Will DoD 8140 Replace DoD 8570?

no-more-dod-8570.jpg

 

Will Department of Defense (DoD) Directive 8140 replace DoDD 8570?

Yes.

 

 

When will DoD 8140 take effect?

It is already in effect, but has simply adopted the DoD 8570 Approved Baseline Certifications at this time.

Why Change from 8570 to 8140?

National Cybersecurity Workforce Framework. Source: https://niccs.us-cert.gov/training/tc/framework

National Cybersecurity Workforce Framework. Source: https://niccs.us-cert.gov/training/tc/framework

DoD 8140 is designed to be more flexible and inclusive than DoD 8570. DoD 8140 includes initiatives such as NIST NICE (National Initiative for Cybersecurity Education), which identifies critical KSAs (Knowledge, Skills, and Abilities) and places cybersecurity positions into 7 categories (1. Security Provision, 2. Operate & Maintain, 3. Protect & Defend, 4. Analyze, 5. Operate & Collect, 6. Oversight & Development, and 7. Investigate) consisting of 31 specialty areas.

Background on status of DoD 8140 vs dod 8570

DoD 8570 is both a "Directive" and a "Manual".  DoD 8140 is currently just a "Directive".  A DoD Directive establishes policy, assigns responsibility, and delegates authority, but it does not contain any procedures. A DoD Manual implements or supplements a directive and contains the procedures.

When people state they must be compliant with "DoD 8570" they are referring to the both the DoDD (Directive) and the DoDM (Manual).

Here's a summary:

DoD Directives vs DoD Manuals

Changes added to DoD 8570.01-M to change applicability to DoDD 8140.01

Changes added to DoD 8570.01-M to change applicability to DoDD 8140.01

What are the current DoD 8570 / DoD 8140 approved baseline certifications?

DoD Approved 8570 Baseline Certifications. Source: http://iase.disa.mil/iawip/Pages/iabaseline.aspx

DoD Approved 8570 Baseline Certifications. Source: http://iase.disa.mil/iawip/Pages/iabaseline.aspx