Cybersecurity talent crunch drives double-digit pay rises as UK firms count cost of breaches

Research by recruiter Robert Half warns UK businesses are facing soaring salary bills and growing risks as demand for cybersecurity, risk and compliance experts outstrips supply. Recent attacks on brands including Marks & Spencer, Co-op and Jaguar Land Rover — with M&S alone losing more than £300m in revenue — have pushed cyber resilience to the top of boardroom agendas

British businesses are facing rising salary bills and growing risks from cyberattacks as demand for specialist security, risk and compliance staff outstrips supply, according to new research.

Recruiter Robert Half said nearly half (48 per cent) of UK employers now list cybersecurity as a top hiring priority, with 42 per cent planning to recruit more IT security experts in the coming months. A further 26 per cent intend to expand permanent headcount in legal, risk and compliance, while 23 per cent are increasing their use of contractors.

The squeeze follows a wave of recent breaches at large firms including Marks & Spencer, Co-op and Jaguar Land Rover. Marks & Spencer alone has lost more than £300m in revenue to date, underlining the financial hit that even well-resourced organisations can face when targeted by sophisticated hacking groups or hostile state actors.

Robert Half said almost two-thirds (63 per cent) of employers are prepared to offer premium salaries to secure candidates in short supply, particularly in governance, security architecture and threat intelligence. In cybersecurity roles specifically, 44 per cent of employers expect to have to pay above-market rates.

Salary inflation is most acute in London. The firm’s data shows Senior Operational Risk Managers in the capital are set to see pay rise by 9.5 per cent from £94,625 in 2025 to £103,625 in 2026, while Operational Risk Managers will climb 11.1 per cent from £75,375 to £83,750. Chief Information Security Officers face the sharpest jump, with average salaries forecast to rise 14.2 per cent from £150,250 to £171,625 over the same period.

Matt Weston, senior managing director of Robert Half UK & Ireland, said: “In today’s climate, a breach isn’t just an operational failure – it’s a financial and reputational catastrophe. With rogue state threats, increasingly sophisticated hacking groups and rising regulation, firms that fail to invest in risk, compliance and security talent will be exposed.

“London’s sharp upward trajectory is no accident. Global financial institutions headquartered there face relentless scrutiny from regulators, ever-present geopolitical risks and boardrooms that now see cyber resilience as central to maintaining trust. The talent pool is not keeping pace with demand – particularly for senior leaders who can blend technical depth with strategic oversight.”

The research, based on pay data and a survey of 1,500 managers and workers across the UK, suggests the talent gap will continue to widen into 2026. Robert Half said organisations that fail to embed resilience “from systems to culture” risk being left behind.

READ MORE: AI agents capable of acting on their own are being deployed to scan networks, launch attacks, and bypass traditional security systems. Find out more about how this technology is reshaping the cyber threat landscape and what organisations need to do to stay ahead.

_{Main photo: Markus Spiske/Pexels}