Light Dark
August 26, 2024 By Josh Nadeau 3 min read
News

On July 25, 2024, a new form of legislation was introduced by United States Senators Jacky Rose and Marsh Blackburn. This new Senate bill, labeled the Cyber Ready Workforce Act, is intended to add additional financial support through government grants to help create and expand the availability of cybersecurity apprenticeship programs across the country.

This new bill outlines new guidelines for the U.S. Department of Labor when it comes to providing financial support to approved organizations registering new apprenticeships while also tasking them with coordinating between employers and training providers to maximize the efficiency of their programs.

Why was the Cyber Ready Workforce Act created?

Currently, there are over half a million open cybersecurity jobs in the nation. While minor progress has been made in reducing the cybersecurity staffing shortage crisis over the past few years, states like California, Texas and Virginia have tens of thousands of unfilled cybersecurity jobs.

Many of these employment gaps are due to how quickly the cybersecurity landscape has shifted over the last few years. With cyber threats evolving every day, primarily driven by advancements in next-generation technologies, organizations find it much harder to source applicable skills during their recruitment efforts.

According to the Cybersecurity Supply and Demand Heat Map provided by Cyberseek, some of the largest gaps that exist in the sector are centered around oversight and governance, design and development, and protection and defense. For example, between May 2023 and April 2024, there were over 139,000 gaps present in systems authorization skills, over 125,000 gaps in data analysis skills and over 85,000 gaps in vulnerability analysis skills.

The introduction of the Cyber Ready Workforce Act promises to help shift this narrative by making cybersecurity training and certification programs more accessible to everyone.

What are the expectations and requirements for seeking grant approvals?

The Cyber Ready Workforce Act outlines several guidelines on how organizations can seek approval for receiving grants toward cybersecurity apprenticeships. Below is a summary of the guidelines associated.

Build your security skills

Eligible workforce intermediaries

Grant funding will be available to both public and private sector entities that meet the following eligibility:

  • Business or industry organizations
  • Community-based organizations
  • State or local workforce boards
  • Postsecondary education institutions
  • Joint labor-management partnerships
  • Institutions of higher education
  • Nonprofit organizations

It is welcoming news that the recent grant provision has been extended to encompass both public and private sector organizations. According to RAND Corporation, in the private sector, salaries tend to be considerably higher than in the public sector, with a 20-35% average difference and roles like computer and information research scientists being compensated 47% more on average.

This new provision afforded by the Cyber Ready Workforce Act will help provide the financial support necessary for organizations to raise the skillsets of their cybersecurity workforce, helping to close the gap in compensation brackets across multiple roles.

Specific program requirements

The new legislation outlines requirements for the Department of Labor regarding what should be considered grant-worthy program activities. These include:

  • Technical instruction, workplace training and industry-recognized certification in cybersecurity
  • Certifications in CompTIA Network+, CompTIA A+, CompTIA Security+, Microsoft Certified System Administrator, Certified Ethical Hacker or other industry-recognized certifications
  • The encouragement of stackable and portable credentials
  • Training for occupations in computer support, cybersecurity, cloud computing, programming, systems analysis and security

How funds need to be used

Regarding fund allocations, grant approvals will stipulate an 85/15 split, with the majority of funds being used in the planning and executing of apprenticeship programs and a small portion of funds being used for supporting elements.

Below is how this split is defined.

85% of grant funding should be allocated to:

  • Development and technical support for apprenticeship registration and assisting employers
  • Developing curricula and technical instruction in cooperation with local businesses and organizations
  • Providing support services to apprentices, such as career counseling and mentorship and assistance with transportation, housing and childcare

15% of grant funding may be allocated to:

  • Marketing apprenticeships to employers and secondary school administrators
  • Recruiting potential apprentices, including underrepresented populations, youth and veterans
  • Connecting and collaborating with other workforce intermediaries to share best practices and resources

Looking to the future

In support of this new bipartisan legislation, Senator Jacky Rosen (D-NV) stated, “As the cybersecurity industry grows and cyber threats become more common, we need to ensure we have the workforce with the training and skills necessary to fill jobs in this critical sector.”

Referencing the new Senate bill, Rosen also stated that it would “help fill gaps in our cybersecurity workforce through a new grant program that will support Registered Apprenticeships and technical skills training in this field. It’ll open the door to more good-paying, cutting-edge jobs for Nevadans and all Americans, including for those without a college degree.”

 |  |  |  | 
Josh Nadeau
Cybersecurity Writer

More from News
November 18, 2024

Research finds 56% increase in active ransomware groups

4 min read - Any good news is welcomed when evaluating cyber crime trends year-over-year. Over the last two years, IBM’s Threat Index Reports have provided some minor reprieve in this area by showing a gradual decline in the prevalence of ransomware attacks — now accounting for only 17% of all cybersecurity incidents compared to 21% in 2021. Unfortunately, it’s too early to know if this trendline will continue. A recent report released by Searchlight Cyber shows that there has been a 56% increase in…

November 4, 2024

Cyberattack on American Water: A warning to critical infrastructure

3 min read - American Water, the largest publicly traded United States water and wastewater utility, recently experienced a cybersecurity incident that forced the company to disconnect key systems, including its customer billing platform. As the company’s investigation continues, there are growing concerns about the vulnerabilities that persist in the water sector, which has increasingly become a target for cyberattacks. The breach is a stark reminder of the critical infrastructure risks that have long plagued the industry. While the water utility has confirmed that…

October 28, 2024

CISA and FBI release secure by design alert on cross-site scripting 

3 min read - CISA and the FBI are increasingly focusing on proactive cybersecurity and cyber resilience measures. Conjointly, the agencies recently released a new Secure by Design alert aimed at eliminating cross-site Scripting (XSS) vulnerabilities, which have long been exploited to compromise both data and user trust. Cross-site scripting vulnerabilities occur when a web application improperly handles user input, allowing attackers to inject malicious scripts into web pages that are then executed by unsuspecting users. These vulnerabilities are dangerous because they don't attack…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature