Bill ensures federal agencies have skilled, trained workforce to combat cyber threats

WASHUNGTON, D.C. – U.S. Senators Rob Portman (R-Ohio) and Michael Bennet (D-CO) have included a bipartisan provision to strengthen federal cybersecurity in the Cybersecurity Information Sharing Act (CISA). The measure will implement a consistent framework for identifying cyber-related positions and recruiting qualified personnel across the federal government.

“Recent hacks have exposed the need to improve the federal government’s ability to protect sensitive information and infrastructure,” Portman stated. “To keep us secure, we need world-class, highly-trained cybersecurity employees in the right places in the federal workforce. Our bill takes important steps towards accomplishing that goal. I am pleased that it is included in the Cybersecurity Information Sharing Act before the Senate today, and I urge my colleagues to pass it quickly.”

“The federal government’s cybersecurity is vital to the safety, finances, and privacy of every single Coloradan and American,” Bennet said. “Technology is advancing exponentially, yet federal agencies aren’t keeping pace. These provisions will help ensure the government implements a uniform system to identify its cybersecurity needs and vulnerabilities and hire highly-trained personnel to effectively combat these evolving threats.”

Over the past several decades, agencies across the federal government have established individual hiring processes and approaches to manage federal IT systems and infrastructure. As cybersecurity threats have increased across the government, it has become increasingly clear a uniform system to better educate, recruit, train, develop, and retain a highly-qualified workforce is essential. In 2011, the Government Accountability Office (GAO) reported on the significant challenges federal agencies face to determine the size and composition of their cybersecurity workforce because of the wide variations in how the work and workforce is defined.

The National Institute for Science and Technology (NIST), the Department of Homeland Security (DHS), and the Office of Personnel Management (OPM) together launched the National Initiative for Cybersecurity Education (NICE), which is working to uniformly classify cybersecurity job functions. This new framework will help agencies assess their current workforce to identify skill shortages, and provide a comprehensive look at the cybersecurity workforce across the entire federal government.

The provision will help move the initiative forward by defining specific tasks, milestones, and timelines for agencies to follow, and directing agencies to assess where their cybersecurity workforces are weakest. The bipartisan proposal will help ensure that the necessary federal departments and agencies are meeting key deadlines and reporting to Congress on time.

This provision follows on a narrower measure Portman and Bennet passed as an amendment to the Department of Homeland Security Workforce Recruitment and Retention Act that extended these security reforms to the Department of Homeland Security.

Staff report