Data security chiefs pay soars to €1m as GDPR looms

data mistrust 2Soaring concerns over data security have pushed up the salaries of chief information security officers at top European firms to eye-watering levels, according to one recruitment consultancy, which claims CISOs can expect to trouser up to €1m (£850,000) a year.
According to global executive search firm DHR International, the rise in the number of cyber-attacks in the past five years has made the role of cyber-security experts increasingly important in the boardroom.
And while those at top end can now expect to receive mega bucks, those working in listed small and medium European companies are not exactly on the bread-line and are now being paid a minimum of €200,000 (£171,000).
DHR International partner Gert Stürzebecher commented: “CEOs have started to lose their jobs over data breaches and the financial impact of some individual data breaches now runs into the tens or hundreds of millions of euros. An issue as serious as that gets its own seat at the board.”
DHR cites the looming implementation of GDPR – in May next year – which could see companies that suffer a data breach face a fine of up to €20m (£17.2m) or 4% their annual global turnover, compared to a maximum existing penalty of £500,000.
A recent analysis of the fines dished out by the UK Information Commissioner’s Office revealed that under GDPR the mometary penalties would be 79 times higher – soaring from £880,500 to £69m – under the new regime.
As already reported by Decision Marketing, TalkTalk’s 2016 fine of £400,000 for security failings that allowed hackers to access customer data would rocket to nearly £60m under GDPR.
Fines given to small and medium-sized enterprises could have been disasterous, with Pharmacy2U’s fine of £130,000 ballooning to £4.4m – a significant proportion of its revenues and potentially enough to put it out of business.

Related stories
ICO’s 2016 fines would rocket to £69m under GDPR
20% of firms fear ruin as GDPR panic spreads globally
ICO insists GDPR guidance will cover legitimate interest
Industry on alert over third-party data legal crackdown
DMA joins forces in bid to demystify legitimate interests
GDPR consent updates spark chilling warning to brands
GDPR compensation to dwarf £30bn bill for PPI claims
Half of all firms still not compliant with 1998 data laws
Data compensation claims ‘could run into millions’