# McCaul, Gardner offer bipartisan, bicameral cybersecurity workforce bill

U.S. Sen. Cory Gardner (R-CO) and U.S. Rep. Michael McCaul (R-TX) on Monday reintroduced bipartisan, bicameral legislation that would provide federal grants to shrink the talent gap in the nation’s cybersecurity workforce.

“As our nation continues to face cyber threats, we must ensure all levels of government are prepared to combat the emerging attacks to our cyber networks and other critical infrastructure,” said Rep. McCaul, co-chair of the House Congressional Cybersecurity Caucus. “I will continue to think holistically about protecting our networks on a federal, state and local level.” 

The State Cyber Resiliency Act, S. 1065/H.R. 2130, would provide government grants to assist states, as well as local and tribal governments, in developing and implementing plans to address cybersecurity threats or vulnerabilities, according to the text of the bill.

S. 1065, sponsored by U.S. Sen. Mark Warner (D-VA), and H.R. 2130, sponsored by U.S. Rep. Derek Kilmer (D-WA), would create and authorize the U.S. Department of Homeland Security (DHS) to run the grant program for states planning to develop, revise or implement cyber resiliency measures — including efforts to identify, detect, protect, respond, and recover from cyber threats, the lawmakers said in an April 8 statement.

“It’s critical that our state and local governments invest in cyber preparedness and training,” Sen. Gardner said. “As the threat of cyber warfare intensifies, it’s important that local governments are properly prepared to deter and protect themselves from cyberattacks.”

Sen. Warner noted that almost 70 percent of states have reported inadequate federal funding to develop sufficient cybersecurity. “This bill will aim to mitigate that need by providing grants to state and local jurisdictions so that they are better prepared to take on these emerging challenges,” he said.

In fact, most states have allocated between zero and three percent of their overall IT budgets for cybersecurity purposes, according to a 2018 biennial cybersecurity study released by Deloitte and the National Association of State Chief Information Officers that found “the magnitude of this threat is rarely matched in attention and funding in state government.”

The study also found that staffing remains another top barrier to states instituting effective cyber strategies, with 28 percent of survey respondents saying there’s an inadequate availability of cybersecurity professionals.

Currently, there are more than 313,000 cybersecurity job openings in the United States, according to CyberSeek, a project supported by the National Initiative for Cybersecurity Education, which is a federal program of the National Institute of Standards and Technology in the U.S. Department of Commerce.

“Despite playing a vital role in protecting our nation against cyberattacks, state governments often do not have the vital resources they need to strengthen their cybersecurity capabilities or retain or recruit seasoned cybersecurity professionals,” Rep. McCaul said.

If enacted, the proposed State Cyber Resiliency Act would address this talent gap by ensuring that participating states enhance recruitment and retention efforts, according to the lawmakers. 

In the past year, according to the Deloitte-NASCIO study, hackers have hit several local governments in states such as Colorado, Georgia, Maryland and Pennsylvania, costing taxpayers millions of dollars and creating chaos on essential local government processes.

“Cyber-attacks could threaten our election systems, municipally owned water treatment facilities, local emergency responder networks, or other vital systems that impact our communities,” Rep. Kilmer said. “With that in mind, building our cyber resiliency matters to employers, workers, local governments, consumers and even to our national security.”

H.R. 2130 has been referred for consideration to both the U.S. House Homeland Security Committee and the U.S. House Transportation and Infrastructure Committee, while S. 1065 is being reviewed by the U.S. Senate Homeland Security and Governmental Affairs Committee.