Rare bipartisan cooperation is evident in the House with a bill that would create a $10million fund to support cybersecurity education as a response to growing digital threats.
The Cybersecurity Skills Integration Act was introduced by Glenn Thompson (R.PA) and Jim Langevin (D.RI). The bill would provide grants of up to $500,000 per annum from the Department of Education for universities, trade schools, or other institutions that “incorporate cybersecurity education” and train individuals to work in critical infrastructure sector sectors.
According to some estimates, there is a shortage of cybersecurity professionals in the United States. These grants would be added to federal cybersecurity training programs, such as the Cybersecurity and Infrastructure Security Agency and National Security Agency.
The bill was also introduced by Thompson and Langevin in March 2019. It may prove difficult for the Congress to pass it in the lame duck special session. However, the 2019 version of this bill had seven additional co-sponsors. Langevin will be retiring in January from Congress, but he stated that he still hopes that the bill will pass.
Langevin stated that “Protecting our crucial infrastructure from malicious hackers” is a top national security concern. However, it requires a workforce with the right skills. “Now is the right time to increase our investment in cybersecurity and technical education so that we can build the critical infrastructure workforce necessary to meet the 21st century’s challenges.”
Many cybersecurity experts praised this legislation. Some suggested more education in cybersecurity is necessary in the U.S. while others suggested more money.
Federal funding is necessary for cybersecurity training, according to James Hayes (CEO and co-founder Cyber Legends), an online safety platform for children. He stated that $500,000 in annual grants to educational institutions is a crucial time, and “a great beginning.”
Hayes stated that the bill was helpful because it addresses the root cause for America’s massive cybersecurity skills shortage. “We need to change how we recruit, train and develop cybersecurity talent.”
He suggested that cybersecurity training should begin before high school. Hayes stated that this will give our kids a head start in the world of cybersecurity and help fill the gap in attracting youth to cybersecurity jobs.
Amir Tarighat (co-founder and CEO at cybersecurity company Agency) stated that there is a shortage of cybersecurity professionals in America.
Tarighat expressed concern about the quality and availability of cybersecurity education in post-secondary occupational training programs. Tarighat stated that while the bill is a good first step, he would like to see the secretary of education include high-quality standards in the pilot program if the bill moves forward.
The bill would require grant applicants answer questions about how the curriculum and educational materials proposed will be updated in order to address current cybersecurity threats.
Others wondered if there is enough funding to cover the requirements. According to Kall Loper (Vice President of Digital Forensics and Incident Response at Cyderes, a cybersecurity provider, the funding is very small by federal standards.
Loper said that this does not necessarily mean there is no value to the package. It can draw attention the congressional gap in cyber skills training.
Loper stated that the bill should be different from other cybersecurity training programs in order to succeed. Loper noted that the bill’s approach should recognize the contributions of many academic disciplines as well as the role of private businesses in cybersecurity.
He said that the package could be used to provide more security in fields other than traditional cybersecurity disciplines like accounting through audit functions and finance through planning. There are many more.