In 2005, the U.S. Department of Defense (DoD) set out to assess and manage its cybersecurity workforce. It issued a directive to identify and create a cyber-ready workforce that would eventually require IT certifications to assess the tasks for specific job roles. This directive was called DoD Directive 8570 and it includes a manual called 8570.01-m.
What is DoD 8570?
DoD 8570 was created to identify, tag, track and manage the information assurance, or cybersecurity, workforce. It also established a manual that includes an enterprise-wide baseline IT certification requirement to validate the knowledge, skills and abilities of people working in cybersecurity roles.
Within the manual, specialty codes categorize the cybersecurity skills needed by personnel with privileged access and to track key data in personnel databases. It also outlines workforce skill levels, categories and functions and aligned them with approved IT certifications. The DoD continually adds new and revised IT certifications to this list to keep pace with the evolving field of cybersecurity.
What is DoD 8570.01-m?
DoD 8570.01-m is the manual that lists the approved IT certifications that the DoD uses to assess and manage its workforce. DoD information assurance and cybersecurity personnel must obtain one of the certifications listed for their job category and level.
Job roles are divided into broad categories that have baseline level requirements:
- Information Assurance Technical (IAT) levels I, II and III
- Information Assurance Management (IAM) levels I, II and III
- Information Assurance Security Architecture and Engineering (IASAE) levels I, II and III
- Cyber Security Service Provider (CSSP) levels of Analyst, Infrastructure Support, Incident Responder, Auditor and Manager
CompTIA is well represented in the DoD’s list of approved, required IT certifications, as shown in the following table. For a complete list of approved certifications, click here.
Read more about DoD approval of CompTIA Cybersecurity Analyst+ (CySA+), CompTIA Advanced Security Practitioner (CASP+) and CompTIA Cloud+.
DoD 8570.01-m Approved Certifications From CompTIA
| Information Assurance Technical (IAT) | IAT Level I | IAT Level II | IAT Level III |
|
|
| ||||
| Information Assurance Management (IAM) | IAM Level I | IAM Level II | IAM Level III |
|
| - |
| |||
| Information Assurance Security Architecture and Engineering (IASAE) | IASAE I | IASAE II | IASAE III |
|
| - |
| |||
| Cyber Security Service Provider (CSSP) | CSSP Analyst | CSSP Infrastructure Support | CSSP Incident Responder | CSSP Auditor |
*CompTIA PenTest+ is approved for CSSP Analyst, CSSP Incident Responder and CSSP Auditor.
What is DoD 8140?
DoD 8140 replaces DoD 8570. It expands on 8570 to leverage the Defense Cybersecurity Workforce Framework (DCWF), which draws from the original National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (NCWF) and the DoD Joint Cyberspace Training and Certification Standards (JCT&CS).
To date, the manual for DoD 8140 has not been published, and CompTIA is not clear on what type of training, certification or on-the-job experience will be accepted as compliant. But this is what we know so far:
- DoD 8140 includes 7 broad categories, 33 specialty areas and 54 work roles.
- It uses the DCWF to identify cyber personnel categories and additional work roles not included in the NICE framework:
- Security Provision: May include jobs such as architecture, engineering, operations that include information assurance compliance, software, security engineering, system development, research, etc.
- Operate/Maintain: This may include customer service, tech support, data administration, knowledge management, network service and security analysis.
- Protect/Defend: This involves defense against cyberattacks, defense analysis, incident reporting, vulnerability assessment and related areas.
- Analyze: This pertains to different types of network analysis, resource intelligence, exploitation analysis, threat analysis, etc.
- Operate/Collect: This is defined as applicable to cyber operations and planning, collection operations, planning and implementation.
- Oversight and Development: This pertains to the legal consequences of conducting operations in the digital realm, with emphasis on planning, education and awareness-raising.
- Investigate: This is relevant to investigations and forensics work as it relates to online security or related issues.
What’s the Difference Between 8570 vs. 8570.01-m vs. 8140?
Directive 8140 is the updated version of 8570 and was created to expand the work roles covered. DoD 8570.01-m is the manual that lists the IT certification requirements. The new 8140 manual is expected to identify the new requirements, such as IT certifications and training, but those requirements are unknown at this time.
Stay tuned for three more articles that dive into each of these three directives. In the next article, “What is 8570? Certification Requirements for Compliance,” we’ll tackle the rationale for DoD 8570 and discuss its goals in more detail.
Whether you work for the DoD or in the corporate sector, CompTIA certifications validate the skills you need for IT. See which certification is right for you and download the exam objectives for free.
Patrick Lane, M.Ed., Network+, MCSE, CISSP, directs cybersecurity workforce certifications for CompTIA, including Security+, PenTest+, CySA+ and CASP+. He assisted the U.S. National Cybersecurity Alliance (NCSA) to create the “Lock Down Your Login” campaign to promote multi-factor authentication nationwide. He has implemented a wide variety of IT projects as a network, security and server administrator, security analyst and architect. Patrick is an Armed Forces Communications and Electronics Association (AFCEA) lifetime member, born and raised on U.S. military bases, and has authored and co-authored multiple books, including Hack Proofing Linux: A Guide to Open Source Security.
