Bipartisan leaders of a key House panel have introduced new legislation to speed up the federal government’s onboarding of cybersecurity personnel by prioritizing candidates’ skills over academic backgrounds.
The proposal, from Reps. Nancy Mace, R-S.C., and Shontel Brown, D-Ohio, looks to expand agencies’ pool of potential cyber talent by limiting the use “of educational requirements or qualifications in evaluating candidates for certain cybersecurity positions in the competitive service.”
Mace and Brown are the chair and ranking member, respectively, of the House Oversight and Government Reform Subcommittee on Cybersecurity, Information Technology and Government Innovation. The legislation was formally introduced on Tuesday.
According to the bill’s text, agencies would only be able to mandate minimum educational requirements for covered cyber positions if it is required by law to do so in the state or locality where the employee would be based. Education would also only be considered a determining factor “if the candidate’s education directly reflects the competencies necessary to satisfy that qualification and perform the duties of the position.”
The proposal would also require the Office of Personnel Management to annually publish on its website “any changes made to minimum qualifications standards concerning education for covered positions,” as well as aggregate data on the educational backgrounds of new employees sorted by their position classifications.
In a press release, the lawmakers said their bill “prioritizes skills-based hiring over outdated educational requirements.”
Both the public and private sectors have faced a shortage of cyber talent in recent years, even as the frequency of damaging hacks, ransomware attacks and other digital threats have also increased. The National Institute of Standards and Technology estimated that there were roughly 470,000 vacant cybersecurity positions in the U.S. between May 2023 and April 2024.
“As cyber threats against our government continue to grow, we need to make sure our federal agencies hire the most qualified candidates, not just those with traditional degrees,” Mace said in a statement. “This bill cuts red tape, opens doors to skilled Americans without a four-year diploma but with the expertise to get the job done, and strengthens our nation’s cybersecurity workforce.”
Mace previously introduced similar legislation last year to deprioritize educational requirements for open cyber positions. Her bill passed the House but did not advance in the Senate before the end of the 118th Congress.
