Understanding DoD 8140 and CompTIA certifications | Cyber Work Hacks

[00:00:00] Chris Sienko: Today on Cyborg Hacks, my guest is James Stanger of CompTIA. Now James is steeped in the requirements of the U. S. Department of Defense's 8140 directive 

The whole goal of the 8140 leaders as set by the, uh, the Department of Defense CIO is. All of these people have to be at an unprecedented level of IT and cyber security expertise.

and tells us about some of CompTIA's certs that fall under the 8140 purview 

it changes all the time, but currently eight, uh, certifications that are mapped into 8140

while also providing you with some crucial career mapping skills, especially if you're aiming for a career in the DoD. 

Think about adjacent job roles. For example, if you get security plus, you'll see, I believe it's 20 different job roles that map into security plus. And you're like, well, I don't have 20 different jobs. I have one or maybe three designations. But once you get security plus, then you're like, okay, where can I pivot? That's today on Cyborg Hacks. 

The IT and cybersecurity job market is thriving. The Bureau of Labor Statistics predicts 377, 500 new IT jobs annually. You need skill and hustle to obtain these jobs, of course, but the good news is that cybersecurity professionals can look forward to extremely competitive salaries. That's why InfoSec has leveraged 20 years of industry experience Drawing from multiple sources to give you, cyber work listeners, an analysis of the most popular and top paying industry certifications.

You can use it to navigate your way to a good paying cyber security career. 

So to get your free copy of our cyber security salary guide ebook, just click the link in the description below. It's right there near the top, just below me. You can't miss it. click the link in the description and download our free cyber security salary guide ebook.

Your cyber security journey starts here. 

[00:01:48] Chris Sienko: Welcome to a new episode of Cyberwork Hacks. The purpose of this spinoff of our popular Cyberwork podcast is to take a single fundamental question and give you a quick, clear, and actionable solution and new insights into how to utilize InfoSec products and training to achieve your work and career goals.

So my guest today is James Stanger from CompTIA. That's the Computing Technology Industry Association. has joined me on past episodes of both the main feed and the hack. We talked about. Data plus, we'll talk about cloud plus. You're going to see a couple more hacks with, uh, James coming up real soon here.

So, uh, today our hack is specifically concerning the department of defense's DOD 8140 directive. So 8140 establishes baseline skills and qualifications for anyone wishing to work in the department of defense, uh, as well as the certifications and learning paths they recommend for anyone wishing to work in this space.

So, uh, if you're DOD bounded or you want to be, this is the episode for you. So thanks for joining me, James.

[00:02:39] James Stanger: Anytime man, anytime. It's great to be here to talk about the U. S. DOD 8140 program.

[00:02:44] Chris Sienko: Beautiful. So James, as I said at the top, we're talking about a DOD 8140. Um, could you expand a little bit? Did I, did I get it right? What, what does 8140 all about here?

[00:02:53] James Stanger: You know, it started with the, uh, it was created by the United States Department of Defense. It's called the 8140 program. It takes the place of the old 8570 program that was in existence for 15 years. 8140, uh, started back in, uh, well, a long time ago, but it finally dropped February of 2023. For those who want to, and the idea is that the DOD has been asked.

To give all of its, uh, participants members, you call it what you wish, whether it be a Marine, somebody in the Air Force, Army, Space Force, you get it right? Or contractors to them. The whole goal of the 8140 leaders as set by the, uh, the Department of Defense CIO is. All of these people have to be at an unprecedented level of IT and cyber security expertise.

8140 is really all about things from artificial intelligence through cyber security. 8570 specifically about just information assurance. And so if you, if you're listening to this and you're, and you're like, Oh yeah, I'm an IAT, whatever, or whatever. That's gone. Now. Now it's basically the DCWF job role descriptions and you can be approved or part of three of up to three of those.

And now you have to get either training or certification for that to be compliant.

[00:04:16] Chris Sienko: yeah. Well, to that end, um, yeah, one of the things that DOD 8140 is good at is showing you which certs map to which job roles you might want. So can you talk about some of the CompTIA certs that are approved and matched up to DOD work?

[00:04:28] James Stanger: You bet. We have currently And it changes all the time, but currently eight, uh, certifications that are mapped into 8140, whether it be training or certifications, it has to be, uh, uh, mapped according to the DCWF job roles as set up. And you can go and just Google this. You can type in DoD 8140 marketplace.

Just google that and you'll go to the website. It's run by a company called a view and you can then type in a job role like security analyst or a pen tester or artificial intelligence or technical support and you'll see the job roles come up and then you'll see the approved courses. Eight courses including network plus a plus security plus like you'd expect.

C y s a plus, but also cloud plus. Data plus, uh, Linux plus is on its way. I think it's approved already. Uh, so, uh, more, uh, more on the way. And you'll see that from various entities as well, not just CompTIA. So,

[00:05:24] Chris Sienko: Yeah, absolutely. So yeah, so you, you, you sort of, uh, pointed out some of the career paths that listeners might be considering that would match up well with that. So let's, let's kind of put together a plan here. Do you have any advice or resources for creating learning pathways for DoD career roles?

I mean, you, you said that they kind of walk you through it a little bit about that, but like, what are your suggestions for how to sort of change some of these certs in a way that they can build on each other and make you more work ready? Okay.

[00:05:48] James Stanger: you know, when it comes to implementation, I was just, uh, just yesterday, I was, uh, in Baltimore, uh, talking to a whole gaggle of, of military folks from the air force Marines from everywhere, and I sent them to not, not only the 8140 of DOD marketplace, but there's also, uh, at CompTIA. If you type in CompTIA and 8140, SEO will do the rest and you can get right in to a very nice, uh, single web page that does a nice overview.

And then if you scroll down, you'll see a really cool little, uh, uh, chart and it's better than a chart. It's an actually interactive, uh, little mapping. So you can type in a specific job role or even just use your mouse and click on a specific job role and it maps it right to the certification that you can then take.

So it just, it makes it very simple.

[00:06:33] Chris Sienko: Yeah, that's nice. I like that very much. So, uh, I guess, um, I want to wrap up here just asking if you have any final thoughts or, or advice, because, you know, I, I, we've, we've given you the tools here and, you know, you can, you can see the, the thing happen, but, like, uh, we talked in our, our previous hack about the tech trifecta and about looking, Making sure you're, you're checking out all of your options in terms of like, uh, you know, all the available sort of job types, job roles.

Do you have any advice on sort of preparing your learning journey under the umbrella specifically of DOD

Think about adjacent job roles. For example, if you get security plus, you'll see, I believe it's 20 different job roles that map into security plus. And you're like, well, I don't have 20 different jobs. I have one or maybe three designations. But once you get security plus, then you're like, okay, where can I pivot?

[00:07:22] James Stanger: It's kind of like a hacker, right? Once a hacker gets into a certain spot, they'll start thinking to themselves, okay, where can I go next? You know, what's the horizon of expectation that,

[00:07:31] Chris Sienko: Mm

[00:07:31] James Stanger: you know, where I can go next and think about it that way from, from upskilling yourself. And then you can start saying, well, hey, here's where I can go with CompTIA or with any other entity because it's about, you know, where you want to go

[00:07:43] Chris Sienko: Yeah.

[00:07:43] James Stanger: what your particular, uh, integrator, if you work for an integrator as a contractor, what your integrator needs.

Or, you know, what your particular platoon needs or what your particular, uh, division needs. Right? That's, that's one way to think about it.

[00:07:57] Chris Sienko: Yeah. Fabulous. That's, that's, that's great advice. And that, yeah, I think I'll, I'll, I'll leave folks with that. If, you know, if you like the idea of like, when you're doing a pen test of seeing what, what all the different possibilities are from here, like, you know, take the time to do, do that with your own career as well.

It's, uh, it can be similarly, uh, you know, engaging and you could lock yourself in, you know, five hours doing that and come up with a completely different solution than you expected.

[00:08:18] James Stanger: You bet. I knew one guy who, uh, started, uh, uh, as he was an artillery person. He ran the artillery, right? He noticed that the artillery was running a bunch of embedded Linux. Meaning, you know, In that artillery device, he could tell through the screens that it was Linux. And he decided, well, I'm going to learn more about that.

And that person now does a lot of work with operational technology. Cause that operational technology uses various operating systems, including Linux, that was where he decided to go.

[00:08:44] Chris Sienko: Amazing. Yeah, yeah, absolutely worth, uh, worth exploring. That's, that's great. So thank you, uh, as always for all this great advice, James. I really appreciate your insights today. and thank you all for watching Cyborg Hacks. If you enjoyed this video and felt that it helped you, tell someone about it. A friend, a colleague, your social media connections, anyone you like. Word of mouth is still the best way to make a community like this grow. Uh, and if you haven't, just please subscribe to our podcast feed and our YouTube page. You can go to InfoSec institute.com/podcast to see the full list. You can go to InfoSec institute.com/free to get some, uh, some free resources, uh, or just type cyber work info second, your preferred search engine.

And, and we'll, we'll pop up either way, uh, and sign up for notifications and auto download of episodes because Cyborg Hacks is coming out every other Thursday Now with new bite-sized answers to your questions. Until next time, keep learning, keep developing your skills and have fun. See ya.