DoDD 8570.01-m
Cybersecurity Certifications & Requirements
Today’s world is fast moving, connected, and highly-contested. In the face of cyberspace warfare by the most capable adversaries, the Department of Defense must ensure dependable mission execution. To offensively and defensively defend our network, our information systems, and our data in order to protect a wide range of critical services, we must have a knowledgeable and skilled DoD Cyberspace Workforce that can adapt to the dynamic cyber environment and adjust resources to meet mission requirements.
6 Main Goals of DoD 8570.01-m
Develop the DoD cybersecurity workforce to enhance protection and availability of DoD information, information systems and networks
Establish baseline technical and management skills for cybersecurity functions across the enterprise
Provide war fighters with qualified cybersecurity personnel
4 Job Categories of DoD 8570.01-m
Information Assurance Technical (IAT) – technical positions, such as security administrators
Information Assurance Management (IAM) – management positions, such as security managers
Information Assurance Security Architecture and Engineering (IASAE) – higher-level positions, such as security engineers and security architects
3 Skill Levels of DoD 8570.01-m
Computing Environment: At this level, DoD 8570.01-m requires an IT certification such as CompTIA A+ because it focuses on help desk support for the computing environment.
Network and Advanced Computer: DoD 8570.01-m level 2 jobs require an IT certification such as CompTIA Security+ because it focuses on securing networks.
Enclave/Advanced Network and Computer: Level 3 job within DoD 8570.01-m require IT certifications such as CompTIA Advanced Security Practitioner (CASP+) because it covers advanced networking skills.
DoD 8570.01-m-Approved Certifications
At the time of this writing, DoD Directive 8140 continues to use 8570.01-m to identify the requirements. DoD 8570.01-m is still in use and actively managed by the DoD. A DoD 8140 manual is expected to be released in the next year.
According to the manual, “the 8570.01-m certification programs are intended to produce cybersecurity personnel with a baseline understanding of the fundamental cybersecurity principles and practices related to the functions of their assigned position. Each category, specialty and skill level has specific certification requirements that must be provided by the Department of Defense to government employees (military or civilian).”
Information Assurance Technician - IAT
IAT Level I
IAT Level II
IAT Level III
Information Assurance Management - IAM
IAM Level I
IAM Level II
IAM Level III
Information Assurance Systems Architect and Engineer - IASAE
IASAE I
IASAE II
IASAE III
Cyber Security Service Provider - CSSP
CSSP Analyst
CSSP Infrastructure Support
CSSP Incident Responder
CSSP Auditor
CSSP Manager
The above table provides a list of DoD approved IA baseline certifications aligned to each category and level of the IA Workforce. Personnel performing IA functions must obtain one of the certifications required for their position, category/specialty and level to fulfill the IA baseline certification requirement. Most IA levels within a category or specialty have more than one approved certification and a certification may apply to more than one level.
​
An individual needs to obtain only one of the “approved certifications”; for his or her IA category or specialty and level to meet the minimum requirement. For example, an individual in an IAT Level II position could obtain any one of the four certifications listed in the IAT Level II cell.
Higher level IAT and IAM certifications satisfy lower level requirements. Certifications listed in Level II or III cells can be used to qualify for Level I. However, Level I certifications cannot be used for Level II or III unless the certification is also listed in the Level II or III cell. For example:
​
-
The A+ or Network+ certification qualify only for Technical Level I and cannot be used for Technical Level II positions.
-
The System Security Certified Practitioner (SSCP) certification qualifies for both Technical Level I and Technical Level II. If the individual holding this certification moved from an IAT Level I to an IAT Level II position, he or she would not have to take a new certification.
Higher level CCSP and IASAE certifications do not satisfy lower level requirements
Chauster Upskilling Solutions provides an invaluable resource for professionals seeking to meet the certification requirements mandated by the Department of Defense Directive 8570.01-m. As this directive specifies various levels of proficiency needed for Information Assurance (IA) roles, Chauster offers targeted training programs designed to prepare individuals for the certifications necessary to fill these roles. Their courses are tailored to align with the specific competencies and technical knowledge required by the DoD, covering areas such as cybersecurity, information assurance management, and technical support. By integrating practical, real-world scenarios into their curriculum, Chauster ensures that participants not only gain the required certifications but also develop the skills essential for effective performance in their IA duties.
Moreover, Chauster Upskilling Solutions understands the ongoing nature of professional development in the cybersecurity field. To this end, they provide continuous learning opportunities and resources to help professionals stay current with evolving IA standards and technologies. Their approach includes access to the latest learning materials, workshops conducted by industry experts, and support for hands-on experience through simulated environments and real cybersecurity projects. This comprehensive support system not only aids professionals in initially achieving DoD 8570.01-m compliance but also supports their career progression and adaptation to new challenges and changes within the field of cybersecurity.
