HR 9770 Introduced
Cyber PIVOTT Act
Last month, Rep Green (R,TN) introduced HR 9770, the Providing Individuals Various Opportunities for Technical Training to Build a Skills-Based Cyber Workforce (Cyber PIVOTT) Act of 2024. The bill would require CISA to “establish education and training programs and facilitate internship and post-graduation Federal job opportunities at participating institutions”. No new funding would be authorized by this legislation.
This bill would amend the Homeland Security Act of 2002 by adding a new section: §1334, CISA education and training programs and resources.
Definitions
Section 1334(i) provides definitions of two key terms used in this new section:
PIVOTT Program
Section 1334(a) would require CISA to enter into partnerships with community colleges or technical schools “to establish education and training programs and facilitate internship and post-graduation Federal job opportunities at participating institutions”. CISA would be required to “provide students participating in the Program with full tuition scholarships, including academic fees, lab fees, travel, lodging, per diem, stipends, internship costs, costs associated with virtual participation, certification testing fees, and any other expenses the Director determines necessary to complete any requirement under the Program”.
Students who complete the program would have a 2-year service requirement in a cyber role in the federal government agency or a State, local, Tribal, or territorial government.
CISA would also be required to “establish and update annually a list of existing cyber certification programs developed or offered by entities in the private sector, academia, nonprofits, or other institutions”. CISA would be further authorized to fund “up to three certifications and associated certification examinations per student from such list”.
CISA would be required to ‘seek to enroll’ “not fewer than 250 students for the first full academic year of the Program that begins one year after the date of the enactment of this section”, and have a plan to, within 10-years operation of the program, to have enrolled 10,000 students.
Moving Forward
On September 25th, the House Homeland Security Committee held a business meeting where they considered 21 pieces of legislation, one of which was HR 9770. The bill was amended (not currently available) and ordered to be reported favorably by a vote of 27 to 0. Once a Committee report is published, the bill will be available to be considered by the full House. The strongly bipartisan vote in Committee means that the bill will be brought to the floor under the suspension of the rules process and would be expected to pass with similar bipartisan support.
Commentary
While this bill may appear to be important for increasing the cybersecurity knowledge base of the federal government, it is lacking one major component – funding. The crafters of the bill accept no responsibility for the cost of the new program, leaving it up to the House Appropriations Committee to figure out the funding level necessary to support the new program as well as determining from where the funding will come. Given the Republicans desire to reduce federal spending, and because of how late this bill would be passed in the session (if that can in fact happen) there will almost certainly be no funding for this bill in FY 2025. If the Republicans retain control of the House after November 5th, there would likely be no funding for the legislation through FY 2027. With one of the cosponsors {Rep Guest (R,MS)} on the House Appropriations Committee, this fact is almost certainly understood by the crafters of the bill, making this a posturing bill, not a real attempt to address the cybersecurity staffing issues.