The cybersecurity workforce gap has been estimated to reach over 2.5 million people. Organizations need to invest in new talent and cybersecurity education to fill these positions.

The 2022 Cybersecurity Hiring Managers research from (ISC)² surveyed 1,250 cybersecurity hiring managers from the U.S., Canada, U.K. and India to assess the need to build effective job cybersecurity descriptions, assign appropriate roles and responsibilities, along with the importance of non-technical skills and investing in career development. 

Key report findings include:

• Forty-two percent of participants said training costs less than $1,000 for entry-level hires (those with less than one year of experience) to handle assignments independently.
• Thirty-seven percent of participants estimate entry-level practitioners are considered “up to speed” after six months or less on the job. Half said it takes up to a year.
• Certifications are considered the most effective method of talent development for entry- and junior-level practitioners (27%), followed by in-house training (20%), conferences (19%), external training (13%), and mentoring (11%).
• Eighteen percent of hiring managers are recruiting individuals from within their organization working in different job functions, such as help desk (29%), HR (29%), customer service (22%) and communications (20%).

Hiring managers also revealed their top five tasks for entry-level cybersecurity staff:

1. Alert and event monitoring
2. Documenting processes and procedures 
3. Using scripting languages 
4. Incident response 
5. Developing and producing reports 

When asked how entry- and junior-level staffers help their organization, participants said they bring new perspectives, ideas, creativity, critical skills in new technologies, enthusiasm and reinvigorating energy.

To learn more about closing the cyber skills gap, click here.