Good morning. Corporate cyber chiefs’ salaries are growing amid an uptick in hacking threats and a dearth of experienced executives, WSJ Pro’s Catherine Stupp reports.
Also today: Biden’s new directive on cyber safeguards for critical infrastructure; more details on the TSA’s pipeline rules; a tool for shaming hackable websites; and cyber startups going gangbusters.
Cha-ching: Demand for experienced cyber executives has pushed the average salary for chief information security officers to new heights.
CISOs in the U.S. earned a median salary of $509,000 this year, compared with $473,000 in 2020, according to a new survey of 354 CISOs, published Thursday by executive search firm
Heidrick & Struggles International Inc.
Total compensation, including equity grants and bonuses, rose to $936,000 from $784,000 in 2020.
High-profile ransomware attacks have caused corporate executives and boards to focus more on cybersecurity over the past year, said Omar Khawaja, CISO at Pittsburgh-based Highmark Health.
“There’s a very tangible and direct business disruption,” he said. “It’s hard to ignore.”
Read the full story.
More Cyber News
Biden urges critical infrastructure to beef up cyber safeguards. The White House directed federal agencies to develop voluntary security goals by September for companies that operate critical infrastructure, such as financial services or electric utilities. At least four successive administrations have pursued such a voluntary strategy for ensuring cyber readiness. But senior officials say the directive could be a precursor to the Biden administration issuing mandatory standards for such firms. (WSJ)
Read the full directive from the White House here.
TSA official details second pipeline security directive. The rules, which have not been publicly released, cover technical areas such as the separation of operational and information-technology systems, Administrator David Pekoske told the Senate Commerce Committee Tuesday. Mr. Pekoske said the directive would also require reviews of how…