WWAEN Logo
WWAEN
All Certification Guides
DoD 8570 / 8140Defense & Cybersecurity

DoD 8570 / 8140 Cybersecurity Certification

DoD Directive 8570 (now succeeded by the DoD 8140 framework) mandates baseline cybersecurity certifications for anyone performing Information Assurance (IA) work on Department of Defense systems. It is essential for defense aerospace IT and cyber roles.

Issued / Governed By

U.S. Department of Defense (compliance framework); certifications issued by CompTIA, ISC2, ISACA, EC-Council, GIAC

Time to Earn

Varies by certification; 1-6 months of study per credential

Estimated Cost

$370-$760 per certification exam (Security+, CISSP, CISM, etc.)

Who needs this credential?

Defense contractors, military IT/cyber personnel, systems administrators, ISSMs/ISSOs, and anyone with privileged access to DoD networks and aerospace defense systems.

Prerequisites

  • Employment or contract performing IA functions on DoD information systems
  • A qualifying commercial certification mapped to your assigned IAT/IAM/IASAE level
  • For some credentials (e.g., CISSP), documented years of relevant work experience

How to get certified

  1. 1

    Identify your workforce category and level

    Determine whether your role falls under IAT (technical), IAM (management), IASAE (architecture/engineering), or CSSP, and at which level (I, II, or III).

  2. 2

    Select an approved certification

    Choose a credential from the DoD approved baseline list that maps to your category and level (e.g., Security+ for IAT Level II, CISSP for IAT/IAM Level III).

  3. 3

    Study for and pass the certification exam

    Prepare using official courseware, bootcamps, or self-study, then pass the vendor exam at an authorized testing center.

  4. 4

    Maintain compliance and continuing education

    Keep your certification current through Continuing Education Units (CEUs) or renewal exams, and complete required DoD environment/OS certifications for your role.

8570 vs. 8140

DoD 8570.01-M established the original certification mandate. The newer DoD 8140 framework modernizes it and aligns with the NICE Cybersecurity Workforce Framework, but the approved baseline certifications remain the practical compliance target.

Common baseline certifications by level

Your required certification depends on your assigned category and level. Frequently used credentials include:

  • IAT Level I: A+ CE, Network+ CE, SSCP, CCNA-Security
  • IAT Level II: Security+ CE, CySA+, GICSP, SSCP
  • IAT Level III: CISA, CISSP (or Associate), CASP+ CE, GCIH
  • IAM Levels: Security+ CE, CISM, CISSP, CASP+ CE

Why it matters for aerospace defense roles

Aerospace primes and subcontractors working on DoD programs cannot place personnel in IA-coded positions without the appropriate baseline certification. Holding the right credential is often a hard requirement on job postings and contract awards.

Related career roles

Cybersecurity Analyst (Defense)Information Systems Security Officer (ISSO)Systems Administrator (Cleared)Security Control Assessor
Official Resource

Always verify current requirements with the issuing authority before you begin.

DoD Cyber Workforce (DoD 8140)
Find Jobs Requiring ThisExplore Education Programs