CySA+: IA levels

Introduction: What is the DoD’s actual cyber-strategy?

In order to execute the national cyber-strategy, the U.S. Department of Defense (DoD) is striving to make its operatives more skilled with specialized training opportunities and by increasing efficiency in recruitment and in the hiring and training of personnel in information assurance (IA) duties. The Information Assurance Workforce Improvement Program describes the expectations of the DoD in terms of required education, certification and management of DoD workforce members carrying out information assurance (IA) duties and was devised to this purpose. Personnel, in fact, must now obtain a credential as required for their position, category/specialty, and level to fulfill the IA baseline certification requirement, soon after hiring, if they do not already possess it.

This effort is summarized by DoD Directive 8140.01, “Cyberspace Workforce Management,” and applies to IT employees who are part of the cyber or IA workforce whether they are in full-time, part-time or even in embedded duty positions. They will be required to be trained and certified to a DoD-approved 8570 baseline certification as required for their position category or specialty and level. 

Basically, DoD has recognized the importance of having a highly qualified and capable cyberspace workforce that is trained and prepared to be assigned responsibilities for managing the DoD cyberspace workforce. The government agency has also identified the importance of industry-recognized credentials as part of the normal background of IT pros who must now earn industry certifications, including the CompTIA CySA+, to qualify for employment and meet the requirements of the level/function they’ll be assigned.

How does CySA+ satisfy the roles that DoD 8570 describes?

CySA+ is ISO/ANSI 17024-accredited and has been endorsed by the U.S. Department of Defense to satisfy the requirements mandated in 8140/8570/8570.01-M. In particular, the DoD had approved CySA+ under (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Daniel Brecht. Read the original post at: