• Skip to main content
  • Skip to primary sidebar

ConvoCourses

Cyber Security Compliance and IT Jobs

  • Cyber Security Training
  • about me.
  • Information Assurance Jobs
  • Log in

workforce

Convocourses Cybersecurity Workforce

September 6, 2020 by cyberaware2 Leave a Comment

Here is what you need to know about the Cybersecurity workforce.

Audio ONLY:
http://www.nist80037rmf.com/wp-content/uploads/2020/09/Cybersecurity-Convocourses-the-cybersecurity-work-force.mp3

http://www.nist80037rmf.com/wp-content/uploads/2020/09/Cybersecurity-Convocourses-the-cybersecurity-work-force.mp3

Podcast: Play in new window | Download

Subscribe: Google Podcasts | Pandora | iHeartRadio | Stitcher | TuneIn | Deezer | RSS

Filed Under: convocourses, cyberspace workforce, podcast Tagged With: 8140, 8570, cyberspace workforce, workforce

Cybersecurity IT convocourses Why IT and some jobs (podcast)

April 17, 2020 by cyberaware2 Leave a Comment

In this podcast we talk about Why information technology is incredible to get into:
1) Future: It is the future and continues to grow
2) Remote / telework ability
3) Pay higher than average

The video:

The audio:

http://www.nist80037rmf.com/wp-content/uploads/2020/04/Cybersecurity-IT-convocourses_-Why-IT-and-some-jobs_3.mp3

Podcast: Play in new window | Download

Subscribe: Google Podcasts | Pandora | iHeartRadio | Stitcher | TuneIn | Deezer | RSS

Filed Under: podcast, Risk Management For DoD IT Tagged With: cybersecurity, podcast, workforce

DoDD Cyberspace Workforce Management 11 Aug 2015

September 23, 2015 by Bruce Brown Leave a Comment

The Department of Defense finally released the Directive for Cyberspace workforce management on 11 Aug 2015.  This means that the DODI (instruction) is not far behind.  The instruction will be more in the weeds.  It is where the “magic happens”.  Directives are very high level policy that gives instructions their power to exist.

Cyberspace Workforce Management – http://www.dtic.mil/whs/directives/corres/pdf/814001_2015_dodd.pdf

The Cyberspace Workforce Management directive does the following:

  • Reissues and renumbers DoD Directive (DoDD) 8570.01 (Reference (a)) to update and expand established policies and assigned responsibilities for managing the DoD cyberspace workforce.
  • Authorizes establishment of a DoD cyberspace workforce management council to ensure that the requirements of this directive are met.
  • Unifies the overall cyberspace workforce and establishes specific workforce elements (cyberspace effects, cybersecurity, and cyberspace information technology (IT)) to align, manage and standardize cyberspace work roles, baseline qualifications, and training requirements.

Cyberspace Workforce Applies to:

  • Office of the Secretary of Defense (OSD)
  • Military Departments (Army, Navy, Air Force, Marines)
  • Office of the Chairman of the Joint Chiefs of Staff (CJCS) and the Joint Staff
  • Combatant Commands
  • Office of the Inspector General of the Department of Defense (IG DoD)
  • Defense Agencies
  • Field Activities
  • DoD Components

It is DoD policy does the following:

  • Maintains a total force management perspective to provide qualified cyberspace government civilian and military personnel to identified and authorized positions, augmented where appropriate by contracted services support. These personnel function as an integrated workforce with complementary skill sets to provide an agile, flexible response to DoD requirements.
  • [Make sure] the appropriate mix of military and government civilian positions and contracted support designated to perform cyberspace work roles is determined in accordance with DoD Instruction (DoDI) 1100.22 (Reference (b))
  • Civilian, military, and contracted support personnel assigned to perform cyberspace work roles must meet qualification standards established in supporting issuances, in addition to other existing workforce qualification and training requirements assigned to billets and position requirements (e.g., acquisition, intelligence, communications).
  • DoD Component compliance with this directive is monitored via authoritative manpower and personnel systems as an element of mission readiness and as a management review item.
  • Nothing in this directive replaces or infringes the responsibilities, functions, or authorities of the DoD Component heads or other OSD officials as prescribed by law or Executive order, assigned in chartering DoDDs, or detailed in other DoD policy issuances or, as applicable, in Director of National Intelligence policy issuances.
  • All authorized users of DoD IT receive initial cybersecurity and information assurance awareness orientation as a condition of access, and thereafter must complete annual cybersecurity and information assurance refresher awareness.

8570_to_8140_01_2015_dodd

Filed Under: cyberspace workforce, Risk Management For DoD IT Tagged With: 8140, 8570, cyber workforce, cyberwork, dodd 8140, dodd 8140 cyberspace workforce, workforce

National Cybersecurity Workforce Framework (Workforce Framework) Version 2.0

April 23, 2015 by Bruce Brown Leave a Comment

National Cybersecurity Workforce Framework (Workforce Framework) Version 1 has been replaced with Version 2.0.  The change was for adherence to the OPM Guide to Data Element Standards(link is external).

If you did not know the purpose of the National Cybersecurity Workforce:

The National Cybersecurity Workforce Framework (Workforce Framework) Version 2.0 is the foundation for increasing the size and capability of the US cybersecurity workforce. It can help solve some of the key cybersecurity workforce challenges. The Workforce Framework is a national resource for employers, trainers, and policy makers, providing a common cybersecurity lexicon. Creating uniformity in the field is critical to its organization and development and the Workforce Framework aims to categorize the different types of cybersecurity work.–http://niccs.us-cert.gov

“Oversight and Development” of NICE framework version 1 has become “Oversee & Govern” in version 2.  I noticed that version 2 also includes Risk Management type positions listed under Oversee and Govern:

Risk Management – Oversees, evaluates, and supports the documentation, validation, and accreditation processes necessary to ensure new and existing information technology (IT) systems meet the organization’s information assurance (IA) and security requirements. Ensures appropriate treatment of risk, compliance, and monitoring assurance from internal and external perspectives.


Workforce Framework Category Graphic

 

Filed Under: Risk Management For DoD IT Tagged With: 8140, Cybersecurity workforce, workforce

Primary Sidebar

search


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book


This book is an overview of how the NIST SP 800-37 risk management framework works from the perspective of an information system security officer (ISSO).

also available on Amazon!

View Book

NIST RMF 800-37 templates
Free 800-37 templates

The NIST 800 Template download contains a .doc file template and xls templates for POAMs, Federal, State, cloud based and a legacy template as well as resources where you can find more on NIST 800-37 documents for your use.

View Book

Learn to Make 6 Figures in CyberSecurity

RMF ISSO Foundations Training
RMF ISSO Foundations Training

RMF ISSO Foundations

I was an Information System Security Officer (ISSO) doing Risk Management Framework (NIST SP 800-37) for over a decade. I am a Cybersecurity veteran and I can explain (in plain English) what you DO in the Risk Management Framework process as an ISSO.

View Course

NIST SP 800-37 Presentation
NIST SP 800-37 Presentation

View Course

login

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Posts

  • Convocourses Podcast: Plan of Action and Milestone
  • Start with These IT Certifications (Part 1)
  • How to Tailor Security Controls in NIST 800
  • #cybersecurityjobs are recession proof
  • What IT Certifications for Information Security (part 2) (8140)

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Comments

  • http://Www.Finance.Ipt.Pw/ on SRG/STIG Applicability Guide and Collection Tool Update
  • Elsa7 on ConvoCourses podcast: Cyber Security day to day activity
  • Tony on STIG Update – DISA has released the Microsoft SQL Server 2016 STIG Version 1
  • horloge on SCAP Compliance Checker SCC)
  • 218 Information assurance Success Criteria – ITSECURITYSURVIVAL.COM on Information Assurance Vulnerability Alert

Tags

8140 8570 ArcSight c&a CISSP convocourses cyber cybersecurity cyber security DIACAP DIARMF diarmf - implement disa DISA STIG dodd 8140 dodd 8140 cyberspace workforce IA implement implementation info assurance information assurance information security ISSO IT it jobs it jobs in usa job jobs Linux mcafee network nist nist risk management framework nist risk management framework 800-37 podcast risk risk assessment risk management risk management framework rmf security STIG stigs unix windows


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book

Copyright © 2023 · Author Pro on Genesis Framework · WordPress · Log in