Lawmakers Look to Improve Cyber Workforce, Especially for Acquisitions
The effort is happening through major Department of Homeland Security reform legislation recently introduced in the House and a supply-chain bill that just cleared committee in the Senate.
Leaders of the House and Senate committees on Homeland Security are focused on improving security through the acquisitions process by reforming the department and investing in workforce training.
The Department of Homeland Security reform legislation comes from Rep. Bennie Thompson, D-Miss., chairman of the House Homeland Security Committee. He introduced it amid partisan fights over immigration that threatened to undermine the Cybersecurity and Infrastructure Security Agency, which enjoys bipartisan support on its own. After a Republican senator blocked Senate confirmation of CISA director Jen Easterly because of disagreements about the administration’s approach to the southern border, former CISA director Chris Krebs was among those suggesting the agency should be split from DHS.
“Some have embraced the notion that DHS must be dismantled, but that is not the answer,” Thompson said during a hearing on the reform legislation Thursday. “Instead, we must reform DHS to enhance accountability and transparency, earn Americans’ trust, and improve workforce morale.”
The bill deals broadly with creating more oversight opportunities for actions like deploying law enforcement units in response to racial justice protests across the country this summer and addressing low morale in the department, which has ranked last in federal employee surveys since 2010, according to witnesses testifying before the committee.
But the bill is huge, and among its provisions is one that would designate the undersecretary of management as the chief acquisitions officer for the department. That individual would, among other things, ensure that each major acquisitions program has operational requirements. The chief acquisitions officer would also coordinate matters relating to DHS-wide technology acquisitions with the under secretary for science and technology. And an Office of Test and Evaluation would be authorized to “ensure complete reviews of operational requirements; and complete independent testing and evaluation of technologies throughout development.”
The Office of the Chief Information Officer would also have new responsibilities, including the production of a report on department-wide software licenses, flagging current use and future needs.
But all of this is reliant on a savvy workforce, and the DHS reform bill also aims to track the performance of a new Cyber Talent Management System it’s working to implement with annual reporting to Congress.
In the Senate, the Committee on Homeland Security and Governmental Affairs unanimously approved legislation Wednesday that would task the General Services Administration—together with DHS, the Defense Department and the Office of Management and Budget—with creating a training program for federal officials responsible for managing supply chain risks.
“Recent attacks against American networks show that our foreign adversaries and criminal organizations will stop at nothing to breach federal networks, steal information and compromise our national security,” said Committee Chairman Gary Peters, D-Mich., on introducing the bipartisan bill. “Federal employees need to know how to recognize possible threats when they are purchasing software and equipment that could allow bad actors a back door into government information systems. This bill will help strengthen national security by safeguarding against cybersecurity vulnerabilities and other threats posed by the technology our government uses.”