HR 6524 Introduced
CISA Cybersecurity Apprenticeship Programs
Last month, Rep Houlahan (D,PA) introduced HR 6524 , the Federal Cybersecurity Workforce Expansion Act. The bill would require CISA to establish an apprenticeship program that would lead to cybersecurity related employment with CISA or other Federal entity. The bill would also require the Veterans Administration to establish a pilot program providing cyber-specific training for eligible individuals. There is no funding authorized in the legislation.
This bill is very similar to S 2256 [removed from paywall], introduced in the Senate on July 12th, 2023, and recently reported in the Senate. While there are many editorial differences between the two bills, the major difference is that the Senate bill (as introduced) is a standalone act, whereas this legislation would add a new section to the Homeland Security Act of 2002 (§2220F). Where the Senate bill would have to be codified as a note to an existing USC section, this bill would become a new section in 6 USC. This makes finding codified language much easier.
Definitions
Subsection (a) of the new §2220F provides the definitions of 16 key terms used in the bill. While all of these definitions are important to the meaning of the bill, there is only one close to technical term included: “cybersecurity work roles”, which is defined by reference to NIST document (SP 800–181).
Apprenticeship Program
Subsection (b) would allow CISA to establish one or more cybersecurity apprenticeship programs. These programs would lead to employment with either CISA or a company or other entity that contributes to national cybersecurity and receives most of its funding through a contract, grant, or cooperative agreement with CISA.
The apprenticeship program would be:
Focused on competencies and related learning necessary to meet the immediate and ongoing needs of cybersecurity work roles at the Agency, and
Registered with and approved by the Office of Apprenticeship of the Department of Labor or a State apprenticeship agency under the National Apprenticeship Act (29 USC 50 et seq.).
CISA would be allowed to establish an apprenticeship program by entering into a contract or cooperative agreement with or making a grant to an eligible entity. If CISA does use an outside entity to run an apprenticeship program, subsection (g) allows CISA to give priority to entities that:
Are a member of an industry or sector partnership,
Provide related instruction for an existing apprenticeship program,
Work with the Secretary of Defense, the Secretary of Veterans Affairs, or veterans organizations to transition members of the Armed Forces and veterans to apprenticeship programs in a relevant sector, or
Plan to use the grant to carry out the apprenticeship program with an entity that receives State funding or is operated by a State agency.
VA Apprenticeship Program
Section 4 of the bill would separately require the Veterans Administration to “establish a pilot program under which the Secretary shall provide cyber-specific training for eligible individuals.” While CISA is given significant leeway in the administration of their §2220F program described above, subsection (c) outlines the specific elements required of the VA effort:
Virtual platforms for coursework and training,
Hands-on skills labs and assessments,
Federal work-based learning opportunities and programs, and
The provision of portable credentials to eligible individuals who graduate from the pilot program.
Cyber Related Work Roles
Section 5 of the bill would amend §304(a) of the Federal Cybersecurity Workforce Assessment Act of 2015 (5 U.S.C. 301 note) to extend the termination of the “Identification of cyber-related work roles of critical need” program outlined in that section from ‘2022’ to ‘2025’. No funding was provided in the original Act and none is added here.
Moving Forward
Neither Houlahan, nor any of her four cosponsors, are members of the House Homeland Security Committee to which this bill was assigned for primary consideration. This means that there would probably not be sufficient influence to see this bill considered in Committee. I see nothing in the bill that would engender any organized opposition. I suspect that there may be sufficient bipartisan support that the legislation could move to the floor under the suspension of the rules process.
Commentary
The lack of funding authorization in HR 6524 removes a possible source of opposition to the bill from the fiscal conservatives in the House. Unfortunately, it would also mean that any spending on these apprenticeship programs would have to come out of existing CISA budget authorizations. This effectively limits the size and number of apprenticeship programs that CISA could operate. It would also make it easy for CISA to decide to opt out of any new apprenticeship program.