So you want to get into Information Technology? Well what do you want to do in IT because there are many different branches of it. I would suggest going into IT security, specifically, Risk Management Framework. It is a very specialized field.
You will need to know the fundamental of IT security. The basics on what goes into securing important data and their hardware. You will also need to have at least a little knowledge of technology and its history. You will need to know a LOT about NIST SP 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems”. You will need to dive into NIST SP 800-53, “Security and Privacy Controls for Federal Information Systems and Organizations”.
Since not many people want to do this work, or even know about it, there is not much competition. They are always looking for qualified people to do it. What you will need is a 4 year degree (preferably in something technical), an IT certification in security (Security+, ISC2 CAP, CISSP, CASP, CISM,CISA) and a lot of knowledge on NIST 800-37.
There are differences between the old DIACAP (being phased out), DoD RMF for IT and NIST RMF. What is “DIACAP”? It stands for Department of Defense Information Assurance Certification & Accreditation Process and it is based on the old DoDI 8510.01 and DoD 8500 documents. The process was designed to make absolutely sure federal systems have security on them.
With the constant exponential evolution of information technology this process has had to change to keep up with the times. DIACAP is being replaced with DoD Risk Management Framework for Information Technology (DoD RMF for IT). This process has more granularity, more detailed, more frequent and covers many new technology that was not covered by DIACAP. DoD RMF for IT is actually based fundamentally on NIST SP 800-37, Risk Management Framework.
AIX 6.1 Ver 1, Rel 22
Apple OS 10.10 Workstation Ver 1, Rel 11
Apple OS 10.8 Workstation Ver 1, Rel 15
Apple OS 10.9 Workstation Ver 1, Rel 12
BlackBerry 10 OS Ver 1, Rel 13
Cisco IOS Ver 1, Rel 13
HP-UX 11.31 Ver 1, Rel 22
MAC OS X 10.6 Ver 1, Rel 22
Oracle Linux 5 Ver 1, Rel 15
Oracle Linux 6 Ver 1, Rel 15
RHEL 5 Ver 1, Rel 22
RHEL 6 Ver 1, Rel 20
Solaris 10 SPARC Ver 1, Rel 22
Solaris 10 x86 Ver 1, Rel 22
Solaris 11 SPARC Ver 1, Rel 15
Solaris 11 x86 Ver 1, Rel 15
Windows 7 Ver 1, Rel 20
Windows 8 and 8-1 Ver 1, Rel 20
Windows 2008 R2 Ver 1, Rel 20
Windows 2008 Ver 1, Rel 20
Windows 10 Ver 1, Rel 6
Windows 2012 and 2012 R2 Ver 1, Rel 18
Windows Vista Ver 1, Rel 20
zOS Ver 6, Rel 27
DISA has approved the signed Cloud Computing Security Requirements Guide v1r2 for public release. The requirements in this SRG become effective immediately except for those CSPs currently being assessed under v1r1. The SRG is available on IASE at:http://iase.disa.mil/cloud_security/Pages/index.aspx
DoD Cloud computing policy and the CC SRG is constantly evolving based on lessons learned with respect to the authorization of Cloud Service Offerings and their use by DoD Components. As such the CC SRG is following an “Agile Policy Development” strategy and will be updated quickly when necessary. In support of this strategy, DISA is offering a continuous public review option by accepting comments on the current version of the CC SRG at any time. Please use the comment matrix posted along with the SRG. We would appreciate it if your comments are limited to critical issues and omissions or recommended coverage topics.