WASHINGTON, DC — Today, the House of Representatives passed the Cybersecurity Enhancement Act, which included amendments from Congresswoman Carol Shea-Porter. Shea-Porter, who spoke on the House floor, offered two amendments, one which will help retain skilled cybersecurity personnel and a second that will add veteran status for consideration for the Federal Cyber Scholarship for Service. Both amendments passed by voice vote.
“As our financial institutions and security agencies become increasingly dependent on information technology, it is critical that we have skilled professionals who can thwart emerging cyber threats,” said Congresswoman Shea-Porter. “My amendment will help us retain the professionals we have invested our tax dollars in and will provide them with the tools they need to prevent future cyber attacks.”
The Congresswoman’s first amendment would extend the service obligation for recipients of cybersecurity scholarships on a sliding scale. These degree programs represent serious investments, as does obtaining a security clearance. This is an investment by the taxpayers, and Shea-Porter’s amendment would allow the federal government to recover it through an extension of service.
Shea-Porter’s other amendment would add veteran status as an additional item for consideration when selecting individuals for the Federal Cyber Scholarship for Service.
“Our veterans who have served our country so admirably should have access to every opportunity,” said Congresswoman Shea-Porter. “This common sense amendment makes sure that their service is taken into consideration when being selected for the Federal Cyber Scholarship for Service.”
The Cybersecurity Enhancement Act has received wide, bipartisan support and has been endorsed by numerous organizations, including the U.S. Chamber of Commerce, Business Software Alliance, Software and Information Industry Association, National Cable and Telecommunications Association, U.S. Telecom, TechAmerica, and Computing Research Association.
Following are highlights of some of the bill’s key provisions.
Coordinating and Prioritizing Federal Cybersecurity R&D Activities
· Requires the National Science Foundation (NSF), National Institute of Standards and Technology (NIST), and other key federal agencies to develop, update and implement a strategic plan for federal cybersecurity research and development (R&D) activities.
· Requires that the strategic plan be based on an assessment of cybersecurity risk, that it specify and prioritize near-term, mid-term and long-term research objectives, and that it describe how the near-term objectives complement R&D occurring in the private sector.
· Requires the agencies to describe how they will promote innovation, foster technology transfer, and maintain a national infrastructure for the development of secure, reliable, and resilient networking and information technology systems.
Developing a Skilled Cybersecurity Workforce
· Formally authorizes the NSF Scholarship for Service program, which is designed to ensure a highly-qualified cybersecurity workforce in the federal government. The program provides grants to institutions of higher education for the award of scholarships to students pursuing undergraduate and graduate degrees in cybersecurity fields and requires subsequent service as a cybersecurity professional in the federal government as a condition of the scholarship.
· Requires the President to issue a report assessing the current and future cybersecurity workforce needs of the federal government.
· Reauthorizes key NSF workforce programs, including NSF graduate student fellowships and NSF graduate student traineeships in cybersecurity.
· Requires NSF to establish a postdoctoral fellowship program in cybersecurity.
Promoting Public-Private Partnerships in Cybersecurity
· Establishes a university-industry task force to explore mechanisms and models for carrying out public-private research partnerships in the area of cybersecurity.
Promoting a Cybersecurity Awareness and Education Program
· Requires NIST to develop and implement a cybersecurity awareness and education program for the dissemination of user-friendly cybersecurity best practices for the general public.
International Cybersecurity Technical Standards
· Requires NIST to develop and implement a plan to coordinate U.S. representation in the development of international cybersecurity technical standards.