CySA+: DoDD 8570 overview [updated 2021]
CompTIA’s Cyber Security Analyst, or CySA+, certification has recently been approved by the United States Department of Defense to serve as a baseline certification for DoDD 8570 jobs. This is a noteworthy change to the approved baseline certifications, reflecting recent changes in the information security landscape at large.
This article will detail DoDD 8570, how CySA+ fits into the big picture, the different job categories CySA+ applies to and the benefits associated with CySA+ as it relates to the DoDD 8571 sphere. For anyone looking to apply the CySA+ certification to a career with the United States Department of Defense, this article will serve as a guide for how you can use it to help you along in your career choice.
What is CySA+?
CySA+ certifies that the certification holder can proficiently apply behavioral analytics to improve an organization’s overall IT security. This is the only intermediate-level cybersecurity workforce certification and provides a stepping-stone to the more advanced CASP certification.
In October of 2018, the United States Department of Defense approved CySA+ to be one of the approved baseline certifications necessary to work a job covered by DoDD 8570.
What is DoDD 8570?
Department of Defense Directive 8570, or DoDD 8570, is the framework to train and certify a qualified Information Assurance (IA) workforce for the United States Department of Defense. The focus of this directive is a sustained, professional IA workforce that has the knowledge and skills to avoid attacks against DoD assets such as information, information systems and information infrastructures.
The end goal is to have the right personnel with the right skills and knowledge in the right place at the right time. You know what they say about life — timing is everything, and DoDD 8570 seeks to give the advantage of timing to the United States Department of Defense.
It should be noted that baseline certifications represent the minimum level of knowledge and skill required for an information security professional to work the United States Department of Defense. These jobs may be different from the intermediate cybersecurity analyst jobs that normally hire CySA+ certification holders, so prospective personnel will have to adjust as needed for their respective job.
How CySA+ applies to DoDD 8570
As referred to earlier, the approval of CySA+ as a baseline certification means that information security professionals can qualify to apply for five categories of IA jobs for the United States Department of Defense. There are five categories of jobs that CySA+ can be used as a baseline certification for:
- Cyber Security Service Provider (CSSP) Analyst
- CSSP Incident Responder
- CSSP Incident Support
- CSSP Auditor
- Information Assurance Technician (IAT) Level II
Further information about DoDD 8570’s approved baseline certifications can be found here.
Benefits of CySA+ with regard to DoDD 8570
The recent approval of CySA+ as a baseline approval is not by accident — CySA+ offers some significant benefits to the DoDD 8570 program. These benefits are presented below.
Cutting-edge cybersecurity skills
One of the greatest benefits of adding CySA+ is the high level of cutting-edge cybersecurity skills that it certifies. CySA+ is the first baseline certification to cover the concept of security analytics.
This newer approach to cybersecurity uses data analysis to the end of improved intrusion detection and better overall information security. Adding certifications in response to changes in information security is part of the mission of DoDD 8570, and it seems CySA+ was no exception to this.
Firewalls and antivirus software are the traditional go-tos for enterprise information security, especially for networks. In recent years, the “bad guys” have taken some different approaches with their attacks, necessitating new cybersecurity tools. CySA+ covers three main tool categories:
- Packet capture tools
- Intrusion detection systems
- Security Information and Event Management systems (SIEM)
Certifies a real world-ready skill set
Another major benefit of CySA+ is that the skill set is ready to be used in the real world. In fact, this certification has already given a solid return on investment: it helped the Department of Defense better configure the SIEM system used in the Joint Regional Security Stacks project.
In that case, the DoD was receiving too many alerts, and any information security professional knows that an excessive number of alerts without being able to narrow them down is almost pointless. Engineers equipped with the knowledge and skills covered by CySA+ were able to reduce the number of alerts per sensor to 200 alerts per day.
Configuration best practices
The advent of IDS and SIEM systems has added a need to cover the best practices in configuring these systems. These systems normally generate too many alerts to be of much value, but by using a combination of pre-existing and custom rules, an organization can whittle down the number of alerts it receives to a number that is both manageable and incredibly insightful.
DoDD 8570 is a framework that sets out the baseline amount of skills and knowledge required for information assurance jobs under the United States Department of Defense. As new approaches to technology emerge, DoDD 8570 responds by adding new certifications that cover these new skill sets.
CySA+ was approved in 2018 in response to changes in cybersecurity attacks in recent years and offers the necessary expertise to deal with this change in the information security landscape. Those looking to work as a cybersecurity analyst for the United States Department of Defense may want to consider adding this certification to their career path.
- DoD Approves CompTIA Cybersecurity Analyst: Why It Matters, CompTIA
- Roadmap to Success: DOD 8570 and 8140 Compliance, CBT Nuggets
- CompTIA CySA+, CompTIA