Pay up or expect attrition: 77% of cyber professionals missed out on pay rises last year – and almost half now plan to switch roles

Cybersecurity skills are in huge demand across the UK, yet despite this, pay rises for security professionals are few and far between.

That’s according to the 2026 Harvey Nash Tech Talent & Salary Report, which found more than three-quarters (77%) of cyber pros missed out on pay rises last year.

Indeed, almost three-times as many workers in roles spanning DevOps (60%), infrastructure support (60%), and machine learning (55%) received salary boosts last year, compared to cybersecurity practitioners (23%).

The recruitment firm said this raises serious questions about why enterprises are overlooking staff in a critical profession - and the outlook among cyber professionals paints a damning picture.

Broadly speaking, tech professionals in the UK rank among the most pessimistic in terms of pay rise expectations. Yet staff in the aforementioned areas all claimed they expect a salary increase in 2026.

By contrast, fewer than half (45%) of cybersecurity practitioners said they expect a pay rise this year.

Ankur Anand, CIO at Harvey Nash, said the data should be a “wake-up call” for enterprises that fail to adequately compensate workers.

“We’re asking cybersecurity teams to stand on the front line of business risk, yet too often we’re not matching that responsibility with the reward, progression, and operating environment that keeps people in the profession,” Anand commented.

“When pay lags the market, workload keeps rising and the role is seen as a blocker rather than an enabler, it’s no surprise that attrition starts to look like the path of least resistance.”

Pay up or expect attrition

Attrition could become a serious issue for enterprises, according to Harvey Nash. The study noted that almost half (48%) of cyber pros are looking to switch jobs within the next year, above the UK average (45%).

The figures from Harvey Nash come in the wake of similar findings from IANS and Artico Search’s 2026 Cybersecurity Talent Report, which found only 34% of cyber professionals plan to stay with their employer over the next year.

Declining job satisfaction, higher workloads, and a lack of regular wage progression were all cited as key factors behind this looming wave of attrition – and it could exacerbate existing talent shortages.

Cybersecurity skills shortages have been a long-running issue for businesses across the UK. Notably, research from Socura in January found that while the number of cybersecurity jobs have surged in recent years, organizations are still struggling with huge shortfalls.

Separate research from De Montfort University in August 2025 warned that continued skills shortages are placing UK firms at higher risk of attacks.

“If organizations want to reduce exposure and respond faster when incidents happen, they need to treat cyber talent as a strategic capability: valued, visible and supported by leadership,” Anand commented.

“The organizations that get this right won’t just retain their best people – they’ll build trust with customers, regulators and their own boards.”

FOLLOW US ON SOCIAL MEDIA

Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.

You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.