Bennet, Portman Introduce Amendment to Strengthen Cybersecurity Workforce

Uniform Classifications will Help Recruit Cyber Professionals, Boost Cyber Defense

Washington, DC - U.S. Senators Michael Bennet (D-CO) and Rob Portman (R-OH) today introduced an amendment to the National Defense Authorization Act (NDAA) for Fiscal Year 2016 to bolster the federal government's cybersecurity workforce and strengthen our nation's cyber defense. The Bennet-Portman amendment implements a uniform framework to identify and address cybersecurity personnel shortages and expedite the recruitment of highly-qualified cybersecurity personnel.

"Cybersecurity is a serious national security concern, and we must take significant steps to strengthen our ability to combat attempts by our enemies to infiltrate and attack our IT infrastructure," Bennet said. "The recent hacks of the federal government, U.S. banking institutions, and American corporations remind us that our government needs to be better prepared against cyber threats. This amendment will create a consistent framework for identifying and filling critical cybersecurity positions and is a vital step toward ensuring federal agencies can recruit top cybersecurity talent to help defend against foreign hackers and terrorists."

"The federal government is responsible for securing a vast array of sensitive information and recent hacks highlight the need to improve our ability to protect this critical information," Portman said. "This demands world-class, highly-trained cybersecurity employees in the right places in the federal workforce. This amendment is an important step toward accomplishing that goal."

The provision is based on a bill Bennet and Portman introduced last Congress to improve the cybersecurity workforce across the federal government. As ranking member of the Senate Homeland Security and Government Affairs Committee during the last Congress, Portman successfully secured a narrower version of the bill as an amendment during the Committee's consideration of the Department of Homeland Security Workforce Recruitment and Retention Act, which the Senate passed in September. The Bennet-Portman amendment to the NDAA would apply the same measures to all federal agencies.

Over the past several decades, agencies across the federal government have responded to the increasing threats to federal IT systems and infrastructure by hiring personnel that fill each agency's individual needs. As cybersecurity needs have grown across the government, it has become increasingly clear that there is a need for a uniform system to better educate, recruit, train, develop, and retain a highly-qualified workforce.

The amendment is based on the National Cybersecurity Workforce Framework (Framework) developed by the Commerce Department's National Initiative for Cybersecurity Education (NICE) to provide a common lexicon for cybersecurity work, a uniform classification system for job functions, and specific employment codes. The bill legally requires the federal government to adopt this framework. This common language will allow federal agencies to articulate their cybersecurity personnel needs. Once fully implemented, agencies can share data on open cybersecurity positions to a centralized OPM database, allowing OPM and DHS to identify skill shortages, surpluses, and provide a comprehensive "gap-map" across the federal government.

The Bennet-Portman amendment will formally implement the framework by defining specific tasks, milestones, and timelines for agencies to follow, and directing agencies to assess where their cybersecurity workforces are weakest. The bipartisan proposal will help ensure that federal agencies are meeting key deadlines and reporting to Congress on time.

# # #