A strong and capable cyber workforce is the best way to protect Tennessee
Every day, Americans rely on safe drinking water, food on their tables, and access to emergency services to keep their families and communities healthy and safe.
But these goods and services are not provided. These features of our society are considered critical infrastructure, meaning that our access to them depends on cybersecure information and operational technology.
But the single most important resource for ensuring the security of our critical infrastructure and, by extension, the protection of our way of life has become extremely scarce: our people.
As America faces ever-increasing threats from cybercriminals and insiders, the country needs more people to detect intrusions and respond quickly. Improved hardware and software will certainly help our ability to respond, but these tools are only as good as the people who know how to build and use them.
Cyberattacks have damaged businesses, infrastructure and enterprises
Despite the importance of our people, the United States currently has over 500,000 vacant cybersecurity jobs. More worryingly, 85% of organizations do not believe that cyber skills and education will improve anytime soon.
In a national survey, less than half of cyber professionals felt their organization had the resources to deal with cyberattacks in the near future. This is a major concern, as data breaches caused by cyber harassment increased by more than 70% from 2021 to 2023.
The list of threats to our networks and infrastructure is long and staggering.
The Chinese threat actor ‘Volt Typhoon’ threatened US critical infrastructure for at least five years before it was discovered. Similarly, another Chinese actor, ‘Storm-0558,’ compromised the Microsoft Exchange accounts of US officials in 2023, putting government networks at risk.
Iranian-backed actors have launched heightened attacks on our water sector and the Trump campaign, undermining key US services and sovereignty.
Ransomware attacks are rampant. For example, a hack on the Ascension Health hospital system this year affected patient privacy and even care across the country, including in Nashville, Tennessee. And don’t forget, a ransomware attack on a meatpacking plant in 2021 halted operations at all JBS-owned plants in America.
comment:His ‘Don’t Tread on Me’ hat told me one thing. Another man told me his true story.
Even the recent global IT breach caused by a rogue CrowdStrike update showed the vulnerabilities in the critical infrastructure we rely on every day.
The CyberPIVOTT Act raised cybersecurity workers
To mitigate these growing threats and increase risk visibility across industries and organizations alike, we need strong public-private collaboration to strengthen and develop a new cyber workforce. This is not an easy challenge, but it is one that I am committed to tackling.
Time and time again, partners in the public and private sector have emphasized the need to rethink how we attract, train and retain our people. Indeed, witnesses from across industries have testified to the House Homeland Security Committee that they need more creative ways to educate students and reskill workers in the field, and the requirements of a cyber posture may not be depending on the skills required.
One important solution is to increase the availability of skills-based cyber training outside of a traditional four-year degree.
Embracing the needed shift to skills-based cyber education, I introduced legislation earlier this fall to ensure that the best and brightest cyber professionals at all levels of government have the front lines of America’s cyber frontier.
The Cyber ​​PIVOTT Act would make cyber training and education accessible by establishing a new full-scholarship program for two-year degrees at community colleges and technical schools, which is awarded in exchange for required government service .
The military has used Reserve Officer Training Corps (ROTC) programs for decades to offer individuals who do not have the opportunity to attend a military academy a valuable pathway to begin a life of dedicated military service.
Likewise, the ‘Cyber ​​PIVOTT Act’ would open doors to professionals who wanted to “pivot” into the cybersecurity field without a traditional bachelor’s degree — rewarding and supporting those who use their valuable skills to protect government networks.
Cybercriminals are preying on unprepared Americans
We know there is a growing appetite for these opportunities. According to a 2023 workforce survey, only 31% of new cyber workers said they entered the field with a four-year degree in cybersecurity.
While no single bill or program is going to solve this problem alone, my legislation would create a pipeline for at least 10,000 new professionals to enter the field. To ensure their continued success; the legislation also provides opportunities for reskilling and upskilling as their government service progresses.
During their government service, these professionals become a key resource to the private sector as consultants.
After their government service – whenever they make that transition – they will add valuable experience and knowledge to the private sector. They will be critical to securing our critical infrastructure sectors, from telecommunications and financial services to the energy and agriculture sectors.
Every minute our cyber personnel are prepared to meet the moment that will give malicious cyber criminals the upper hand.
With the PIVOTT Cyber ​​Act, we can focus on the most valuable assets to protect our networks and critical infrastructure: the right people in the right jobs, with the right skills, where our country needs them.
Congressman Mark Green, R-Clarksville, represents 7 Tennesseeth Congressional District in Congress and chairs the House Homeland Security Committee and the House Foreign Affairs Committee.
#Congress #pass #cybersecurity #workforce #legislation