The U.S. government has put significant emphasis on certification and training for system users to ensure they can meet the ever-changing cyber threats and to reinforce their skillsets to mitigate adversary attacks with existing or new security tools. Comprehensive annual security awareness has been made mandatory for all users, and several opportunities to increase competence are available for employees who need more advanced IT skills and knowledge.
This effort is summarized by DoD Directive 8140.01, “Cyberspace Workforce Management,” August 11, 2015 that “unifies the overall cyberspace workforce and establishes specific workforce elements (cyberspace effects, cybersecurity, and cyberspace information technology (IT)) to align, manage and standardize cyberspace work roles, baseline qualifications, and training requirements.” This directive expands and updates the scope of DoD Directive (DoDD) 8570.01, Information Assurance Workforce Improvement Program. However, the DoD 8570.01-M governing the IA workforce certification program is still in effect until new guidelines are issued. DoD 8570 serves, in fact, as both a “Directive” and a “Manual,” whereas, the DoD 8140 is currently just a “Directive” pending a manual to be developed. The current 8570 manual with a number of edits done in August 2015 in response to Directive 8140.01 still serve as a guide that establishes the category and level functions in which personnel are performing their IA duties and applies to all members of the DoD IA workforce including military, civilians, foreign nationals, local nationals, non-appropriated fund (NAF), and contractors.
All professionals with privileged access to US Department of Defense information systems ought to obtain industry certification credentials that have been accredited by the American National Standards Institute (ANSI). The regulations identify the specific individual qualifications mandated by the Directive’s enterprise-wide IA workforce management program, so it is important that even professionals applying for Defense jobs (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by NoelFigart. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/RtJKu-FLUnY/