Blog
How Long Does it Take to Train Entry-Level Cybersecurity Team Members?
When hiring managers onboard new cybersecurity staff, there is typically an expectation that some learning on the job will be necessary. This is certainly the case when new hires are entry- and junior-level practitioners.
But when can you expect those less-experienced new hires to perform their tasks independently? Depending on experience levels, they can be ready to contribute on their own in as little as six months, according to new research by (ISC)².
The findings, published in the (ISC)² Cybersecurity Hiring Managers Guide , reveal that more than a third of hiring managers (37%) believe entry- and junior-level hires are ready to handle assignments independently within six months or less on the job. 67% say it takes entry-level hires up to nine months to be able to work independently.
Considering the complexities and wide range of knowledge involved in cybersecurity work, these timelines are relatively brief. In the past, organizations may have been reluctant to welcome inexperienced cybersecurity team members. They worried about the time and expense required to get these employees up to speed, but the research shows they shouldn’t be overly concerned about this.
Another welcome revelation centered around the level of investment required to train entry- and junior-level practitioners. For most organizations, the cost ranges from U.S. $500 to $5,000.
Skills Development
To get entry- and junior-level cybersecurity team members up to speed, organizations employ a number of methods, including mentorship programs, certification training and paying for tuition.
The most prevalent approach is mentoring, with 63% of respondents saying they use mentorship programs to upskill new talent. The second most common involves certification training and courses (54%), followed by career pathing and advancement (47%), training courses for non-certification skills and knowledge (38%), certification exam fees (38%) and certification materials like books (37%).
Certifications were ranked the most effective method of talent development for entry- and junior-level practitioners (27%), followed by in-house training (20%), conferences (19%), external training (13%) and mentoring (11%). However, in-house training topped the list at smaller companies, while midsize organizations prefer conferences, and large companies favor webinars.
For more insights on building your team with entry- and junior-level talent, read the guide at https://www.isc2.org/Research/Cybersecurity-Hiring-Guide .