybersecurity teams to stand on the front line of business risk, yet too often we’re not matching that responsibility with the reward, progression and operating environment that keeps people in the profession,” said Ankur Anand, CIO of Harvey Nash.
“When pay lags the market, workload keeps rising, and the role is seen as a blocker rather than an enabler, it’s no surprise that attrition starts to look like the path of least resistance,” he added.
However, cybersecurity is still the third most in demand technology skill for employers.
That means those who feel underappreciated in their current role could potentially use this to their advantage, by moving elsewhere into a different role with a higher salary.
While this can be of benefit to the individual and their new employer, the departure of key cybersecurity staff could create additional cybersecurity risk for the company which the employee departs. To avoid this, Harvey Nash recommended that firms are careful to make their employees feel valued.
“If organizations want to reduce exposure and respond faster when incidents happen, they need to treat cyber talent as a strategic capability: valued, visible and supported by leadership,” said Anand.
The Harvey Nash Global Tech Talent & Salary Report is based on a survey of over 3646 technology professionals globally (including 1394 in the UK and 629 in the US). The survey took place between 4th November 2025 and 26th January 2026.
