Join us for the FREE Cyber Defense Forum | Live Online on October 9


Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

SANS Announces Results of its Salary and Professional Trends Survey

Cybersecurity Job Market Strong; Salaries Increase for Managers; Certifications Important to Career Success

  • Bethesda, MD
  • April 30, 2014

SANS announces results of its salary and professional trends survey, in which more than 4,000 cybersecurity professionals answered questions about their positions, aspirations, experience, certifications, job security, and salaries. The survey was sponsored by Arbor Networks.

Building on the groundwork laid by the 2008 SANS Salary and Certification Survey, this survey addressed the professional issues and trends for cybersecurity workers today. These trends included hiring plans, professional development, job satisfaction and pay packages.

"More than a third of respondents believe that their organizations will increase hiring of IT security and cybersecurity professionals," says John Pescatore, director, emerging security trends, SANS Institute. "They also believe the needed skill mix is changing, with more emphasis on analytics and intelligence and less on audit and compliance."

Although the $80,000-$99,000 range is still the most common for cybersecurity professionals, those earning more than $100,000 per year increased from 38% in 2008 to 49% in 2014, indicating that salaries are rising for managers. The survey also found that experience does pay off, with a proven increase in compensation per year of experience.

In addition, although formal education is important to enter the workforce, the importance of certifications was corroborated, with 58% of respondents crediting certifications as playing an important role in their career success.

"When it comes to maximizing earning potential, it is clear that having highly coveted certifications play a defining role in career development," says Scott Cassity, managing director of GIAC.

In the survey, respondents expressed confidence in the cybersecurity job market. Over the past 12 months, 43% of respondent organizations increased staff, some quite significantly. Moreover, 35% expect their organizations to add staff in the coming 12 months.

"I found analyzing the data from the salary survey quite refreshing. People in this industry sector have a positive outlook for the future, somewhat in contrast to many professions today," says survey manager Barbara Filkins. "I predict that demand for cybersecurity experts internationally will be an interesting trend for the future as well.

Results will be released during a webcast on Thursday, May 8, at 1 PM EDT featuring Barbara Filkins and John Pescatore (as moderator). Register for the webcast at

Those who register for these webcasts will be given access to an advanced copy of the associated report developed jointly by SANS GIAC and the SANS Analyst Program.

Tweet this:
Salaries stable overall, growing for managers. Attend May 8 webcast @SANSInstitute.
Importance of certifications to career success shown in SANS survey. Attend May 8 webcast @SANSInstitute.
Strength of cybersecurity job market revealed in SANS survey. Attend May 8 webcast @SANSInstitute.

GIAC (Global Information Assurance Certification) was founded in 1999 to validate the skills of information security professionals. The purpose of GIAC is to provide assurance that a certified individual has the knowledge and skills necessary for a practitioner in key areas of computer, information and software security. The SANS Analyst Program, , is part of the SANS Institute.

SANS Media Contact

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions worldwide. Renowned SANS instructors teach more than 60 courses at In-Person and Live Online cyber security training events, and more than 50 courses are available anytime, anywhere with our OnDemand platform. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system – the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (