The Department of Defense finally released the Directive for Cyberspace workforce management on 11 Aug 2015. This means that the DODI (instruction) is not far behind. The instruction will be more in the weeds. It is where the “magic happens”. Directives are very high level policy that gives instructions their power to exist.
Cyberspace Workforce Management – http://www.dtic.mil/whs/directives/corres/pdf/814001_2015_dodd.pdf
The Cyberspace Workforce Management directive does the following:
- Reissues and renumbers DoD Directive (DoDD) 8570.01 (Reference (a)) to update and expand established policies and assigned responsibilities for managing the DoD cyberspace workforce.
- Authorizes establishment of a DoD cyberspace workforce management council to ensure that the requirements of this directive are met.
- Unifies the overall cyberspace workforce and establishes specific workforce elements (cyberspace effects, cybersecurity, and cyberspace information technology (IT)) to align, manage and standardize cyberspace work roles, baseline qualifications, and training requirements.
Cyberspace Workforce Applies to:
- Office of the Secretary of Defense (OSD)
- Military Departments (Army, Navy, Air Force, Marines)
- Office of the Chairman of the Joint Chiefs of Staff (CJCS) and the Joint Staff
- Combatant Commands
- Office of the Inspector General of the Department of Defense (IG DoD)
- Defense Agencies
- Field Activities
- DoD Components
It is DoD policy does the following:
- Maintains a total force management perspective to provide qualified cyberspace government civilian and military personnel to identified and authorized positions, augmented where appropriate by contracted services support. These personnel function as an integrated workforce with complementary skill sets to provide an agile, flexible response to DoD requirements.
- [Make sure] the appropriate mix of military and government civilian positions and contracted support designated to perform cyberspace work roles is determined in accordance with DoD Instruction (DoDI) 1100.22 (Reference (b))
- Civilian, military, and contracted support personnel assigned to perform cyberspace work roles must meet qualification standards established in supporting issuances, in addition to other existing workforce qualification and training requirements assigned to billets and position requirements (e.g., acquisition, intelligence, communications).
- DoD Component compliance with this directive is monitored via authoritative manpower and personnel systems as an element of mission readiness and as a management review item.
- Nothing in this directive replaces or infringes the responsibilities, functions, or authorities of the DoD Component heads or other OSD officials as prescribed by law or Executive order, assigned in chartering DoDDs, or detailed in other DoD policy issuances or, as applicable, in Director of National Intelligence policy issuances.
- All authorized users of DoD IT receive initial cybersecurity and information assurance awareness orientation as a condition of access, and thereafter must complete annual cybersecurity and information assurance refresher awareness.