IN THE SENATE OF THE UNITED STATES
March 28, 2017
Mr. Kaine (for himself, Mr. Wicker, and Mrs. Murray) introduced the following bill; which was read twice and referred to the Committee on Commerce, Science, and Transportation
To support meeting our Nation’s growing cybersecurity workforce needs by expanding the cybersecurity education pipeline.
This Act may be cited as the
Cyber Scholarship Opportunities Act of 2017.
Congress finds the following:
A well-trained workforce is essential to meeting the Nation’s growing cybersecurity needs.
A 2015 report by the National Academy of Public Administration found that the United States faces a severe shortage of properly trained and equipped cybersecurity professionals.
A 2015 study of the information security workforce found that the information security workforce shortfall is widening.
The National Science Foundation’s CyberCorps: Scholarship-for-Service program is a successful effort to support capacity building in institutions of higher education and scholarships for students to pursue cybersecurity careers.
Sense of Congress
It is the sense of Congress that—
given the current need for cybersecurity professionals in the public and private sectors, Congress and the Federal Government should support existing programs to boost their success;
the Federal Government should also build upon and develop existing programs to meet emerging challenges, such as the need to protect critical infrastructure and the greater need for cybersecurity professionals of various skill levels;
there is a need for greater engagement with students at the kindergarten through grade 12 level to recruit young people to pursue career paths in cybersecurity;
many community colleges offer degrees or industry-recognized credentials in cybersecurity and related fields that prepare students to fill high-demand cybersecurity jobs, and the Federal Government should support programs at 2-year institutions of higher education that help students develop skills necessary to support the Nation’s cybersecurity missions; and
the Federal Government should expand existing programs to support re-training mid-career individuals, such as veterans of the Armed Forces, to fill cybersecurity positions.
Federal Cyber Scholarship-for-Service program
Section 302 of the Cybersecurity Enhancement Act of 2014 (15 U.S.C. 7442) is amended—
in subsection (a), by adding at the end the following:
Not less than 5 percent of scholarships provided under this section shall be provided to eligible students who are pursuing an associate's degree in a cybersecurity field without the intent of transferring to a bachelor’s degree program and either have a bachelor's degree already or are veterans of the Armed Forces.;
in subsection (d), by adding at the end the following:
In the case of a scholarship recipient who is pursuing a doctoral or master's degree, such agreement may include (if determined appropriate on a case-by-case basis by the Director of the National Science Foundation) an agreement for the recipient to work at an institution of higher education or for a local educational agency teaching cybersecurity skills for a period equal to the length of the scholarship following receipt of such degree.;
in subsection (f)—
by striking paragraph (3) and inserting the following:
have demonstrated a high level of competency in relevant knowledge, skills, and abilities, as described in the national cybersecurity awareness and education program under section 401;
by striking paragraph (4) and inserting the following:
be a student in an eligible degree program at a qualified institution of higher education, as determined by the Director of the National Science Foundation, who is—
a full-time student; or
a student who is enrolled for study leading to a degree on a less than full-time basis but not less than half-time basis; and
by striking subsection (m) and inserting the following:
Evaluation and report
The Director of the National Science Foundation shall evaluate and make public, in a manner that protects the personally identifiable information of scholarship recipients, information on the success of recruiting individuals for scholarships under this section and on hiring and retaining those individuals in the public sector workforce, including on—
where students are placed;
student salary ranges for students not released from obligations under this section;
how long after graduation they are placed;
how long they stay in the positions they enter upon graduation;
how many students are released from obligations; and
what (if any) remedial training needs are required.
The Director of the National Science Foundation shall submit reports to Congress under paragraph (1) not less often than once every 5 years.
by adding at the end the following:
The Director of the National Science Foundation shall work with the Director of the Office of Personnel Management to provide adequate resources to the CyberCorps community in the form of an online resource center, where all other relevant websites will be consolidated or eliminated, if possible. To the extent applicable, such websites shall—
present up-to-date, accurate information about existing scholarship programs and job opportunities;
present a modernized view of cybersecurity careers;
improve user friendliness; and
allow prospective job applicants to search positions by State, salary, and title.
The Director of the National Science Foundation shall work with the Director of the Office of Personnel Management and State, local, and tribal agencies to advertise cybersecurity positions to scholarship recipients under this section, such as by hosting, in coordination with such office and agencies, a virtual job fair for scholarship recipients.
Cybersecurity at kindergarten through grade 12 level
The Director of the National Science Foundation, in coordination with other Federal agencies as necessary, shall carry out a program to grow and improve cybersecurity education at the kindergarten through grade 12 level that—
increases interest in cybersecurity careers;
helps students practice correct and safe online behavior and understand the foundational principles of cybersecurity; and
improves teaching methods for delivering cybersecurity content for kindergarten through grade 12 computer science curricula.
Critical infrastructure protection
Due to the need for skilled cybersecurity professionals to protect the Nation’s critical infrastructure, the Director of the National Science Foundation may—
grant exceptions to students for fulfilling post-award employment obligations under this section (on a case-by-case basis and in coordination with other Federal agencies) who agree to work in a critical infrastructure mission at a Federal Government corporation or a State, local, or tribal government-affiliated asset, system, or network that is considered to be part of a critical infrastructure sector as described in Presidential Policy Directive–21, issued February 12, 2013 (related to critical infrastructure security and resilience), or any successor; and
develop a pilot program to enhance critical infrastructure protection training for students pursuing careers in cybersecurity.
The Director of the National Science Foundation, in coordination with the Director of the Office of Personnel Management, shall assess the potential benefits and feasibility of granting scholarship awards under this section to students who do not possess a bachelor’s degree to pursue an associate's degree or an industry-recognized credential in a cybersecurity field.