Proposal for a federal cyber training institute study passes key Senate committee
It’s one among several cybersecurity workforce-focused bills on the Hill this Congress.
A bipartisan bill requiring the National Cyber Director to look into the establishment of an institute to serve as a centralized resource for training cybersecurity feds got one step closer to becoming legislation when it advanced out of a key Senate committee last week.
Sens. Mike Rounds, R-S.D., and Jon Ossoff, D-Ga., introduced the Federal Cyber Workforce Training Act of 2024 early last month. Last week, it passed through the Homeland Security and Governmental Affairs Committee with only one nay vote, from the committee’s top Republican, Rand Paul, R-Ky.
The potential of an institute, the law's backers say, is that it could provide early and mid-career feds up- and re-skilling training specific to their jobs. It could also potentially give HR employees training specific to hiring cybersecurity personnel.
Those in entry-level positions would see special attention from any potential institute, per the bill, as would curriculum meant to help workers looking to jump to mid-career positions.
The White House’s Office of the National Cyber Director would have 180 days to deliver a public plan for such an institute, including where it might be housed in the government and what resources, funding and authorities it would need.
“Cybersecurity is involved in every aspect of the federal government and continues to rapidly evolve,” said Rounds. “We can’t simply keep up with this evolution, we must be ahead of the curve. Being proactive in training our federal cyber workforce will help the United States bolster cybersecurity across all agencies of the federal government.”
The bill doesn’t currently have a House companion.
The idea of an institute was included in a 2022 report on cyber workforce from the offshoot of the congressionally-chartered Cyberspace Solarium Commission, CSC 2.0. A centralized training organization could help agencies prep early-career hires, the report argues.
Other cyber workforce bills await passage
The cyber institute legislation is one of several bills focused on the cybersecurity workforce that various lawmakers are still pushing to get passed during this Congress.
HSGAC also advanced another bipartisan proposal to prohibit minimum educational requirements in government contracts last week.
Eliminating those requirements from cyber jobs in contracts specifically has been a focus of the National Cyber Director already. It’s meant to open up the industry — which has a notoriously tight labor market — to individuals who may have the skills for a cyber career, but typically have been blocked from working in the government space.
The House version of that bill — called the Allowing Contractors to Choose Employees for Select Skills Act — failed to pass the lower chamber when put to a vote two weeks ago. The language of the two bills have some technical differences in wording.
A different, bipartisan proposal meant to limit the use of educational requirements in government hiring of cyber workers, meanwhile, passed the House in October.
Some lawmakers have also been pushing for a measure to require a study on the potential of an independent Cyber Force branch to be included in Congress’ annual, must-pass National Defense Authorization Act. It made it into the House-passed version, and senators have also made efforts at including the measure in their version of the NDAA, according to reporting by The Record.
Among the other cyber workforce proposals that various lawmakers are still looking to get passed is a bipartisan bill to set up a cybersecurity apprenticeship program for the government and a pilot cyber training program for veterans. HSGAC advanced the bill last fall, and it has been introduced in the House as well.
There’s also a bipartisan House bill to create a grant program for cyber curriculum in career and technical training programs for critical infrastructure sectors specifically. Another bipartisan, bicameral bill would set up a Labor Department grant program for cyber apprenticeships.
A group of 30-plus House Democrats are also backing a proposal to require the Cybersecurity and Infrastructure Agency to conduct cyber workforce opportunity outreach to underprivileged communities. And, finally, a different, bipartisan House bill would set up a grant program to fund cyber clinics at community colleges and minority-serving institutions.
The Biden administration has also been in on the action, pitching lawmakers on new authorities and flexibilities for hiring and paying cyber feds — although the ideas haven’t seen much action on the Hill so far.