A Starting Point
Make Sense of DoD 8570 and 8140
Need to understand what the U.S. Department of Defense (DoD) directives 8140, 8570, and 8570.01-M, are? don’t worry! You’re not the only one. These DoD directives may seem confusing, but they’re actually pretty easy to understand. This article can help you Make Sense of DoD 8570 and 8140 for your Cyber Security Career.
For those who are interested in information technology, DoD 8140 is actually a massive opportunity. As the DoD increased its focus on cyber security, thousands of jobs for trained individuals have been created. Large and small organizations and businesses are following the DoD’s lead and have begun requiring similar certifications for their employees to help mitigate risk and protect their organizational data.
DoD 8570 Compliance
DoD 8570 (technically 8570.1) compliance is required of all authorized users of DoD information systems, including military service members, contractors, and government employees. If you’ve been searching for cyber security jobs, chances are you’ve seen a listing with DoD 8570 compliance requirement as part of the posting.
Signed August 15, 2004, DoD 8570 is a directive which requires American National Standards Institute (ANSI) accredited certification for information assurance workers. You can achieve compliance by achieving specific IT certifications. DoD 8570 established three levels of certification requirements for Information Assurance Management (IAM) and Information Assurance Technicians (IAT). IAM roles are typically in a management or leadership position, whereas IAT roles are actively working with controlled information or on the networks that carry it. If you want to qualify for DoD Information Assurance jobs, you must obtain one of the certifications required for that position category or specialty and level.
DoD 8140: A New Focus on Cyber Security
Recently, officials realized there was a need to change the way the DoD handled information and network security. Changes in those technologies since 2004 and an increase in cyber attacks were the driving force behind this new directive.
On August 11, 2015, the 8140 DoD directive was signed by representatives of the U.S. Department of Defense. Because of this change of focus, the “Information Assurance (IA) Workforce” has been renamed to the “Cybersecurity Workforce.”
DoD 8140 confirms the importance of popular IT certifications like A+, Network+, Security+, and CISSP as well as adding new approved baseline cyber security certifications including CASP, CEH, and more.
So what happens to DoD 8570?
DoD Directive 8140 “reissues, renumbers, and cancels DoD Directive (DoDD) 8570.01 to update and expand established policies and assigned responsibilities for managing the DoD cyberspace workforce” according to the Information Assurance Support Environment site. Despite this, DoD 8140 currently uses the DoD 8570 manual.
DoD 8140 will eventually have its own manual, but it takes a few years to create complex manuals like this. For this reason, the DoD will continue using the 8570 manual, called 8570.01-M, for the time being. When a new manual is released for 8140 it will most likely replace 8570.01-M.
One of the major changes that DoD 8140 will bring about once its new manual is released is more of a focus on training that includes live, hands-on exercises like the Mission Critical Institute CCRMP program.
The DoD wanted to make sure that the certifications required for the Cybersecurity Workforce Knowledge Units gives their holders not just the knowledge, but also the know-how to defend the United States’ networks, digital assets, and information.
Starting to make Sense of DoD 8570 and 8140?
A New Era for Cybersecurity
From a risk management perspective the cybersecurity industry requires multiple levels of skills and talent.
- From Information Assurance and Enterprise Risk Management, which allows an organization to mitigate risks by implementing processes to manage,protect and defend it’s data, technical assets and information systems.
- To Information Operations which is focused on the unique knowledge, skill and abilities required to proactively deploy teams for cyber defense. with highly tactical individuals continuously identifying, mitigating and staying ahead of adversary.
More and more cybersecurity education and training organizations will begin to release programs that focus and recognize performance based assessments at both the Information Assurance and Information Operations levels.
Both areas of the industry require skilled individuals to manage and mitigate organizational risk through appropriate enterprise processes and active defense.
Higher recognition will be given to those individuals that complete a program that can be articulated into, or offered directly in partnerships with accredited institutions that can award academic credentials and degrees.
How will DoD 8140 affect you?
For many IT professionals, and those interested in IT, this presents a huge opportunity. With the DoD’s increased focus on cybersecurity, certified individuals are in high demand. DoD contractors operate all over the United States and even abroad, which makes it easy to take your credentials just about anywhere and get hired.
For those who are serving in the military, DoD 8140 (and 8570 before it) provides a way to gain valuable experience that translates directly into a lucrative civilian career. If you can work in the Cybersecurity Workforce during your service, you’ll come out of your military career with military clearance and certifications that will give you a huge head start in the civilian world.
For cybersecurity education and training companies like the Mission Critical Institute, DoD 8140 was a major driver towards the development of 100% hands-on performance based CCRMP program certificate, that also allows an individual to earn 8570 compliant CISSP, CEH and CAP certificates.
Time to Join the Cybersecurity Workforce?
The average annual salary for a cybersecurity trained individual is $95,000 and there is a huge shortage of qualified workers. In the U.S. alone, over 40,000 jobs for information security analysts are going unfilled every year, and employers are struggling to fill 200,000 other cyber security related roles, according to CyberSeek. With demand for these professionals at record levels, you can be sure that getting certified will pay off in spades.
Mission Critical Institutes Cybersecurity Academy offers high-velocity IT training programs that can help you complete your information security certifications and be job-ready in weeks. Day and night class schedules make it easy for you to get the training you need fast in a way that works with your schedule with both 100% performance based approaches and certification based constructs. You won’t leave the Mission Critical institute with just a certificate or academic degree (through our partners) you achieve the skills you need to be successful in your career. Our industry-expert instructors will make sure you have the knowledge you need to excel in a new job role, whether it’s through DoD 8570 or DoD 8140.
Get started by completing the Cybersecurity Career Readiness Assessment