HACKED Act of 2019
(Harvesting American Cybersecurity Knowledge through Education)
Senators Wicker, Cantwell, Thune, Rosen
Cybersecurity risks are increasing: The cost of malicious cyber activity to U.S. economy in 2016 is estimated at $57 - $109 billion.1 Our nation requires talented cybersecurity individuals to meet these challenges and ensure the United States stays competitive in the growing digital world.
Current cybersecurity workforce shortage: According to CyberSeek, a project supported by the National Initiative for Cybersecurity Education, as of 2018, there are more than 300,000 unfilled cybersecurity jobs in the United States. It is projected there will be 500,000 total unfilled positions in the U.S. by 2021.2,3 With surveys estimating that 63% of industry have a shortage of cybersecurity employees, this presents an opportunity to fill jobs with skilled and talented workers.4
Current cybersecurity teacher shortage: The Computing Research Association estimates that in 2018 only 14 of the approximately 100 PhD graduates secured tenure-track jobs in academia.5 Further, half of 2-year Centers of Academic Excellence (CAE) schools have current vacancies for cybersecurity faculty.6
The HACKED Act would:
Align education and training with the cybersecurity workforce needs
- Authorize Regional Alliances and Multistakeholder Partnerships between the federal government, state and local educational institutions, and local employers to work together to address specific local workforce needs.
- Improve metrics to track and measure cybersecurity workforce needs, including identification of specific gaps and measurement of the success of programs and activities to fill such gaps.
Design clear paths in the cybersecurity workforce and educate federal employees
- Identify model careers paths in cybersecurity- related positions with clear job descriptions, desired skills, and potential education and training necessary for cybersecurity professionals to advance their careers.
- Identify and develop tools for assessing skills and capabilities of workers.
- Develop standards on cybersecurity awareness for federal employees.
Increase coordination in federal programs
- Direct greater coordination of Federal programs on cybersecurity workforce through a new OSTP working group.
- Codify NIST as the agency responsible for leading interagency coordination.
- Amend existing NIST, NSF, NASA, and DOT STEM education programs to explicitly include cybersecurity as a component, and better integrate computer science and cybersecurity.
Incentivize recruitment of cybersecurity educators
- Expand the NSF CyberCorps federal scholarship- for-service program to allow for scholarship recipients to serve as educators.
- Ensure cybersecurity teachers are eligible for Presidential Awards for excellence in STEM teaching and mentoring.
- Expand support for cybersecurity summer camps for K-12 students.
- The Council of Economic Advisers. 2018, The Cost of Malicious Cyber Activity to the U.S. Economy.
- “Cybersecurity Supply And Demand Heat Map.” Cybersecurity Supply And Demand Heat Map, https://www.cyberseek.org/heatmap.html.
- “Employment by Detailed Occupation.” U.S. Bureau of Labor Statistics, U.S. Bureau of Labor Statistics, https://www.bls.gov/emp/tables/emp-by-detailed-occupation.htm.
- “Cybersecurity Professionals Focus on Developing New Skills as Workforce Gap Widens.” (ISC)2 CYBERSECURITY WORKFORCE STUDY, 2018, www.isc2.org/-
- Zweben, Stuart, and Betsy Bizot. “Undergrad Enrollment Continues Upward; Doctoral Degree Production Declines but Doctoral Enrollment Rises.” CRA, May 2019,
- Modestino, Alicia, and Walter McHugh. Educator Shortage Problem Found in the 2017 CAE Cybersecurity Survey. 2018,