I know what it is like to have competing priorities. When I was the Chief Information Security Officer at AirMap, there was a constant pressure to build product, and security was always fighting for attention. This is why we developed HackEDU—so that developers could learn secure development in bite-sized chunks, slowly over time, without disrupting normal product development. You can start training now and have developers work on training for 1-2 hours every month. HackEDU's dashboard, to which you have access for one year, makes it easy to schedule lessons. Even if our training is not a good fit for your needs, find a program that works for your team and have them work through it in small chunks over time.
You will never be any less busy, so don’t wait to find the perfect time because your developers are developing without the fundamental skills necessary to code securely. It is only a matter of time until there is an incident. If your data is stolen or your applications are hacked, you will lose the hard-won trust of your customers, and the results of that could be devastating.
My recommendation is to sign up for training as soon as possible. Start reducing your security risks today and have your developers continue picking up secure coding skills over the next few months. Otherwise, you will have more months of development where you may be adding critical vulnerabilities to your code.
It can feel like you don't have enough time to train your developers and that training will take away time from your product roadmap. You probably have a lot of competing priorities; however, training your developers is vital and should be prioritized: Read about why Security Development Training is needed. The cost really is minimal when you consider the huge return on investment: Read more about the ROI of Secure Development Training here. HackEDU has developed a training platform to reduce the burden on you and your team and in addition reduce the time away from development.