***(ISC)2 Lunch and Learn***
DoDDs 8570 and 8140:
Comparison and Contrast
Security Analyst, Tata Consultancy Services
Information Assurance Engineer, GISA-E
DoDDs 8140 and 8570: Rules of the Road
In December 2005, DoDD 8570 was established to address the concern of unqualified workers repeatedly taking up cybersecurity positions. It spelled out rules for qualifying and managing personnel identified as part of the IA workforce.
In August 2015, DoDD 8140 superseded 8570 response to the need to recognize that cybersecurity included a broader range of activities and responsibilities. It defined a DoD Cybersecurity Workforce, broadening the focus from IA to cyber effects, cybersecurity, cyber information technology (IT), and intelligence (cyber).
Both 8570 and 8140 were inended to align, manage and standardize IT and cyberspace work roles, baseline qualifications and training requirements.
Please join us for a brief overview of each directive and a discussion on how they apply to indivdiual members of the US Federal CyberSecurity Workforce.
About our speakers:
Richard LeBlanc was a Field Artillery Automated Tactical Data System Specialist (13D) for 15 years with the US Army prior to becoming a Cyber Network Defender (25D) in 2017. After retiring from Active Duty in 2022, he transitioned to the private sector and joined a team that works to indentify and remediate vulnerabilities on legacy systems. Lines of effort include continued maintenance of vendor unsupported systems and preparing them for transition to a hybrid solution.
Daniel Cornwell got his start in IT/Information Assurance back in 2012 when he was Active Duty with the US Air Force. While on Active Duty, he worked within many different areas of IT including Cybersecurity, Combat Communications and Information Assurance. Since separating, he has worked as a DoD contractor with the US Navy, US Air Force, US Army as well as several different customers within the Intelligence Community. He has his Bachelor's Degree in Information Systems Security w/ a concentration in Enterprise Security and holds several different IT Certifications including CASP, ITIL and MCSE.