Federal employees would receive new training in cybersecurity, and changes would be made in how the government recruits and develops those who specialize in that field, under a bill scheduled for a Senate vote this week.
The bipartisan Cybersecurity Act, a result of a series of congressional hearings, would revise how the government is structured to face threats to electronic information. It would create an interagency National Cybersecurity Council to conduct risk assessments, form a new public-private partnership designed to meet cyberthreats and would consolidate into one center several existing offices of the Department of Homeland Security having responsibilities in that area.
One task of that center would be to improve information sharing among federal agencies, other levels of government and the private sector. In addition, a voluntary program would be offered in which owners of critical infrastructure who follow certain practices would receive benefits such as expedited security clearances for key personnel and protection from liability following an incident, under certain conditions.
The measure orders the Office of Personnel Management to assess the cybersecurity readiness and capacity of the federal workforce and to develop a common language to describe the work and skill requirements of cybersecurity positions. A White House report this year found that lack of a common language among agencies in that area hampers their ability to work with each other.
In addition to the new awareness and education program for all federal employees — which also would apply to employees of government contractors — OPM would have to create a new training program to improve the technical skills and capabilities of government cybersecurity professionals.
The National Science Foundation meanwhile would establish a new scholarship-for-service program to recruit and train cybersecurity professionals.