Discover the latest on compensation in infosec: trends, salary insights, and how it impacts retention and talent in the cybersecurity sector.
Search across headline titles and summaries.
Background for this topic.
Compensation is a term within information security that denotes the controls or measures put in place to mitigate risk when existing controls are deemed insufficient or ineffective. In the context of information security, compensation often involves adding additional safeguards to strengthen the overall security posture when primary controls cannot be implemented due to technical, operational, or business constraints.
Effective compensating controls are designed to provide similar protection as the original security measures or to counteract potential threats that may exploit the vulnerabilities left by the limitations of the primary controls. For instance, if a software application does not support two-factor authentication, a compensating control could be the implementation of stringent password policies and regular monitoring of login activities.
Overall, compensating controls are an essential aspect of risk management strategies in information security, ensuring that organizations maintain robust security layers and compliance with industry standards even when conventional security solutions fall short.
Weekly headline count for the current query.
Advocate General urges rethink of PSD2 to speed compensation after scams Analysis One of the European Union's top legal advisors is trying to change how banks treat cybercrime victims – meaning they could enjoy greater financial protections sooner than expected.…
Affected police officers squeezed mental health services, relocated over safety fears Police Service of Northern Ireland (PSNI) employees who had their details exposed in a significant 2023 data breach will each receive £7,500 ($10,279) as part of a universal offer of compensation.…
Critics of South Korea's Coupang Dismiss Offer as Marketing More Than CompensationAfter suffering a data breach that exposed personal data for two-thirds of South Korea' population, online retailer Coupang promised to distribute $1.2 billion in vouchers to "restore customer trust." But critics have accused the move of being more about marketing than true compensation.
Coupang, the largest retailer in South Korea, announced $1.17 billion (1.685 trillion Won) total compensation for the 33.7 million customers whose information was exposed in the data breach discovered last month. [...]
An IANS study finds CISO compensation rose 6.7% on average in 2025 while budget growth halved compared to 2024
ParkMobile has finally wrapped up a class action lawsuit over the platform's 2021 data breach that hit 22 million users. But there's a catch: victims are receiving compensation in the form of a $1 in-app credit, which they must claim manually. And, it comes with an expiration date. [...]
Credit agency offers own services as compensation Credit scoring and monitoring biz TransUnion says that it recently suffered a breach affecting nearly 4.5 million individuals.…
'Deserves fair compensation for the valuable and innovative services'? Which ones are those then? Meta has come out swinging following the European Commission's decision that its pay-or-consent model falls foul of the Digital Markets Act (DMA).…
The rate of compensation gains has slowed from the COVID years, and budgets remain largely static due to economic fears, but CISOs are increasingly gaining executive status and responsibilities.
After stealing sensitive data from Disney, Ryan Mitchell Kramer claimed to be part of a Russian hacktivist group protecting artists' rights and ensuring they receive fair compensation for their work.
Also, Nike Sued Over Shutdown of NFT SubsidiaryThis week, KiloEX compensation after Oracle exploit, Nike sued over NFT shutdown, SEC dropped probe into PayPal PYUSD, Long Island man sentenced for crypto fraud, Americans lost billions to crypto scams, Loopscale exploiter agreed to return stolen funds and bank regulators softened stance on crypto.
Opportunistic threat actors targeted Portuguese and Spanish speakers by spoofing Portugal's national airline in a campaign offering compensation for delayed or disrupted flights.
Experts Say Consumers Gain Little as Implementation Challenges Loom for FrameworkAustralia's new scams framework bill sets the foundation for industry action but leaves consumers with limited protections. Experts warn that enforcement and reimbursement mechanisms are unclear, forcing victims to navigate a complex system with little guarantee of compensation.
Investigating compensation to police whose sensitive info was leaked in 2023 The Police Service of Northern Ireland (PSNI) has bailed two officers after they were arrested as part of a fraud investigation related to the payments to cops whose sensitive data was mistakenly published in 2023.…
Scrutiny Over Ethics of Profit-Sharing Prompts End to Cyberstarts CISO CompensationAllegations of conflicts of interest in Cyberstarts’ Sunrise program have sparked debate in the CISO community. While the program connected CISOs with startups for advisory purposes, its profit-sharing incentives drew criticism, leading some participants to resign and the firm to halt compensation.
3 Countries Taking Different Approaches to Accountability and Victim CompensationGovernments globally are intensifying anti-scam measures, introducing new guidelines to banks, telecom providers and other key sectors to bolster security controls and mitigate fraud risks for consumers and businesses. Some new frameworks threaten to levy stiff penalties for non-compliance.
CISOs' cash compensation tops $400,000 now, but with the high pay comes struggles, rapidly changing responsibilities, and tight budgets.
At least a portion of executive compensation going forward will be tied to meeting security goals and metrics.
IANS Research data finds many tech CISOs are concerned about their compensation as salaries stagnate
Company Plans to Link Executive Compensation to Achieving Security MilestonesThe executive vice president for Microsoft Security has announced an overhaul of the company's security practices following a series of high-profile cyberattacks that allowed foreign state-sponsored hacking groups to access its internal systems and cloud networks.