Dual CISOs at large organizations earn an average total compensation (including equity) of $1 million, whereas those who only take on partial IT oversight are closer to the average of traditional CISOs who manage none of the IT functions ($653,000).

CISOs with good board relationships are more likely to be given the ability to pursue use cases for generative AI, such as creating threat detection rules (43% versus 31% of other CISOs), analyzing data sources (45% versus 28% of other CISOs), incident response and forensic investigations (42% versus 29% of other CISOs), and proactive threat hunting (46% versus 28% of other CISOs).

57% of CISOs prioritize regulation and compliance knowledge, compared to 44% of board members.

29% of CISOs say they receive the proper budget for cybersecurity initiatives, compared to 41% of board members who think cybersecurity budgets are adequate.

Strategic CISOs have an annual cash compensation of around $545,000, compared to $385,000 for functional CISOs and $291,000 for their tactical counterparts.

More board members than CISOs want CISOs to develop certain skills: Business acumen: 55% of board members vs 40% of CISOs, emotional intelligence: 45% of board members vs 35% of CISOs, Communication: 52% of board members vs 47% of CISOs.

52% of CISOs consider innovating with emerging technologies a priority, compared to 33% of board members.

53% of CISOs say their responsibilities and job expectations have become more difficult since they took the job.

15% of CISOs ranked compliance status as a top performance metric, compared to 45% of boards.

18% of CISOs claimed they were unable to support a business initiative due to budget cuts in the past year, and 64% said that lack of support led to a cyberattack.

1-25% of CISOs reported that emerging domains including AI, M&A security, change management, IT due diligence, digital transformation, and innovation were being added to their workload.

Only 29% of CISOs say their board includes at least one member with cybersecurity expertise.

When there is a CISO on the board, 80% of boards report excellent or very good working relationships with CISOs in setting and aligning on strategic cybersecurity goals, versus 27% when there isn't a CISO on the board.

For boards with a CISO member, 60% report excellent or very good working relationships when communicating progress against milestones, security goal achievement and plan of record, compared to 16% for boards without a CISO member.

3% of CISOs attribute their raise to taking on larger scope, while others see it reflected in merit increases.

More board members than CISOs want CISOs to develop certain skills: Business acumen: 55% of board members vs 40% of CISOs, emotional intelligence: 45% of board members vs 35% of CISOs, Communication: 52% of board members vs 47% of CISOs.

50% of boards with a CISO member report excellent or very good relationships when budgeting adequately to meet goals, compared to 24% for boards without a CISO member.

Board members with a CISO background report stronger relationships with security teams and feel more confident about the organisation’s security posture.

37% of board members with a CISO background express concern that they are not doing enough to protect the organisation, compared to a survey average of 62%.

29% of CISOs say they receive adequate budget to accomplish their goals, compared to 41% of board members who think the function has enough funds.