A recent report has revealed that a significant majority of cybersecurity professionals did not receive a pay rise last year. This situation has contributed to feelings of undervaluation among nearly half of those in the field, prompting many to contemplate pursuing new career opportunities in the near future. The Harvey Nash Global Tech Talent & Salary Report, published on April 27, highlights the growing dissatisfaction and uncertainty within the cybersecurity workforce regarding compensation and career prospects.
The study indicates that only 45% of cybersecurity employees anticipate a salary increase in the upcoming year. This statistic reflects a sharp contrast to the three-quarters of professionals working in artificial intelligence (AI) and machine learning, who are optimistic about their chances of receiving a pay raise during the same timeframe. Such disparities raise important questions about the perceived value of cybersecurity roles in comparison to other technology sectors.
Furthermore, the Harvey Nash report identifies cybersecurity professionals as the third most likely group to experience job dissatisfaction within the technology industry. Specifically, 23% of information security staff reported feeling unhappy in their roles, positioning them just behind quality assurance and testing personnel (24%) and infrastructure and support employees (25%). This trend reveals troubling signs about employee morale in a field that is crucial for protecting organizations from increasingly sophisticated cyber threats.
The discontent within the cybersecurity workforce surfaces after a series of significant cybersecurity incidents that occurred during the year 2025. Noteworthy attacks have included a ransomware incident impacting Jaguar Land Rover, which had severe repercussions for the UK’s economy, and the unprecedented data breach at Change Healthcare, marking the largest incident in the health sector’s history. These events further underscore the vital role that cybersecurity professionals play in safeguarding vital infrastructures and sensitive data.
Despite the backdrop of such high-profile attacks, the survey findings suggest that the attitudes and conditions surrounding cybersecurity roles have not markedly improved. Alarmingly, only 22% of respondents reported that their organizations had increased resources toward cybersecurity following the widespread media attention on major incidents. This lack of response raises concerns about the level of investment in cybersecurity and the resources allocated to these professionals who are stationed on the frontlines of digital defense.
Ankur Anand, the Chief Information Officer of Harvey Nash, commented on the implications of the findings, describing them as a "wake-up call" for organizations. He emphasized that cybersecurity teams are often tasked with managing substantial business risks, yet are not sufficiently compensated with attractive rewards, clear paths for career progression, and supportive operating environments. The report highlights a concerning trend where stagnant pay, escalating workloads, and perceptions of cybersecurity roles as hindrances rather than facilitators lead to increased attrition rates among skilled professionals.
Interestingly, despite these challenges, cybersecurity skills remain in high demand among employers, ranking as the third most sought-after technological expertise. This demand presents an opportunity for professionals feeling undervalued in their current positions to seek opportunities elsewhere that offer more competitive salaries. However, the departure of key cybersecurity staff could simultaneously intensify risk for the organizations they leave behind, creating potential vulnerabilities in their defenses.
To mitigate these risks, Harvey Nash urges organizations to make a concerted effort to acknowledge and support their cybersecurity talent. Anand asserts, “If organizations want to reduce exposure and respond faster when incidents happen, they need to treat cyber talent as a strategic capability: valued, visible, and supported by leadership.” This perspective emphasizes the necessity for businesses to recognize the critical contributions of cybersecurity professionals rather than overlooking their critical roles in organizational safety.
The Harvey Nash Global Tech Talent & Salary Report is based on a comprehensive survey comprising over 3,646 technology professionals worldwide, which included 1,394 respondents from the UK and 629 from the US. The data collection span from November 4, 2025, to January 26, 2026, ensuring a broad representation of insights from the global technology landscape. As organizations navigate the complexities of cybersecurity, the insights from this report highlight an urgent need for reassessment and improvement in the treatment of cybersecurity professionals to foster a more resilient security environment.