On Tuesday June 21, 2022, President Biden signed two cybersecurity bills into law. This was a bipartisan effort, with approval from both Democratic and Republican senators and representatives, which shows the importance of improving the United States’ cybersecurity strategies.
These new laws are the Federal Rotational Cyber Workforce Program Act of 2021 and the State and Local Government Cyber Security Act of 2021, per a White House press release.
Federal Rotational Cyber Workforce Program Act of 2021
The Federal Rotation Cyber Workforce Program (bill S. 1097) establishes a rotational cyber workforce program within the Federal Cyber Workforce Strategy, under which certain federal employees may be rotated through cyber positions at other agencies. This strategy along with the National Cyber Strategy and the President’s 2018 Management Agenda “each emphasize that a superior cybersecurity workforce is necessary” according to the CIO.
This is an effort to provide incentives to cyber employees, both new and existing, giving them the opportunity to gain varied experiences across multiple agencies as a way to help combat the current cybersecurity workforce shortage despite the strong industry burnout.
In this program, federal agency heads determine the eligible positions within their respective agency. Terms range in length from 180 days to 1 year, with a potential 60-day extension. Full operational plan and policies will be issued by the Office of Personnel Management. The program’s effectiveness will be assessed by the Government Accountability Office. This is planned to sunset after five years.
State and Local Government Cyber Security Act of 2021
The State and Local Government Cybersecurity Act of 2021 (bill S. 2520) amends the Homeland Security Act of 2002. Specifically, the law now requires the Department of Homeland Security (DHS) to increase collaboration with State, local, Tribal, and territorial governments on cybersecurity issues. This will allow for increased sharing of information and procedures across these groups.
The bill expands DHS responsibilities through grants and cooperative agreements, including provision of assistance and education related to cyber threat indicators, proactive and defensive measures and cybersecurity technologies, cybersecurity risks and vulnerabilities, incident response and management, analysis and warnings.
Congressman Joe Neguse (CO), “introduced the State and Local Government Cybersecurity Act of 2021 in response to a number of local attacks over the past few years”.
These measures are part of the Biden-Harris administration’s mission to make cybersecurity a top priority across all levels of government.