DoD 8570 is a directive that establishes the policies and responsibilities of the Department of Defense (DoD) information assurance, including training, certification, and workforce management.
It is a baseline requirement for authorized users to access DoD IT systems, including contractors and government employees. So, if you want to get into defense, you’ll want to get the appropriate certifications before applying to an open position.
Update: DoD Directive 8140 supersedes the DoD 8570 Directive. The DoD 8570 Compliance and Recognition program is scheduled to end in mid-2025.
Table of Contents
What is the DoD 8570 Directive For?
The goal of the DoD 8570 directive is to drive Information Assurance (IA) personnel, including technicians and managers, to meet the training and certification requirements required for their job functions as they relate to a DoD baseline requirement.
DoD 8570 Approved Baseline Certifications
Since DoD 8570 is a policy, you’ll need a certification to become compliant.
Check out the charts below for the certifications required by level. Only a single certification is required per level, so there is no need to worry about collecting them all to qualify.
| IAT Level I2 | IAT Level II2 | IAT Level III |
|---|---|---|
| A+ CE CCNA-Security CND Network+ CE SSCP | CCNA-Security CySA+ GICSP GSEC Security+ CE CND SSCP | CASP+ CE CCNP Security CISA CISSP (or Associate) GCED GCIH CCSP |
| IAM Level I | IAM Level II | IAM Level III |
|---|---|---|
| CAP CND Cloud+ GSLC Security+ CE HCISPP | CAP CASP+ CE CISM CISSP (or Associate) GSLC CCISO HCISPP | CISM CISSP (or Associate) GSLC CCISO |
| IASAE I | IASAE II | IASAE III |
|---|---|---|
| CASP+ CE CISSP (or Associate) CSSLP | CASP+ CE CISSP (or Associate) CSSLP | CISSP-ISSAP CISSP-ISSEP CCSP |
| CSSP Analyst1, 2 | CSSP Infrastructure Support1 | CSSP Incident Responder1, 2 | CSSP Auditor1 | CSSP Manager1 |
|---|---|---|---|---|
| CEH CFR CCNA Cyber Ops CCNA-Security CySA+ GCIA GCIH GICSP Cloud+ SCYBER PenTest+ | CEH CySA+ GICSP SSCP CHFI CFR Cloud+ CND | CEH CFR CCNA Cyber Ops CCNA-Security CHFI CySA+ GCFA GCIH SCYBER PenTest+ | CEH CySA+ CISA GSNA CFR PenTest | CISM CISSP-ISSMP CCISO |
The most common certifications among DoD IT employees include the CompTIA Network+ CE and CCNA Security.
What is the DoD 8140 Directive?
Like DoD 8570, DoD 8140 is mandated to ensure that government, contracted, and military personnel can perform the required functions in their respective positions.
DoD 8140 is more targeted, with options for development pathways to support operational demands.
What Does DoD Directive 8140 Change?
Since DoD 8570, we have seen the NIST 800-181 NICE Framework and the DoD Defense Cybersecurity Framework, centered around Knowledge, Skills, and Abilities (KSAs) by Workforce Elements. These KSAs provide more detail in DoD8140 than in the previous mapping.
In this NIST statement, DoD 8140.01 Cybersecurity Workforce Management, DoD 8140, simplifies and consolidates by doing the following:
- Reissues and renumbers DoD 8570 to update and expand established DoD policies and assigned responsibilities for managing the DoD cyberspace workforce.
- Authorizes the establishment of a DoD cyberspace workforce management council to ensure that the requirements of this directive are met.
- Unifies the cyberspace workforce and establishes specific elements to align, manage, and standardize work roles, baseline qualifications, and training requirements.
When is DoD 8140 Required?
There are 2 major phases:
- On February 15, 2025, the DoD will require civilian employees and military service members in DCWF work roles under the cybersecurity workforce element to be qualified under DoDM 8140.03.
- On February 15, 2026, all DoD civilian employees and military service members in DCWF roles under the cyberspace IT, cyberspace effects, intelligence (cyberspace), and cyberspace enabler workforce elements qualified under DoDM 8140.03.
For more information on the DoD 8570 Information Assurance (IA) Program Transition to DoD 8140 CWQP, check out the DoD 8140 CYBER WORKFORCE QUALIFICATION PROGRAM (CWQP) document.
