skip to main content

H.R. 3107 (113th): Homeland Security Cybersecurity Boots-on-the-Ground Act


The text of the bill below is as of Sep 17, 2013 (Introduced).


I

113th CONGRESS

1st Session

H. R. 3107

IN THE HOUSE OF REPRESENTATIVES

September 17, 2013

introduced the following bill; which was referred to the Committee on Homeland Security

A BILL

To require the Secretary of Homeland Security to establish cybersecurity occupation classifications, assess the cybersecurity workforce, develop a strategy to address identified gaps in the cybersecurity workforce, and for other purposes.

1.

Short title

This Act may be cited as the Homeland Security Cybersecurity Boots-on-the-Ground Act .

2.

Cybersecurity occupation classifications, workforce assessment, and strategy

(a)

Cybersecurity occupation classifications

(1)

In general

Not later than 90 days after the date of the enactment of this Act, the Secretary of Homeland Security shall develop and issue comprehensive occupation classifications for individuals performing activities in furtherance of the cybersecurity mission of the Department of Homeland Security.

(2)

Applicability

The Secretary of Homeland Security shall ensure that the comprehensive occupation classifications issued under subsection (a) may be used throughout the Department of Homeland Security and are made available to other Federal agencies.

(b)

Cybersecurity workforce assessment

(1)

In general

Not later than 180 days after the date of the enactment of this Act, the Secretary of Homeland Security, acting through the Chief Human Capital Officer and Chief Information Officer of the Department of Homeland Security, shall assess the readiness and capacity of the Department to meet its cybersecurity mission.

(2)

Contents

The assessment required under paragraph (1) shall, at a minimum, include the following:

(A)

Information where cybersecurity positions are located within the Department of Homeland Security, specified in accordance with the cybersecurity occupation classifications issued under subsection (a).

(B)

Information on which cybersecurity positions are—

(i)

performed by—

(I)

permanent full time departmental employees;

(II)

individuals employed by independent contractors; and

(III)

individuals employed by other Federal agencies, including the National Security Agency; and

(ii)

vacant.

(C)

The number of individuals hired by the Department pursuant to the authority granted to the Secretary of Homeland Security in 2009 to permit the Secretary to fill 1,000 cybersecurity positions across the Department over a three-year period, and information on what challenges, if any, were encountered with respect to the implementation of such authority.

(D)

Information on vacancies within the Department’s cybersecurity supervisory workforce, from first line supervisory positions through senior departmental cybersecurity positions.

(E)

Information on the percentage of individuals within each cybersecurity occupation classification who received essential training to perform their jobs, and in cases in which such training is not received, information on what challenges, if any, were encountered with respect to the provision of such training.

(c)

Workforce strategy

(1)

In general

Not later than 180 days after the date of the enactment of this Act, the Secretary of Homeland Security shall develop a comprehensive workforce strategy that enhances the readiness, capacity, training, and recruitment and retention of the cybersecurity workforce of the Department of Homeland Security.

(2)

Contents

The comprehensive workforce strategy developed under paragraph (1) shall include—

(A)

a multiphased recruitment plan; and

(B)

a 10-year projection of Federal workforce needs.

(d)

Information security training

Not later than 270 days after the date of the enactment of this Act, the Secretary of Homeland Security shall establish and maintain a process to verify on an ongoing basis that individuals employed by independent contractors who serve in cybersecurity positions at the Department of Homeland Security receive initial and recurrent information security training comprised of general security awareness training necessary to perform their job functions, and role-based security training that is commensurate with assigned responsibilities. The Secretary shall monitor and maintain documentation to ensure that training provided to an individual under this subsection meets or exceeds requirements for such individual’s job function.

(e)

Updates

Together with the submission to Congress of annual budget requests, the Secretary of Homeland Security shall provide updates regarding the cybersecurity workforce assessment required under subsection (b), information on the progress of carrying out the comprehensive workforce strategy developed under subsection (c), and information on the status of the implementation of the information security training required under subsection (d).

3.

Definition

In this Act, the term cybersecurity mission means activities that encompass the full range of threat reduction, vulnerability reduction, deterrence, incident response, resiliency, and recovery activities to foster the security and stability of cyberspace.