The DoD Cybersecurity Policy Chart


Submitted by: Daryl Haegley Director, Mission Assurance & Cyber Deterrence at the DOD and (CS)²AI Fellow



Original Source: https://www.csiac.org/resources/the-dod-cybersecurity-policy-chart/

By Cyber Security and Information Systems Information Analysis Center (CSIAC)10/13/20

The Cyber Security and Information Systems Information Analysis Center (CSIAC), which is sponsored by the Defense Technical Information Center (DTIC), updated the DoD Cybersecurity Policy Chart on Oct 9, 2020.  Below lists the specific changes in this new version. Other resources available at www.csiac.org

#            Document Name   Change/Justification

1.            Title 14, U.S. Code, Cooperation with Other Agencies     

Replaced with new hyperlink

2.            NIST Special Publication 800-53, Rev. 5, Security and Privacy Controls for Information Systems and Organizations        

Long awaited and very important update, published September 2020, supersedes Rev. 4

3.            CNSSD 507: National Directive for Identity, Credential, and Access Mgmt. Capabilities on the U.S. Federal Secret Fabric       

Provides a minimum set of requirements for Identity, Credential, and Access Management (ICAM) implementation and management that applies to the Federal Secret Fabric. Updated July 7, 2020.

4.            DoD Directive 8140.01, Cyberspace Workforce Management              Published October 5, 2020, superseding the earlier version dated August 11, 2015

5.            DoD Instruction 8531.01, DoD Vulnerability Management              Released on September 15, 2020

6.           DoD Data Strategy                                                                                  The DoD Data Strategy supports the National Defense Strategy and Digital Modernization, published October 9, 2020

7.            DTM 17-007, Ch. 3, Defense Support to Cyber Incident Response                            Change 3 issued May 29, 2020