Two Congresswomen, Shontel Brown and Haley Stevens, have introduced legislation aimed at promoting cybersecurity jobs to underrepresented and disadvantaged individuals, including those who have been formerly incarcerated. The Diverse Cybersecurity Workforce Act seeks to address the shortage of cybersecurity professionals by expanding education and outreach efforts to diverse communities. While the bill has garnered support from 32 cosponsors, concerns have been raised regarding the potential risks associated with granting access to sensitive information to individuals with criminal histories.
While the reintegration of formerly incarcerated individuals into the workforce is crucial, there is a need for caution in determining the positions they are placed in, particularly in roles related to national security. Supporters of the bill argue that promoting cybersecurity careers to diverse communities can help address workforce shortages and create opportunities for individuals from nontraditional educational paths. However, critics emphasize the heightened risks of insider threats posed by individuals with criminal backgrounds, highlighting the importance of carefully evaluating security implications.
The proposed legislation mandates the US Cybersecurity and Infrastructure Security Agency (CISA) to establish a program promoting cybersecurity employment awareness among various institutions and communities. This program would be part of the Cybersecurity Education and Training Assistance Program, aiming to bridge the workforce gap in the cybersecurity sector. If enacted, the bill would allocate $20 million annually to the Department of Homeland Security (DHS) until 2030 for implementing the program.
While the bill aims to address workforce shortages and promote diversity in the cybersecurity field, its chances of enactment remain uncertain, with GovTrack suggesting a 4% chance of success. Despite the challenges and concerns raised, the introduction of such legislation underscores the importance of expanding opportunities in cybersecurity while also ensuring security measures are in place to mitigate potential risks associated with workforce diversity.
