Certification Survey Extra: Time to security certification
Certification Survey Extra is a series of periodic dispatches that give added insight into the findings of our most recent Certification Survey. These posts contain previously unpublished Certification Survey data.
So it’s probably time for a brief recap: With our most recent survey of certified IT professionals, we switched things up. After spending the last few years gathering salary data for every issue of Certification Magazine, we made a strategic decision to focus exclusively on salary once per year when doing our annual Salary Survey across all branches of IT certification.
(It’s happening right now, by the way. Please go participate!)
Our other surveys, three times a year — one each for the spring, summer, and fall quarterly issues of Certification Magazine — will continue to target specific subsets of IT certification. We just won’t be asking any salary questions. Accordingly, we have dropped the Salary Survey PLUS naming convention, and now we’re springing a new moniker on you.
Our new smaller surveys are now simply Certification Surveys. Moving forward, then, as we report further data from these newly rebranded surveys, we will use Certification Survey Extra to identify those reports. There will still be plenty of Salary Survey Extra articles, but now that brand (and all of those articles) will refer exclusively to each year’s annual Salary Survey.
(Did we mention that you can take the annual Salary Survey right now? Go do it!)
October is National Cyber Security Awareness Month (NCSAM), which turned out to be good timing for us, given that the October issue of the magazine is focused on information security certification. (Okay, yeah, that wasn’t a happy accident. Yay, we can read a calendar!)
With cybercrime affecting hundreds of millions of individuals per year — that we know about; ever get the shivers wondering whether your bank has been hacked and just hasn’t discovered/reported the breach yet? — demand for skilled IT security professionals is exploding.
Certification is a great way for an IT professional who has a strong foundation in a related IT discipline like networking to quickly transition to the information security realm, where the likelihood of excellent pay and stable long-term employment gets better with each new data breach. How quickly can that transition be made?
We don’t have a perfect answer, since most of our survey respondents are already experienced security professionals. We can, however, give a general sense of the time commitment required to study for and attempt a security certification exam, as well as the likelihood of a successful outcome.
To address that first point, we asked survey respondents to tell us the longest interval that they’ve ever needed to study for and pass a security certification. Here’s what we learned:
Q: From start to finish, what is the longest length of time it has ever taken you to earn an information security certification?
4 to 7 months — 33.5 percent
0 to 3 months — 26.5 percent
8 to 11 months — 12.3 percent
1 year — 11 percent
13 to 16 months — 5.8 percent
2 years — 4.5 percent
17 to 20 months — 3.9 percent
More than 3 years — 1.3 percent
21 to 23 months — 0.6 percent
3 years — 0.6 percent
You can tell at a glance that most of those surveyed have never needed more than a single year to complete a security certification. And since they’re referring to the longest it has ever taken them to go from start to finish, maybe this is a decent measure after all for those who are on the outside looking in. At the very least, noobs aren’t likely to get tangled up in a multi-year ordeal.
Also of note is that well more than half of survey respondents haven’t ever even needed 8 months to go from zero to certified. Exactly 60 percent have never been tied up that long. So if you are currently in a different IT field, but considering a move to information security, then certification could help you make the transition quickly.
Based on our survey, actually, there’s a fairly good chance that you’ll clear the bar on your first attempt. We asked survey respondents to tell us the highest number of times they have ever failed while attempting to pass a certification exam. For 67.1 percent of those surveyed, the next it happens — failing an security certification exam, that is — will be the first.
As for the rest, failure is rare: 21.9 percent of those surveyed have never failed more than once when attempting a certification exam, and 11 percent have never failed more than twice.