The Department of Defense used DoD 8570.01-M, Information Assurance Workforce Improvement Program as its labor reference code. 8570 mapped required industry level IT certifications to certain job titles. The problem with it was that many within DoD relied too heavily on IT certification. So organizations would end up with lots of “paper tigers”, IT guys with lots of certifications but very little practical experience.
In 2010, the Office of Personnel Management and others involved with the National Initiative for Cybersecurity Education (NICE) recognized issues in the federal government and hiring qualified talent for the cybersecurity workforce.
John Mills, OSD/NII who assisted with the National Cybersecurity Initiative said, “We’re already working on revising 8570. We want to do something that reflects a workforce that is trained and qualified with actual capabilities and competencies and not just a rote exam.” (2010)
According to Cybersecurity panelist Patty Edfors, “There’s a dilution of certifications going on. There are many entities cropping up that have new certifications. And it gets to be one of these: ‘Which one do I choose?’ And it all comes down to: ‘Which one will bring me the biggest salary?’ So, the alignment of the resources and qualifications of the workforce are critical….”
The result of their work was the CyberSecurity Workforce Framework:
But there is no word yet on whether or not this will replace or supplement the old 8570.