Introduced:
Feb 5, 2025
Policy Area:
Government Operations and Politics
Congress.gov:
Bill Statistics
9
Actions
12
Cosponsors
0
Summaries
9
Subjects
1
Text Versions
Yes
Full Text
AI Summary
AI Summary
No AI Summary Available
Click the button above to generate an AI-powered summary of this bill using Claude.
The summary will analyze the bill's key provisions, impact, and implementation details.
Error generating summary
Latest Action
Sep 8, 2025
at 7:03 PM
ASSUMING FIRST SPONSORSHIP - Mrs. Biggs (SC) asked unanimous consent that she may hereafter be considered as the first sponsor of H.R. 1000, a bill originally introduced by Representative Green (TN), for the purpose of adding cosponsors and requesting reprintings pursuant to clause 7 of rule XII. Agreed to without objection.
Actions (9)
ASSUMING FIRST SPONSORSHIP - Mrs. Biggs (SC) asked unanimous consent that she may hereafter be considered as the first sponsor of H.R. 1000, a bill originally introduced by Representative Green (TN), for the purpose of adding cosponsors and requesting reprintings pursuant to clause 7 of rule XII. Agreed to without objection.
Type: Floor
| Source: House floor actions
| Code: H8D000
Sep 8, 2025
7:03 PM
7:03 PM
Ordered to be Reported by the Yeas and Nays: 17 - 8.
Type: Committee
| Source: House committee actions
| Code: H19000
Feb 26, 2025
Committee Consideration and Mark-up Session Held
Type: Committee
| Source: House committee actions
| Code: H15001
Feb 26, 2025
Subcommittee on Cybersecurity and Infrastructure Protection Discharged
Type: Committee
| Source: House committee actions
| Code: H25000
Feb 26, 2025
Referred to the Subcommittee on Cybersecurity and Infrastructure Protection.
Type: Committee
| Source: House committee actions
| Code: H11000
Feb 5, 2025
Referred to the Committee on Homeland Security, and in addition to the Committee on Education and Workforce, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
Type: IntroReferral
| Source: House floor actions
| Code: H11100
Feb 5, 2025
Referred to the Committee on Homeland Security, and in addition to the Committee on Education and Workforce, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
Type: IntroReferral
| Source: House floor actions
| Code: H11100
Feb 5, 2025
Introduced in House
Type: IntroReferral
| Source: Library of Congress
| Code: Intro-H
Feb 5, 2025
Introduced in House
Type: IntroReferral
| Source: Library of Congress
| Code: 1000
Feb 5, 2025
Subjects (9)
Computer security and identity theft
Congressional oversight
Employment and training programs
Government employee pay, benefits, personnel management
Government lending and loan guarantees
Government Operations and Politics
(Policy Area)
Higher education
Student aid and college costs
Vocational and technical education
Cosponsors (12)
(R-TX)
Feb 25, 2025
Feb 25, 2025
(R-TX)
Feb 24, 2025
Feb 24, 2025
(R-SC)
Feb 5, 2025
Feb 5, 2025
(R-MS)
Feb 5, 2025
Feb 5, 2025
(R-CO)
Feb 5, 2025
Feb 5, 2025
(R-MS)
Feb 5, 2025
Feb 5, 2025
(R-FL)
Feb 5, 2025
Feb 5, 2025
(R-NY)
Feb 5, 2025
Feb 5, 2025
(R-LA)
Feb 5, 2025
Feb 5, 2025
(R-MI)
Feb 5, 2025
Feb 5, 2025
(R-KY)
Feb 5, 2025
Feb 5, 2025
(R-AL)
Feb 5, 2025
Feb 5, 2025
Full Bill Text
Length: 23,403 characters
Version: Introduced in House
Version Date: Feb 5, 2025
Last Updated: Nov 11, 2025 6:11 AM
[Congressional Bills 119th Congress]
[From the U.S. Government Publishing Office]
[H.R. 1000 Introduced in House
(IH) ]
<DOC>
119th CONGRESS
1st Session
H. R. 1000
To amend the Homeland Security Act of 2002 to provide for education and
training programs and resources of the Cybersecurity and Infrastructure
Security Agency of the Department of Homeland Security, and for other
purposes.
_______________________________________________________________________
IN THE HOUSE OF REPRESENTATIVES
February 5, 2025
Mr. Green of Tennessee (for himself, Mr. Guest, Mr. Gimenez, Mr.
Higgins of Louisiana, Mr. Strong, Mr. Ezell, Mr. Rogers of Kentucky,
Mrs. Biggs of South Carolina, Mr. Evans of Colorado, Mr. Moolenaar, and
Mr. Garbarino) introduced the following bill; which was referred to the
Committee on Homeland Security, and in addition to the Committee on
Education and Workforce, for a period to be subsequently determined by
the Speaker, in each case for consideration of such provisions as fall
within the jurisdiction of the committee concerned
_______________________________________________________________________
A BILL
To amend the Homeland Security Act of 2002 to provide for education and
training programs and resources of the Cybersecurity and Infrastructure
Security Agency of the Department of Homeland Security, and for other
purposes.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
[From the U.S. Government Publishing Office]
[H.R. 1000 Introduced in House
(IH) ]
<DOC>
119th CONGRESS
1st Session
H. R. 1000
To amend the Homeland Security Act of 2002 to provide for education and
training programs and resources of the Cybersecurity and Infrastructure
Security Agency of the Department of Homeland Security, and for other
purposes.
_______________________________________________________________________
IN THE HOUSE OF REPRESENTATIVES
February 5, 2025
Mr. Green of Tennessee (for himself, Mr. Guest, Mr. Gimenez, Mr.
Higgins of Louisiana, Mr. Strong, Mr. Ezell, Mr. Rogers of Kentucky,
Mrs. Biggs of South Carolina, Mr. Evans of Colorado, Mr. Moolenaar, and
Mr. Garbarino) introduced the following bill; which was referred to the
Committee on Homeland Security, and in addition to the Committee on
Education and Workforce, for a period to be subsequently determined by
the Speaker, in each case for consideration of such provisions as fall
within the jurisdiction of the committee concerned
_______________________________________________________________________
A BILL
To amend the Homeland Security Act of 2002 to provide for education and
training programs and resources of the Cybersecurity and Infrastructure
Security Agency of the Department of Homeland Security, and for other
purposes.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1.
This Act may be cited as the ``Providing Individuals Various
Opportunities for Technical Training to Build a Skills-Based Cyber
Workforce Act of 2025'' or the ``Cyber PIVOTT Act''.
SEC. 2.
(a) In General.--Subtitle D of title XIII of the Homeland Security
Act of 2002 is amended by adding at the end the following new section:
``
SEC. 1334.
``
(a) Expanding Education and Training Programs and Resources to
Community Colleges, Technical Schools, and Other Institutions of Higher
Education Offering Two-Year Programs.--
``
(1) Student qualifications.--
``
(A) In general.--The Director of the
Cybersecurity and Infrastructure Security Agency
(CISA) of the Department shall seek to enter into partnerships
or other arrangements with community colleges (as such
term is defined in
section 5002 of the William M.
(Mac) Thornberry National Defense Authorization Act for
Fiscal Year 2021 (15 U.S.C. 9401), technical schools
(as such term is defined in
section 411.
20, Code of Federal Regulations), and other
institutions of higher education offering two-year
programs (in this section referred to as `participating
institutions') to establish education and training
programs and facilitate internship and post-graduation
Federal job opportunities at participating
institutions. Such programs shall be known as the
`Providing Individuals Various Opportunities for
Technical Training to Build a Skills-Based Cyber
Workforce Program' or the `PIVOTT Program' (in this
section referred to as the `Program').
``
(B) Eligibility.--The following categories of
students are eligible to participate in the Program:
``
(i) Students enrolled in but who have not
yet started a two-year cyber or cyber-relevant
associate's degree program or comparable
technical certification, as determined by the
Director of CISA, at a participating
institution.
``
(ii) Students currently enrolled in their
first semester of a two-year cyber or cyber-
relevant associate's degree program or
comparable technical certification, as
determined by the Director of CISA, at a
participating institution.
``
(iii) Students identified by the Director
of CISA who are eligible and qualified to
enroll in a two-year degree cyber or cyber-
relevant associate's program or comparable
technical certification at a participating
institution, such as individuals who are
pursuing a career change, have a high school
diploma or equivalent, or would be considered
entry-level.
``
(iv) Students enrolled in technical
certifications at participating institutions
that are less than two years to complete but
align with Tasks, Knowledge, and Skills
(TKS) ,
as defined by the National Initiative for
Cybersecurity Education
(NICE) Cybersecurity
Workforce Framework (NIST Special Publication
800-181, revision 1), and prepare students to
serve in Federal, State, local, Tribal, or
territorial government cyber or cyber-relevant
roles.
``
(C) Scholarships.--The Secretary, acting through
the Director of CISA, shall provide students
participating in the Program with full tuition
scholarships, including academic fees, lab fees,
travel, lodging, per diem, stipends, internship costs,
costs associated with virtual participation,
certification testing fees, and any other expenses the
Director determines necessary to complete any
requirement under the Program, including for
participation in one in-person exercise in accordance
with paragraph
(3)
(B) , including travel, lodging,
meals, in-person or in-laboratory post-course
assessments fees, and other necessary expenses as
determined by the Director.
``
(D) Service obligation.--
``
(i) In general.--Students who participate
in and complete the Program shall fulfill a
two-year service obligation in a cyber role, as
defined by the National Initiative for
Cybersecurity Education
(NICE) Cybersecurity
Workforce Framework (NIST Special Publication
800-181, revision 1) or the Department of
Defense Cyber Workforce Framework, or a cyber-
relevant role, to advance the cyber mission of
an executive agency (as such term is defined in
institutions of higher education offering two-year
programs (in this section referred to as `participating
institutions') to establish education and training
programs and facilitate internship and post-graduation
Federal job opportunities at participating
institutions. Such programs shall be known as the
`Providing Individuals Various Opportunities for
Technical Training to Build a Skills-Based Cyber
Workforce Program' or the `PIVOTT Program' (in this
section referred to as the `Program').
``
(B) Eligibility.--The following categories of
students are eligible to participate in the Program:
``
(i) Students enrolled in but who have not
yet started a two-year cyber or cyber-relevant
associate's degree program or comparable
technical certification, as determined by the
Director of CISA, at a participating
institution.
``
(ii) Students currently enrolled in their
first semester of a two-year cyber or cyber-
relevant associate's degree program or
comparable technical certification, as
determined by the Director of CISA, at a
participating institution.
``
(iii) Students identified by the Director
of CISA who are eligible and qualified to
enroll in a two-year degree cyber or cyber-
relevant associate's program or comparable
technical certification at a participating
institution, such as individuals who are
pursuing a career change, have a high school
diploma or equivalent, or would be considered
entry-level.
``
(iv) Students enrolled in technical
certifications at participating institutions
that are less than two years to complete but
align with Tasks, Knowledge, and Skills
(TKS) ,
as defined by the National Initiative for
Cybersecurity Education
(NICE) Cybersecurity
Workforce Framework (NIST Special Publication
800-181, revision 1), and prepare students to
serve in Federal, State, local, Tribal, or
territorial government cyber or cyber-relevant
roles.
``
(C) Scholarships.--The Secretary, acting through
the Director of CISA, shall provide students
participating in the Program with full tuition
scholarships, including academic fees, lab fees,
travel, lodging, per diem, stipends, internship costs,
costs associated with virtual participation,
certification testing fees, and any other expenses the
Director determines necessary to complete any
requirement under the Program, including for
participation in one in-person exercise in accordance
with paragraph
(3)
(B) , including travel, lodging,
meals, in-person or in-laboratory post-course
assessments fees, and other necessary expenses as
determined by the Director.
``
(D) Service obligation.--
``
(i) In general.--Students who participate
in and complete the Program shall fulfill a
two-year service obligation in a cyber role, as
defined by the National Initiative for
Cybersecurity Education
(NICE) Cybersecurity
Workforce Framework (NIST Special Publication
800-181, revision 1) or the Department of
Defense Cyber Workforce Framework, or a cyber-
relevant role, to advance the cyber mission of
an executive agency (as such term is defined in
section 105 of title 5, United States Code) or
a State, local, Tribal, or territorial
government.
a State, local, Tribal, or territorial
government.
``
(ii) Exception.--The service obligation
specified in clause
(i) shall not apply to
students who--
``
(I) have completed a term of
service in the Armed Forces that is
equal to the service obligation
specified in clause
(i) ;
``
(II) are currently serving in the
Armed Forces; or
``
(III) pursue service in the Armed
Forces in a cyber or cyber-relevant
role during or immediately after
completion of the Program.
``
(iii) Delayed service.--Students who,
immediately after completion of the Program,
enroll in a four-year degree program may
complete the service obligation specified in
clause
(i) after receiving such four-year
degree.
``
(E) Program completion timeline.--
``
(i) In general.--Students shall complete
participation in the Program within four years
of starting the Program, or pursuant to
participating institution rules if such rules
are in effect at the time such a student begins
such participation.
``
(ii) Process for updated completion
timeline.--A student who experiences extreme
hardship during participation in the Program
may submit to the Director of CISA an
application to waive the application of the
timeline specified in clause
(i) . The Director,
in consultation with the appropriate
participating institution, shall determine on a
case-by-case basis whether such student may be
granted additional time to complete the
Program.
``
(2) Institutional requirements.--A community college,
technical school, or other institution of higher education is
eligible to participate in the Program if such college or
school is--
``
(A) a participant in the National Centers of
Academic Excellence in Cybersecurity (NCAE-C) program;
or
``
(B) determined eligible by the Director of CISA,
taking into consideration whether the virtual or in-
person course offerings at such a college or school
aligns with pathways as defined by the National
Initiative for Cybersecurity Education
(NICE) Cybersecurity Workforce Framework (NIST Special
Publication 800-181, revision 1), and the presence of a
cybersecurity clinic on campus.
``
(3) Program components.--
``
(A) In general.--In accordance with subparagraph
(C) , students participating in the Program shall
complete a minimum of four eligible skills-based
exercises described in subparagraph
(B) .
``
(B) Eligible skills-based exercises.--Eligible
skills-based exercises described in this subparagraph
may include the following:
``
(i) Laboratory work.
``
(ii) Competitions such as hackathons,
challenges, and capture the flag.
``
(iii) Virtual programming.
``
(iv) Table-top exercises.
``
(v) Industry training workshops.
``
(vi) Exercises in a box.
``
(C) Provision.--
``
(i) In general.--The Director of CISA
shall coordinate with participating
institutions to provide at least one skills-
based exercise under subparagraph
(A) each
semester.
``
(ii) Student requirements.--Students
participating in the Program shall complete at
least one of the four skills-based exercises
under subparagraph
(A) in-person.
``
(iii) Administration of exercises.--The
Director of CISA, in coordination with
participating institutions, shall offer at
least one in-person skills-based exercise to
Program participants every two years.
``
(iv) Coordination.--The Director of CISA
shall coordinate and may jointly offer the
skills-based exercises under subparagraph
(A) with the following:
``
(I) Other Federal agencies, such
as the Department of Defense, the
Federal Bureau of Investigation, the
National Security Agency, and the
Office of the National Cyber Director,
as appropriate.
``
(II) Non-Federal entities with
cyber or cyber-relevant expertise,
including cybersecurity clinics.
``
(v) Exception.--A student participating
in the Program who is unable to complete a
skills-based exercise under subparagraph
(A) may submit to the participating institution a
proposal for a comparable skills-based
exercise, as determined by the Director of
CISA.
``
(D) Internships.--
``
(i) In general.--The Director of CISA and
participating institutions shall, as a core
requirement of the Program, coordinate with
appropriate entities to place students
participating in the Program in an approved
cyber or cyber-relevant internship, as
determined by the Director, with any of the
following:
``
(I) A State, local, Tribal, or
territorial government entity.
``
(II) A critical infrastructure
owner or operator that is located in a
rural community or is considered to be
a high-risk sector, as determined by
the Director of CISA.
``
(III) A Federal department or
agency, including with the CISA
Regional Security Advisors program.
``
(ii) Prioritization.--A student who has
communicated in writing to the Director of CISA
or the participating institution during the
internship placement process that such student
intends to serve in a Federal Government
position beyond the obligations of the student
under paragraph
(1)
(D) shall be prioritized for
Federal cyber internship opportunities that
require a security clearance.
``
(iii) Current federal employees.--The
Director of CISA shall coordinate with the
heads of appropriate Federal agencies to
establish an approved cyber or cyber-relevant
internship program for students participating
in the Program who are Federal employees.
``
(iv) Security clearances.--The Director
of CISA shall take such actions as may be
necessary to begin, not later than one year
before an appropriate student under this
subparagraph completes participation in the
Program, the process to provide such student
with an appropriate security clearance.
``
(4) Outreach initiatives.--
``
(A) CISA.--The Director of CISA shall--
``
(i) conduct regional outreach
initiatives, including at institutions
designated as National Centers of Academic
Excellence in Cybersecurity (NCAE-C), and
provide informational materials about the
Program--
``
(I) at each CISA regional office;
and
``
(II) to industry partners to
promote the Program; and
``
(ii) seek to engage with industry
stakeholders to produce an annual report on
industry-relevant skills intended to inform the
skills-based exercises offered in the Program,
which report may include input from an advisory
committee, established by the Director of CISA
and comprised of university-level educators.
``
(B) Recruitment fair.--The Director of CISA, in
coordination with the National Cyber Director, shall
host a voluntary Federal Government recruitment fair
that includes Federal Government agency representatives
who seek to recruit for open cybersecurity positions
each fiscal year. Information regarding such fair shall
be posted on a dedicated job board hosted by CISA. Each
such fair may be hosted online or in-person at a
minimum of five Program participating institutions.
``
(5) Program completion benefits.--
``
(A) Database.--The Director of CISA, leveraging
existing educational content repositories, shall
maintain an online database of cyber training and
education resources, mapped to job roles set forth in
the National Initiative for Cybersecurity Education
(NICE) Cybersecurity Workforce Framework (NIST Special
Publication 800-181, revision 1), and Federal job
opportunities in cyber or cyber-relevant fields. Such
database shall be available for access, as appropriate,
by students who have successfully completed the
Program.
``
(B) Certification program.--The Director of CISA
shall establish and update annually a list of existing
cyber certification programs developed or offered by
entities in the private sector, academia, nonprofits,
or other institutions, as determined by the Director.
The Secretary, acting through the Director, may fund,
through vouchers requested by a student participating
in the Program, up to three certifications and
associated certification examinations per student from
such list for such students who complete the Program
within ten years of such completion.
``
(C) Additional scholarship opportunities for
students who complete the program.--The Director of
CISA may select, pursuant to an application process
designed by Director, up to ten students per year who
completed the Program and have been employed by the
Federal Government for at least seven years to be
eligible for scholarships to be applied to cyber or
cyber-relevant degree programs offered at institutions
designated as NCAE-C. Scholarship amounts under this
subparagraph shall be determined by the Director,
subject to the availability of appropriations for such
purpose.
``
(6) Terms of program scholarship.--A scholarship
recipient under this section shall be liable to the United
States for repayment of a scholarship awarded to such recipient
as provided under subsection
(d) if such recipient--
``
(A) fails to maintain an acceptable level of
academic standing at the participating institution, as
determined by the Director of CISA;
``
(B) is dismissed from the participating
institution for disciplinary reasons;
``
(C) withdraws from the eligible degree program
before completing the Program;
``
(D) declares that such recipient does not intend
to fulfill the post-award employment obligation under
this section; or
``
(E) fails to maintain or fulfill the post-
graduation government service or post-award obligations
or requirements of such recipient.
``
(7) Exception.--A student who--
``
(A) enlists or commissions in the Armed Forces
prior to completion of the Program, or
``
(B) has a documented history of demonstrated
effort to secure a position with a Federal, State,
local, Tribal, or territorial government within two
years after completing the Program but who is not
offered such a position,
may be, on a case-by-case basis, as determined by the Director,
exempted from liability to the United States for repayment of a
scholarship awarded to such student.
``
(b) Monitoring Compliance.--As a condition of participation in
the Program, a participating institution shall enter into an agreement
with the Director of CISA to monitor the compliance of scholarship
recipients with respect to their post-award employment obligations.
``
(c) Amount of Repayment.--If a circumstance described in
subsection
(a)
(6) occurs before the completion of one year of a post-
scholarship employment obligation under this section, the total amount
of scholarship awards received by an individual under this section
shall--
``
(1) be repaid immediately; or
``
(2) be treated as a loan to be repaid in accordance with
subsection
(d) .
``
(d) Repayments.--A loan referred to subsection
(c) shall--
``
(1) be treated as a Federal Direct Unsubsidized Stafford
Loan under part D of subpart 10 of chapter 2 of subpart 2 of
part A of title IV of the Higher Education Act of 1965 (20
U.S.C. 1087a et seq.); and
``
(2) be subject to repayment, together with interest
thereon accruing from the date of the scholarship award, in
accordance with terms and conditions specified by the Secretary
(in consultation with the Secretary of Education) in
regulations promulgated to carry out this subsection.
``
(e) Collection of Repayment.--
``
(1) In general.--If a scholarship recipient is required
to repay a scholarship under this section, the Secretary
shall--
``
(A) determine the repayment amounts and notify
such recipient of the amount owed; and
``
(B) collect such amount within a period of time
as determined by the Secretary, or such amount shall be
treated as a loan in accordance with subsection
(e) .
``
(2) Returned to the department.--Except as provided in
paragraph
(3) , any repayment under this subsection shall be
returned to the Department.
``
(3) Retention of percentage.--A participating institution
may retain a percentage of any repayment such institution
collects under this subsection to defray administrative costs
associated with the collection of such repayment. The Secretary
shall establish a single, fixed percentage applicable to all
participating institutions.
``
(f) Exceptions.--The Secretary may provide for the partial or
total waiver or suspension of any repayment obligation by an individual
under this section whenever compliance by such individual with such
obligation is impossible or would involve extreme hardship to the
individual.
``
(g) Timeline for Implementation.--
``
(1) In general.--The Director of CISA and participating
institutions shall seek to enroll in the Program, subject to
the availability of appropriations, not fewer than 250 students
for the first full academic year of the Program that begins one
year after the date of the enactment of this section.
``
(2) Growth of program.--Beginning with the second full
academic year of the Program, the Director of CISA and
participating institutions shall seek to enroll in the Program
each full academic year, subject to the availability of
appropriations, not fewer than double the number of students
enrolled in the immediately preceding full academic year until
the number of such students reaches 1,000 each full academic
year.
``
(3) Plan for 10,000 students.--Not later than 90 days
after the date of the enactment of this section, the Director
of CISA and participating institutions shall develop a plan,
subject to capacity and administrative capabilities, to enroll
by not later than ten years after the date of the establishment
of the Program at least 10,000 students in the Program each
academic year. The Director shall brief the Committee on
Homeland Security of the House of Representatives and the
Committee on Homeland Security and Government Affairs of the
Senate regarding such plan.
``
(h) Report on Enrollment Goals.--If the Director of CISA and
participating institutions fail in any academic year to meet the
minimum quota specified in paragraph
(1) or
(2) , as the case may be, of
subsection
(g) , the Director of CISA shall brief the Committee on
Homeland Security of the House of Representatives and the Committee on
Homeland Security and Governmental Affairs of the Senate within 30 days
following the conclusion of such academic year.
``
(i) === Definitions. ===
-In this section:
``
(1) Cyber-relevant.--The term `cyber-relevant' means
areas of national security that would impact the cyber
resiliency of the United States, including relating to
operational technology, critical infrastructure, artificial
intelligence, quantum computing, security awareness, or
computer science.
``
(2) Skills-based exercises.--The term `skills-based
exercises' means condensed programs lasting at least one day
that focus on practice and application, rather than research
and study.''.
(b) Clerical Amendment.--The table of contents in
government.
``
(ii) Exception.--The service obligation
specified in clause
(i) shall not apply to
students who--
``
(I) have completed a term of
service in the Armed Forces that is
equal to the service obligation
specified in clause
(i) ;
``
(II) are currently serving in the
Armed Forces; or
``
(III) pursue service in the Armed
Forces in a cyber or cyber-relevant
role during or immediately after
completion of the Program.
``
(iii) Delayed service.--Students who,
immediately after completion of the Program,
enroll in a four-year degree program may
complete the service obligation specified in
clause
(i) after receiving such four-year
degree.
``
(E) Program completion timeline.--
``
(i) In general.--Students shall complete
participation in the Program within four years
of starting the Program, or pursuant to
participating institution rules if such rules
are in effect at the time such a student begins
such participation.
``
(ii) Process for updated completion
timeline.--A student who experiences extreme
hardship during participation in the Program
may submit to the Director of CISA an
application to waive the application of the
timeline specified in clause
(i) . The Director,
in consultation with the appropriate
participating institution, shall determine on a
case-by-case basis whether such student may be
granted additional time to complete the
Program.
``
(2) Institutional requirements.--A community college,
technical school, or other institution of higher education is
eligible to participate in the Program if such college or
school is--
``
(A) a participant in the National Centers of
Academic Excellence in Cybersecurity (NCAE-C) program;
or
``
(B) determined eligible by the Director of CISA,
taking into consideration whether the virtual or in-
person course offerings at such a college or school
aligns with pathways as defined by the National
Initiative for Cybersecurity Education
(NICE) Cybersecurity Workforce Framework (NIST Special
Publication 800-181, revision 1), and the presence of a
cybersecurity clinic on campus.
``
(3) Program components.--
``
(A) In general.--In accordance with subparagraph
(C) , students participating in the Program shall
complete a minimum of four eligible skills-based
exercises described in subparagraph
(B) .
``
(B) Eligible skills-based exercises.--Eligible
skills-based exercises described in this subparagraph
may include the following:
``
(i) Laboratory work.
``
(ii) Competitions such as hackathons,
challenges, and capture the flag.
``
(iii) Virtual programming.
``
(iv) Table-top exercises.
``
(v) Industry training workshops.
``
(vi) Exercises in a box.
``
(C) Provision.--
``
(i) In general.--The Director of CISA
shall coordinate with participating
institutions to provide at least one skills-
based exercise under subparagraph
(A) each
semester.
``
(ii) Student requirements.--Students
participating in the Program shall complete at
least one of the four skills-based exercises
under subparagraph
(A) in-person.
``
(iii) Administration of exercises.--The
Director of CISA, in coordination with
participating institutions, shall offer at
least one in-person skills-based exercise to
Program participants every two years.
``
(iv) Coordination.--The Director of CISA
shall coordinate and may jointly offer the
skills-based exercises under subparagraph
(A) with the following:
``
(I) Other Federal agencies, such
as the Department of Defense, the
Federal Bureau of Investigation, the
National Security Agency, and the
Office of the National Cyber Director,
as appropriate.
``
(II) Non-Federal entities with
cyber or cyber-relevant expertise,
including cybersecurity clinics.
``
(v) Exception.--A student participating
in the Program who is unable to complete a
skills-based exercise under subparagraph
(A) may submit to the participating institution a
proposal for a comparable skills-based
exercise, as determined by the Director of
CISA.
``
(D) Internships.--
``
(i) In general.--The Director of CISA and
participating institutions shall, as a core
requirement of the Program, coordinate with
appropriate entities to place students
participating in the Program in an approved
cyber or cyber-relevant internship, as
determined by the Director, with any of the
following:
``
(I) A State, local, Tribal, or
territorial government entity.
``
(II) A critical infrastructure
owner or operator that is located in a
rural community or is considered to be
a high-risk sector, as determined by
the Director of CISA.
``
(III) A Federal department or
agency, including with the CISA
Regional Security Advisors program.
``
(ii) Prioritization.--A student who has
communicated in writing to the Director of CISA
or the participating institution during the
internship placement process that such student
intends to serve in a Federal Government
position beyond the obligations of the student
under paragraph
(1)
(D) shall be prioritized for
Federal cyber internship opportunities that
require a security clearance.
``
(iii) Current federal employees.--The
Director of CISA shall coordinate with the
heads of appropriate Federal agencies to
establish an approved cyber or cyber-relevant
internship program for students participating
in the Program who are Federal employees.
``
(iv) Security clearances.--The Director
of CISA shall take such actions as may be
necessary to begin, not later than one year
before an appropriate student under this
subparagraph completes participation in the
Program, the process to provide such student
with an appropriate security clearance.
``
(4) Outreach initiatives.--
``
(A) CISA.--The Director of CISA shall--
``
(i) conduct regional outreach
initiatives, including at institutions
designated as National Centers of Academic
Excellence in Cybersecurity (NCAE-C), and
provide informational materials about the
Program--
``
(I) at each CISA regional office;
and
``
(II) to industry partners to
promote the Program; and
``
(ii) seek to engage with industry
stakeholders to produce an annual report on
industry-relevant skills intended to inform the
skills-based exercises offered in the Program,
which report may include input from an advisory
committee, established by the Director of CISA
and comprised of university-level educators.
``
(B) Recruitment fair.--The Director of CISA, in
coordination with the National Cyber Director, shall
host a voluntary Federal Government recruitment fair
that includes Federal Government agency representatives
who seek to recruit for open cybersecurity positions
each fiscal year. Information regarding such fair shall
be posted on a dedicated job board hosted by CISA. Each
such fair may be hosted online or in-person at a
minimum of five Program participating institutions.
``
(5) Program completion benefits.--
``
(A) Database.--The Director of CISA, leveraging
existing educational content repositories, shall
maintain an online database of cyber training and
education resources, mapped to job roles set forth in
the National Initiative for Cybersecurity Education
(NICE) Cybersecurity Workforce Framework (NIST Special
Publication 800-181, revision 1), and Federal job
opportunities in cyber or cyber-relevant fields. Such
database shall be available for access, as appropriate,
by students who have successfully completed the
Program.
``
(B) Certification program.--The Director of CISA
shall establish and update annually a list of existing
cyber certification programs developed or offered by
entities in the private sector, academia, nonprofits,
or other institutions, as determined by the Director.
The Secretary, acting through the Director, may fund,
through vouchers requested by a student participating
in the Program, up to three certifications and
associated certification examinations per student from
such list for such students who complete the Program
within ten years of such completion.
``
(C) Additional scholarship opportunities for
students who complete the program.--The Director of
CISA may select, pursuant to an application process
designed by Director, up to ten students per year who
completed the Program and have been employed by the
Federal Government for at least seven years to be
eligible for scholarships to be applied to cyber or
cyber-relevant degree programs offered at institutions
designated as NCAE-C. Scholarship amounts under this
subparagraph shall be determined by the Director,
subject to the availability of appropriations for such
purpose.
``
(6) Terms of program scholarship.--A scholarship
recipient under this section shall be liable to the United
States for repayment of a scholarship awarded to such recipient
as provided under subsection
(d) if such recipient--
``
(A) fails to maintain an acceptable level of
academic standing at the participating institution, as
determined by the Director of CISA;
``
(B) is dismissed from the participating
institution for disciplinary reasons;
``
(C) withdraws from the eligible degree program
before completing the Program;
``
(D) declares that such recipient does not intend
to fulfill the post-award employment obligation under
this section; or
``
(E) fails to maintain or fulfill the post-
graduation government service or post-award obligations
or requirements of such recipient.
``
(7) Exception.--A student who--
``
(A) enlists or commissions in the Armed Forces
prior to completion of the Program, or
``
(B) has a documented history of demonstrated
effort to secure a position with a Federal, State,
local, Tribal, or territorial government within two
years after completing the Program but who is not
offered such a position,
may be, on a case-by-case basis, as determined by the Director,
exempted from liability to the United States for repayment of a
scholarship awarded to such student.
``
(b) Monitoring Compliance.--As a condition of participation in
the Program, a participating institution shall enter into an agreement
with the Director of CISA to monitor the compliance of scholarship
recipients with respect to their post-award employment obligations.
``
(c) Amount of Repayment.--If a circumstance described in
subsection
(a)
(6) occurs before the completion of one year of a post-
scholarship employment obligation under this section, the total amount
of scholarship awards received by an individual under this section
shall--
``
(1) be repaid immediately; or
``
(2) be treated as a loan to be repaid in accordance with
subsection
(d) .
``
(d) Repayments.--A loan referred to subsection
(c) shall--
``
(1) be treated as a Federal Direct Unsubsidized Stafford
Loan under part D of subpart 10 of chapter 2 of subpart 2 of
part A of title IV of the Higher Education Act of 1965 (20
U.S.C. 1087a et seq.); and
``
(2) be subject to repayment, together with interest
thereon accruing from the date of the scholarship award, in
accordance with terms and conditions specified by the Secretary
(in consultation with the Secretary of Education) in
regulations promulgated to carry out this subsection.
``
(e) Collection of Repayment.--
``
(1) In general.--If a scholarship recipient is required
to repay a scholarship under this section, the Secretary
shall--
``
(A) determine the repayment amounts and notify
such recipient of the amount owed; and
``
(B) collect such amount within a period of time
as determined by the Secretary, or such amount shall be
treated as a loan in accordance with subsection
(e) .
``
(2) Returned to the department.--Except as provided in
paragraph
(3) , any repayment under this subsection shall be
returned to the Department.
``
(3) Retention of percentage.--A participating institution
may retain a percentage of any repayment such institution
collects under this subsection to defray administrative costs
associated with the collection of such repayment. The Secretary
shall establish a single, fixed percentage applicable to all
participating institutions.
``
(f) Exceptions.--The Secretary may provide for the partial or
total waiver or suspension of any repayment obligation by an individual
under this section whenever compliance by such individual with such
obligation is impossible or would involve extreme hardship to the
individual.
``
(g) Timeline for Implementation.--
``
(1) In general.--The Director of CISA and participating
institutions shall seek to enroll in the Program, subject to
the availability of appropriations, not fewer than 250 students
for the first full academic year of the Program that begins one
year after the date of the enactment of this section.
``
(2) Growth of program.--Beginning with the second full
academic year of the Program, the Director of CISA and
participating institutions shall seek to enroll in the Program
each full academic year, subject to the availability of
appropriations, not fewer than double the number of students
enrolled in the immediately preceding full academic year until
the number of such students reaches 1,000 each full academic
year.
``
(3) Plan for 10,000 students.--Not later than 90 days
after the date of the enactment of this section, the Director
of CISA and participating institutions shall develop a plan,
subject to capacity and administrative capabilities, to enroll
by not later than ten years after the date of the establishment
of the Program at least 10,000 students in the Program each
academic year. The Director shall brief the Committee on
Homeland Security of the House of Representatives and the
Committee on Homeland Security and Government Affairs of the
Senate regarding such plan.
``
(h) Report on Enrollment Goals.--If the Director of CISA and
participating institutions fail in any academic year to meet the
minimum quota specified in paragraph
(1) or
(2) , as the case may be, of
subsection
(g) , the Director of CISA shall brief the Committee on
Homeland Security of the House of Representatives and the Committee on
Homeland Security and Governmental Affairs of the Senate within 30 days
following the conclusion of such academic year.
``
(i) === Definitions. ===
-In this section:
``
(1) Cyber-relevant.--The term `cyber-relevant' means
areas of national security that would impact the cyber
resiliency of the United States, including relating to
operational technology, critical infrastructure, artificial
intelligence, quantum computing, security awareness, or
computer science.
``
(2) Skills-based exercises.--The term `skills-based
exercises' means condensed programs lasting at least one day
that focus on practice and application, rather than research
and study.''.
(b) Clerical Amendment.--The table of contents in
section 1
(b) of
the Homeland Security Act of 2002 is amended by inserting after the
item relating to
(b) of
the Homeland Security Act of 2002 is amended by inserting after the
item relating to
section 1333 the following new item:
``
``
Sec. 1334.
(c) Review of CISA Education, Training Programs and Resources.--Not
later than 90 days after the date of the enactment of this Act, the
Director of the Cybersecurity and Infrastructure Security Agency
(CISA) of the Department of Homeland Security shall submit to Congress a
review of CISA's education and training programs. Such review shall
evaluate the cost, reach, and current demand of such programs,
including relating to any resource gaps in any of such programs.
(d) Promoting CyberCorps Scholarship for Service as a Gold Standard
Program.--The Secretary of Homeland Security shall submit to the
Committee on Homeland Security and the Committee on Science, Space, and
Technology of the House of Representatives and the Committee on
Homeland Security and Governmental Affairs and the Committee on
Commerce, Science, and Transportation of the Senate a report on current
support of the Department to the CyberCorps Scholarship for Service
Program, including opportunities to provide additional funding to such
Program under existing training and education programs of the
Department of Homeland Security.
<all>
later than 90 days after the date of the enactment of this Act, the
Director of the Cybersecurity and Infrastructure Security Agency
(CISA) of the Department of Homeland Security shall submit to Congress a
review of CISA's education and training programs. Such review shall
evaluate the cost, reach, and current demand of such programs,
including relating to any resource gaps in any of such programs.
(d) Promoting CyberCorps Scholarship for Service as a Gold Standard
Program.--The Secretary of Homeland Security shall submit to the
Committee on Homeland Security and the Committee on Science, Space, and
Technology of the House of Representatives and the Committee on
Homeland Security and Governmental Affairs and the Committee on
Commerce, Science, and Transportation of the Senate a report on current
support of the Department to the CyberCorps Scholarship for Service
Program, including opportunities to provide additional funding to such
Program under existing training and education programs of the
Department of Homeland Security.
<all>