August 26, 2024 By Josh Nadeau 3 min read

On July 25, 2024, a new form of legislation was introduced by United States Senators Jacky Rose and Marsh Blackburn. This new Senate bill, labeled the Cyber Ready Workforce Act, is intended to add additional financial support through government grants to help create and expand the availability of cybersecurity apprenticeship programs across the country.

This new bill outlines new guidelines for the U.S. Department of Labor when it comes to providing financial support to approved organizations registering new apprenticeships while also tasking them with coordinating between employers and training providers to maximize the efficiency of their programs.

Why was the Cyber Ready Workforce Act created?

Currently, there are over half a million open cybersecurity jobs in the nation. While minor progress has been made in reducing the cybersecurity staffing shortage crisis over the past few years, states like California, Texas and Virginia have tens of thousands of unfilled cybersecurity jobs.

Many of these employment gaps are due to how quickly the cybersecurity landscape has shifted over the last few years. With cyber threats evolving every day, primarily driven by advancements in next-generation technologies, organizations find it much harder to source applicable skills during their recruitment efforts.

According to the Cybersecurity Supply and Demand Heat Map provided by Cyberseek, some of the largest gaps that exist in the sector are centered around oversight and governance, design and development, and protection and defense. For example, between May 2023 and April 2024, there were over 139,000 gaps present in systems authorization skills, over 125,000 gaps in data analysis skills and over 85,000 gaps in vulnerability analysis skills.

The introduction of the Cyber Ready Workforce Act promises to help shift this narrative by making cybersecurity training and certification programs more accessible to everyone.

What are the expectations and requirements for seeking grant approvals?

The Cyber Ready Workforce Act outlines several guidelines on how organizations can seek approval for receiving grants toward cybersecurity apprenticeships. Below is a summary of the guidelines associated.

Build your security skills

Eligible workforce intermediaries

Grant funding will be available to both public and private sector entities that meet the following eligibility:

  • Business or industry organizations
  • Community-based organizations
  • State or local workforce boards
  • Postsecondary education institutions
  • Joint labor-management partnerships
  • Institutions of higher education
  • Nonprofit organizations

It is welcoming news that the recent grant provision has been extended to encompass both public and private sector organizations. According to RAND Corporation, in the private sector, salaries tend to be considerably higher than in the public sector, with a 20-35% average difference and roles like computer and information research scientists being compensated 47% more on average.

This new provision afforded by the Cyber Ready Workforce Act will help provide the financial support necessary for organizations to raise the skillsets of their cybersecurity workforce, helping to close the gap in compensation brackets across multiple roles.

Specific program requirements

The new legislation outlines requirements for the Department of Labor regarding what should be considered grant-worthy program activities. These include:

  • Technical instruction, workplace training and industry-recognized certification in cybersecurity
  • Certifications in CompTIA Network+, CompTIA A+, CompTIA Security+, Microsoft Certified System Administrator, Certified Ethical Hacker or other industry-recognized certifications
  • The encouragement of stackable and portable credentials
  • Training for occupations in computer support, cybersecurity, cloud computing, programming, systems analysis and security

How funds need to be used

Regarding fund allocations, grant approvals will stipulate an 85/15 split, with the majority of funds being used in the planning and executing of apprenticeship programs and a small portion of funds being used for supporting elements.

Below is how this split is defined.

85% of grant funding should be allocated to:

  • Development and technical support for apprenticeship registration and assisting employers
  • Developing curricula and technical instruction in cooperation with local businesses and organizations
  • Providing support services to apprentices, such as career counseling and mentorship and assistance with transportation, housing and childcare

15% of grant funding may be allocated to:

  • Marketing apprenticeships to employers and secondary school administrators
  • Recruiting potential apprentices, including underrepresented populations, youth and veterans
  • Connecting and collaborating with other workforce intermediaries to share best practices and resources

Looking to the future

In support of this new bipartisan legislation, Senator Jacky Rosen (D-NV) stated, “As the cybersecurity industry grows and cyber threats become more common, we need to ensure we have the workforce with the training and skills necessary to fill jobs in this critical sector.”

Referencing the new Senate bill, Rosen also stated that it would “help fill gaps in our cybersecurity workforce through a new grant program that will support Registered Apprenticeships and technical skills training in this field. It’ll open the door to more good-paying, cutting-edge jobs for Nevadans and all Americans, including for those without a college degree.”

More from News

Apple Intelligence raises stakes in privacy and security

3 min read - Apple’s latest innovation, Apple Intelligence, is redefining what’s possible in consumer technology. Integrated into iOS 18.1, iPadOS 18.1 and macOS Sequoia 15.1, this milestone puts advanced artificial intelligence (AI) tools directly in the hands of millions. Beyond being a breakthrough for personal convenience, it represents an enormous economic opportunity. But the bold step into accessible AI comes with critical questions about security, privacy and the risks of real-time decision-making in users’ most private digital spaces.AI in every pocketHaving sophisticated AI…

FYSA – Adobe Cold Fusion Path Traversal Vulnerability

2 min read - Summary Adobe has released a security bulletin (APSB24-107) addressing an arbitrary file system read vulnerability in ColdFusion, a web application server. The vulnerability, identified as CVE-2024-53961, can be exploited to read arbitrary files on the system, potentially leading to unauthorized access and data exposure. Threat Topography Threat Type: Arbitrary File System Read Industries Impacted: Technology, Software, and Web Development Geolocation: Global Environment Impact: Web servers running ColdFusion 2021 and 2023 are vulnerable Overview X-Force Incident Command is monitoring the disclosure…

Ransomware attack on Rhode Island health system exposes data of hundreds of thousands

3 min read - Rhode Island is grappling with the fallout of a significant ransomware attack that has compromised the personal information of hundreds of thousands of residents enrolled in the state’s health and social services programs. Officials confirmed the attack on the RIBridges system—the state’s central platform for benefits like Medicaid and SNAP—after hackers infiltrated the system on December 5, planting malicious software and threatening to release sensitive data unless a ransom is paid. Governor Dan McKee, addressing the media, called the attack…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today