CompTIA, CEH Certs Added to DoD 8750
A pair of well-known certifications were recently added to the U.S. Department of Defense (DoD) Direct 8140/8570.01-M. This move opens new pathways for IT professionals who are interested in lucrative careers within the U.S. defense industry or the many private contractors that serve the department. It also makes holders of these certificates more attractive to organizations across the board.
The 8570.01-M directive provides guidance for the DoD's Information Assurance (IA) workforce by outlining a common understanding of the concepts, principles, and applications of IA for each category, specialty, level, and function to enhance protection and availability of DoD information, information systems, and networks.
Essentially, it's a benchmark that lays out standards for IT professionals within the DoD's purview. Because these networks commonly contain sensitive data, this framework outlines strict controls and requires high levels of competency.
By demonstrably meeting DoD standards, the CompTIA Cloud+ and EC-Council CND certifications now gain greater clout within the IT community at large. This move further solidifies the significance of passing these challenging exams — and makes certified individuals even more valuable, regardless of whether an employer involves itself with the DoD.
Both these certifications have a heavy emphasis on cybersecurity. As global trends continue to show the vital importance that security plays in the digital age, we can expect to see analogous moves to promote education in the field. Likewise, this makes it a safe bet for professionals who want to further their careers.
CompTIA Cloud+ (CV0-002)
The Cloud+ certification exam (CV0-002) reflects the growing importance of cloud computing for today's organizations. It covers topics such as cloud deployment, cloud management, and migration — and, most crucially, cloud security. Professionals need an in-depth understanding of encryption standards, certificate and key management, tunnel protocols, access control technologies for cloud computing models, and how to automate continuous improvement within organizational cybersecurity postures.
This certificate joins five other CompTIA certifications listed within DoD 8140/8570.01-M: A+, Network+, Security+, Cybersecurity Analyst (CySA+), and CompTIA Advanced Security Practitioner (CASP).
Moreover, the DoD approved Cloud+ for the following workforce categories: information assurance manager level I (IAM I), cybersecurity service provider analyst (CSSP-A), and CSSP infrastructure support (CSSP-IS). Note the focus on security for these three roles, which shouldn't be surprising. This move comes alongside the news that CompTIA Cloud+ is also compliant with ISO 17024 standards.
Ultimately, this demonstrates that the DoD, just like most other enterprises, is undergoing a seismic shift in its IT infrastructure. The future is the cloud. As organizations become increasingly aware of the benefits that centralized cloud computing brings to the table, we're seeing a corresponding rise in demand for qualified professionals.
That's why we care about certifications like Cloud+. These badges of honor show that IT pros have what it takes to meet organizational needs as they become more reliant on cloud computing.
Certified Network Defender (CND)
The Certified Network Defender (CND) by EC-Council focuses on training network administrators in protecting, detecting, and responding to threats on their network. This lab-intensive certification program derives from a job-task analysis and cybersecurity education framework by the National Initiative of Cybersecurity Education (NICE).
Essentially, the CND is for blue-team operations. These professionals defend IT systems against attacks by combining up-to-date knowledge of the threat landscape with best practices and network hardening techniques. As systems operation center (SOC) teams expand and take on more responsibilities, these network defenders will continue to be in high demand.
EC-Council's CND joins Directive 8570 alongside a variety of other EC-Council certifications. These include the Certified Ethical Hacker (CEH), the organization's most famous offering that focuses on red-team, offensive tactics. Other DoD-approved certifications include the Computer Hacking Forensic Investigator (CHF) and Certified Chief Information Security Officer (CCISO) programs.
After almost two years of job role assessment and independent review, the DoD workforce categories that list CND are as follows: information assurance technical level I (IAT I), IAT level II, (IAT II), information assurance manager level I (IAM I), and cybersecurity service provider infrastructure support (CSSP-IS). Note that both IAM I and CSSP-IS list both CND and Cloud+.
As the American military further recognizes the risk that state-sponsored advanced persistent threats (APTs) pose to our networks and national interests, they've continued to ramp up support for defensive operations. Approving the CND is a step that provides a clear pathway for IT professionals who want to defend their country in cyberspace.
The main takeaway is that cybersecurity is more important now than ever before. The pace of technological acceleration continues to rise, as we see massive adoption of everything from cloud tech to IoT, and these innovations inherently bring novel vulnerabilities.
At the same time, there's a growing awareness about the threat of cyber warfare among governments around the world. As a global leader under the constant pressure of cyberattacks, the DoD wants to further solidify its security measures, while still reaping the benefits of technologies like cloud computing.
By adding these two certifications to DoD 8570.01-M, the Department of Defense has sent a clear message to IT professionals: we need more cybersecurity experts — and we need to ensure that they have the tools for the job.