NEW DELHI: India Inc., facing a scarcity of cybersecurity professionals, especially at the leadership level, has increased salaries offered for such roles by 25-35% over the past year.
Hacking and cyberattacks are compelling firms to hire talent at a premium, with compensation packages for top roles at upwards of Rs 2 crore, and in some instances, close to Rs 4 crore, inclusive of variables. In addition, last year’s demonetisation and the government’s push for Digital India have pushed demand for cybersecurity talent.
Given the gravity of the job, top cybersecurity executives are now even reporting to their company boards instead of chief executive officers. Search firms including Hunt Partners and Transearch said the boards of most of their clients have formed committees for cybersecurity in the past year.
“Till 18 months ago, cybersecurity was looked at as managing IT services risk, but now this has reached the company boards as the entire business is dependent on this,” said Atul Gupta, partner and cybersecurity lead for KPMG. Tax and advisory firm KPMG itself has doubled its team to 320 in two years and its leadership team has almost trebled in the same time, Gupta said.
Leadership searches have risen by between 25% and 100% over the past year, according to some search firms.
“There is a demand for cybersecurity professionals at the leadership level and also at lower levels. It has shot up in the last one year,” said Korn Ferry India’s managing director Navnit Singh.
He said the annual compensation for cybersecurity heads ranges from Rs 2 crore to Rs 4 crore. “Compensation for top talent in the cybersecurity space is anywhere between Rs 1.5 crore and Rs 4.5 crore,” said Gupta of KPMG.
Korn Ferry closed at least three search mandates for cybersecurity heads in the past six months, Singh said.
“Companies are now vulnerable to cyberattacks and especially with the government’s initiatives like Digital India and demonetisation, almost all companies across all sectors are going digital to some extent,” said Ashok Pamidi, senior director of Nasscom.
Demand for cybersecurity professionals is driven mostly by consulting firms, banks, the government, retail, BFSI companies and IT companies. To ensure a supply pool of cybersecurity specialists, Nasscom has rolled out a curriculum on the subject with 10 specialised courses, said Pamidi.
Transearch India is looking for cybersecurity leaders for four companies.
“In the last 12 months, we did not have any mandate from our clients in the cybersecurity space. This is a new trend for us,” said Uday Chawla, managing partner at Transearch.
Recent appointments include Mandar Patil as director of sales at Smokescreen Technologies, a cybersecurity startup. He was previously a senior executive in the BFSI vertical at IBM.
CrowdStrike, a US cybersecurity company that recently opened a development centre in Pune, appointed Ramanand Kambli as regional sales director of India and SAARC and Jhilmil Kochar as managing director. Kambli was earlier with Symantec-owned Blue Coat.
Vikas Arora joined IBM in March as cloud business leader (India & South Asia) from Dell EMC Asia Pacific (global services). Magesh Ramachandran joined as global head of cybersecurity at Diageo from PwC in April.
Hunt Partners has completed over half-a-dozen mandates for cybersecurity experts in the past nine months.
“We have seen a consistent increase in demand for security professionals across the board for roles including chief security officer and chief information security officer and head of cybersecurity,” said Suresh Raina, managing partner at Hunt Partners. “There is a supply constraint and it is a nascent market, leading to sourcing from all avenues, including outside India.”
Financial services institutions including banks, payment gateways and ecommerce organisations are the biggest employers in cybersecurity, according to Sunil Goel, managing director at GlobalHunt.
The job profiles in cybersecurity include information risk auditors, firewall and security device development professionals, security analysts, intrusion detection specialists, computer security incident responders, cryptologists, vulnerability assessors, lead security architects and chief information security managers.