Exclusive: House Homeland Security chair releases, pushes forth cyber workforce bill

House Homeland Security Chairman Mark Green, R-Tenn., is introducing and seeking to advance a bill this week to address his top legislative priority: strengthening the cybersecurity workforce.

The bill — full details of which CyberScoop is first reporting — would create an Reserve Officer Training Corps (ROTC)-like program housed within the Cybersecurity and Infrastructure Security Agency, where students at community colleges and technical schools would get scholarships in exchange for two years of service in federal, state, local, tribal or territorial government cyber gigs, according to a committee aide. It would seek to get 250 students involved in its first year but eventually expand up to 10,000.

It’s aimed at students who, for whatever reason, don’t fit well into four-year college programs or people who are looking to change careers. It looks to address one of the most persistent problems in the cyber world: the stubborn gap between available openings in the United States and the number of people willing to fill them, a gap that currently sits at an estimated nearly 500,000 jobs.

Besides the ROTC component of the bill, dubbed “Providing Individuals Various Opportunities for Technical Training to Build a Skills-Based Cyber Workforce Act of 2024,’’ or PIVOTT Act for short, it would also require participants to complete a minimum of four skills-based tasks, such as engaging in a hackathon or tabletop exercise. It also directs CISA to kick off the cumbersome security clearance process for participants early — no later than one year before a student is set to complete the program.

“Time and again, I have heard that we need fresh thinking about the ways we attract, train, and retain our people, and that our approach must increase the accessibility of skills-based cyber training outside of a traditional four-year degree,” Green said in a written statement about his cybersecurity discussions across industry and government. “Amid rising attacks against our federal civilian networks from cyber adversaries like China, Iran, and Russia, it has never been more important to ensure all levels of government have the best and brightest cyber professionals on the frontlines.”

Green is planning to have his full committee mark up the bill Wednesday. Despite the issue’s relatively nonpartisan status, the bill arrives somewhat late in an election year, which typically has fewer legislative days than a non-election year. If it doesn’t make it through Congress and to the president’s desk before the year ends, it would have to start anew next year.

“We find it really important to advance this conversation,” the aide said. “This was Chairman Green’s no. 1 priority. And so whatever we can do to move the needle forward, we want to make sure that we are moving this process.”

The aide said the panel doesn’t view the bill as competing with existing cyber workforce programs, like Cyber Corps, or other cyber talent legislation, like a bill the Senate Homeland Security and Governmental Affairs Committee approved in July which tasks the national cyber director with coming up with a plan to create a centralized resource and training center for federal cybersecurity workforce development.

“We view our bill as complimentary,” the aide said. “We were not trying to completely reinvent the wheel. As you see, a lot of this is using existing resources and putting them together in a more creative way.”

CISA’s preexisting relationships with industry and other partners is one thing the legislation strives to take advantage of. The House Homeland Security Committee has primary jurisdiction over CISA.

In seeking to capitalize on potential cyber talent that isn’t right for a four-year degree, the legislation echoes a broader push. National Cyber Director Harry Coker, Jr. has worked with other government agencies to ease four-year college requirements for certain agency and federal contracting jobs.

Coker also wants to see what else community colleges can provide to the cyber workforce.

“We’ve gone across the country to various communities, community colleges, and have seen a number of best practices, but how do we scale that?” Coker asked at a forum Monday hosted by USTelecom.

After 250 students in the first year, CISA would at minimum double the number of participants each year thereafter until it reaches 1,000 students, according to the bill. CISA would also need to develop a plan to expand it up to 10,000 participants.

There’s no dollar amount attached to the measure yet, which would require appropriators deciding to dedicate any cash to the program.

“We are waiting for estimates, and we know this might take additional resources, but we do recognize that people are our first line of defense, and we need to invest in them, and we find it to be that important,” the aide said.

Confirmed co-sponsors as of Monday evening include Transportation and Maritime Security Chairman Carlos Gimenez, R-Fla., and Mike Ezell, R-Miss. 

Federal News Network earlier reported some elements of the bill.