Blog

The cybersecurity field is full of opportunities for people from all walks of life, but it can often be difficult to decipher exactly what is needed to land an entry-level job. The industry still tends to hire candidates who are tech-savvy, but cybersecurity experts are pushing companies to hire non-technical people and train in the technical aspects of these roles.

There’s now a benchmark for entry-level candidates to illustrate their interest in the industry and willingness to learn – and it’s a new online program offered by the non-profit Cybersecurity Certification Body (ISC )² called certified in cybersecurity. This program, which launched in the spring, helps candidates learn the basics of cybersecurity, including security principles, business continuity (BC), disaster recovery (DR) and incident response concepts. , access control concepts, network security and security operations.

And there’s an attractive incentive for people interested in cybersecurity careers: This new certification is free for the first million people who sign up to take the online course and certification. In the three months since its inception, the program has registered more than 110,000 applicants. As the world’s largest non-profit association for Certified Cybersecurity Professionals (ISC)² chose to invest in entry-level candidates, although the organization has certification programs for the upper echelons of the industry.

“While we encourage the hiring of soft skills and personality attributes, it [gives] this small additional insurance which allows [employers] have confidence that this person has demonstrated that they have the ability to understand these basic concepts”, Clar Rosso, CEO of (ISC)²recount Fortune. “Since this lack of manpower is a big problem, this is what we are investing in now.”

Projections from cybersecurity research firms, including CyberSeek and Cybersecurity Ventures, show that the industry has more than 700,000 job vacancies in the United States. Worldwide, the gap is estimated at around 3.4 million.

There are many ways to enter the cybersecurity industry, according to (ISC)²‘s Cybersecurity’s Workforce Study 2022. Nearly half of people under 30 entering the cybersecurity workforce come from careers outside of IT, according to the study. Thus, this new entry-level certification levels the playing field, allowing people less exposed to technical training to learn the basics of cybersecurity.

“It’s really designed for people with no experience, people who may be changing careers, and also people who work in IT and want to move into security,” she adds.

Develop the Cybersecurity Certification Program (ISC)² went into the cybersecurity market and interviewed hiring managers to determine the kinds of skills entry-level cybersecurity workers need to be successful without getting too technical, Rosso says.

There are three paths candidates can take in the cybersecurity certification program, all of which include cybersecurity training and the exam needed to earn the certificate. Applicants choose whether they wish to attend live sessions in addition to the self-paced study program; this option costs $649. The free path includes only one chance to pass the certification exam, while a $199 option includes two chances to pass the exam.

The course lasts 14 hours and, depending on the learning path you have chosen, will include only self-paced course materials or a mixture of self-study and live lessons. There are also pre- and post-course assessments, study sheets, quizzes, and interactive study aids such as flashcards. Students have access to the material for 180 days.

A cybersecurity or information security analyst job is a popular position for entry-level candidates – and it’s also one of the fastest growing jobs in the United States. that role grew to $102,600 in 2021, according to figures from the U.S. Bureau of Labor Statistics. Information security analysts or cybersecurity analysts with a bachelor’s or master’s degree can earn well into the six-figure range.

True entry-level cybersecurity workers earn between $70,000 and $80,000 a year, according to data from several recruitment sites. That’s about double the average entry-level employee salary in the United States, which is around $40,000, according to Indeed.

Depending on certification and education levels, cybersecurity workers can earn between $100,000 and $200,000, top executives – information security officers – earn between $250,000 and $400,000, Mary McHale, career counselor for the Masters of Information and Cybersecurity (MICS) program at the University of California, Berkeley, previously said Fortune.

The certification exam lasts two hours and consists of 100 multiple-choice questions. Students must answer 70% of the questions correctly to pass. There are questions about all the main concepts in the training course, including security principles, business continuity, disaster recovery and incident response concepts, access control concepts, security of the network and security operations.

(ISC)² is also working to develop partnerships with universities to include certification in their programs. The organization plans to work with cybersecurity degree programs first, as well as business programs to deliver the certificate program.

“We’ve noticed that employers are always hiring for certification, not necessarily for degree programs,” says Rosso. “We are in the very early stages of working with universities to guide them and share with them the insights we have from industry on what is important to cover in their programs.”

Discover all Fortune’s degree program rankings, and learn more about specific career paths.