The average salary of specialists in the field of information security in commercial organizations is 125 thousand rubles, and in state institutions it is 86 thousand rubles. socialbites.ca learned about this from a study presented by Positive Technologies at SPIEF-2024.
In St. Petersburg, half of cybersecurity experts in private companies receive 92 thousand rubles. per month and above, in state institutions – 58 thousand rubles. And higher. The average indicator for commercial and state-owned firms in other regions of Russia is 65 thousand rubles. and 40 thousand rubles. respectively.
According to Positive Technologies, information security professionals face a high barrier to entry due to strict employer requirements and peer-to-peer hiring practices. As a result, students and graduates are choosing other areas of the IT industry that require less competence and offer higher salaries. Software development and analytics offer average salaries that are 42% and 25% higher, respectively, than information security.
Low wages in the public sector, one of the main employers in this field, also do not attract the attention of specialists. Only 24% of information security students are ready to work for between 20 and 40 thousand rubles. in the month following employment. Such salary levels are particularly high in Moscow, St. It is not competitive in regions outside St. Petersburg and other large urban agglomerations.
The psychological factor also plays a role. Working in information security may not seem interesting enough for young professionals seeking recognition and interesting projects. Some aspects of the job may be unattractive, such as the need to respond to intrusion detection at any time of day.
The high responsibility of information security experts may also deter them in this direction. Mistakes in this area can have serious consequences for the organization, including financial, reputational and other harm. Oftentimes, experts are held responsible for security breaches even if they did not have the authority or resources to prevent it. Administrative and criminal liability is also provided in case of violation of security rules.
Previously in Russia sort of all cyber security experts.