[Congressional Bills 115th Congress]
[From the U.S. Government Publishing Office]
[S. 754 Introduced in Senate (IS)]

<DOC>






115th CONGRESS
  1st Session
                                 S. 754

 To support meeting our Nation's growing cybersecurity workforce needs 
           by expanding the cybersecurity education pipeline.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                             March 28, 2017

  Mr. Kaine (for himself, Mr. Wicker, and Mrs. Murray) introduced the 
 following bill; which was read twice and referred to the Committee on 
                 Commerce, Science, and Transportation

_______________________________________________________________________

                                 A BILL


 
 To support meeting our Nation's growing cybersecurity workforce needs 
           by expanding the cybersecurity education pipeline.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Cyber Scholarship Opportunities Act 
of 2017''.

SEC. 2. FINDINGS.

    Congress finds the following:
            (1) A well-trained workforce is essential to meeting the 
        Nation's growing cybersecurity needs.
            (2) A 2015 report by the National Academy of Public 
        Administration found that the United States faces a severe 
        shortage of properly trained and equipped cybersecurity 
        professionals.
            (3) A 2015 study of the information security workforce 
        found that the information security workforce shortfall is 
        widening.
            (4) The National Science Foundation's CyberCorps: 
        Scholarship-for-Service program is a successful effort to 
        support capacity building in institutions of higher education 
        and scholarships for students to pursue cybersecurity careers.

SEC. 3. SENSE OF CONGRESS.

    It is the sense of Congress that--
            (1) given the current need for cybersecurity professionals 
        in the public and private sectors, Congress and the Federal 
        Government should support existing programs to boost their 
        success;
            (2) the Federal Government should also build upon and 
        develop existing programs to meet emerging challenges, such as 
        the need to protect critical infrastructure and the greater 
        need for cybersecurity professionals of various skill levels;
            (3) there is a need for greater engagement with students at 
        the kindergarten through grade 12 level to recruit young people 
        to pursue career paths in cybersecurity;
            (4) many community colleges offer degrees or industry-
        recognized credentials in cybersecurity and related fields that 
        prepare students to fill high-demand cybersecurity jobs, and 
        the Federal Government should support programs at 2-year 
        institutions of higher education that help students develop 
        skills necessary to support the Nation's cybersecurity 
        missions; and
            (5) the Federal Government should expand existing programs 
        to support re-training mid-career individuals, such as veterans 
        of the Armed Forces, to fill cybersecurity positions.

SEC. 4. FEDERAL CYBER SCHOLARSHIP-FOR-SERVICE PROGRAM.

    Section 302 of the Cybersecurity Enhancement Act of 2014 (15 U.S.C. 
7442) is amended--
            (1) in subsection (a), by adding at the end the following: 
        ``Not less than 5 percent of scholarships provided under this 
        section shall be provided to eligible students who are pursuing 
        an associate's degree in a cybersecurity field without the 
        intent of transferring to a bachelor's degree program and 
        either have a bachelor's degree already or are veterans of the 
        Armed Forces.'';
            (2) in subsection (d), by adding at the end the following: 
        ``In the case of a scholarship recipient who is pursuing a 
        doctoral or master's degree, such agreement may include (if 
        determined appropriate on a case-by-case basis by the Director 
        of the National Science Foundation) an agreement for the 
        recipient to work at an institution of higher education or for 
        a local educational agency teaching cybersecurity skills for a 
        period equal to the length of the scholarship following receipt 
        of such degree.'';
            (3) in subsection (f)--
                    (A) by striking paragraph (3) and inserting the 
                following:
            ``(3) have demonstrated a high level of competency in 
        relevant knowledge, skills, and abilities, as described in the 
        national cybersecurity awareness and education program under 
        section 401;''; and
                    (B) by striking paragraph (4) and inserting the 
                following:
            ``(4) be a student in an eligible degree program at a 
        qualified institution of higher education, as determined by the 
        Director of the National Science Foundation, who is--
                    ``(A) a full-time student; or
                    ``(B) a student who is enrolled for study leading 
                to a degree on a less than full-time basis but not less 
                than half-time basis; and'';
            (4) by striking subsection (m) and inserting the following:
    ``(m) Evaluation and Report.--
            ``(1) In general.--The Director of the National Science 
        Foundation shall evaluate and make public, in a manner that 
        protects the personally identifiable information of scholarship 
        recipients, information on the success of recruiting 
        individuals for scholarships under this section and on hiring 
        and retaining those individuals in the public sector workforce, 
        including on--
                    ``(A) placement rates;
                    ``(B) where students are placed;
                    ``(C) student salary ranges for students not 
                released from obligations under this section;
                    ``(D) how long after graduation they are placed;
                    ``(E) how long they stay in the positions they 
                enter upon graduation;
                    ``(F) how many students are released from 
                obligations; and
                    ``(G) what (if any) remedial training needs are 
                required.
            ``(2) Regular reports.--The Director of the National 
        Science Foundation shall submit reports to Congress under 
        paragraph (1) not less often than once every 5 years.''; and
            (5) by adding at the end the following:
    ``(n) Resources.--The Director of the National Science Foundation 
shall work with the Director of the Office of Personnel Management to 
provide adequate resources to the CyberCorps community in the form of 
an online resource center, where all other relevant websites will be 
consolidated or eliminated, if possible. To the extent applicable, such 
websites shall--
            ``(1) present up-to-date, accurate information about 
        existing scholarship programs and job opportunities;
            ``(2) present a modernized view of cybersecurity careers;
            ``(3) improve user friendliness; and
            ``(4) allow prospective job applicants to search positions 
        by State, salary, and title.
    ``(o) Advertisements.--The Director of the National Science 
Foundation shall work with the Director of the Office of Personnel 
Management and State, local, and tribal agencies to advertise 
cybersecurity positions to scholarship recipients under this section, 
such as by hosting, in coordination with such office and agencies, a 
virtual job fair for scholarship recipients.
    ``(p) Cybersecurity at Kindergarten Through Grade 12 Level.--The 
Director of the National Science Foundation, in coordination with other 
Federal agencies as necessary, shall carry out a program to grow and 
improve cybersecurity education at the kindergarten through grade 12 
level that--
            ``(1) increases interest in cybersecurity careers;
            ``(2) helps students practice correct and safe online 
        behavior and understand the foundational principles of 
        cybersecurity; and
            ``(3) improves teaching methods for delivering 
        cybersecurity content for kindergarten through grade 12 
        computer science curricula.
    ``(q) Critical Infrastructure Protection.--Due to the need for 
skilled cybersecurity professionals to protect the Nation's critical 
infrastructure, the Director of the National Science Foundation may--
            ``(1) grant exceptions to students for fulfilling post-
        award employment obligations under this section (on a case-by-
        case basis and in coordination with other Federal agencies) who 
        agree to work in a critical infrastructure mission at a Federal 
        Government corporation or a State, local, or tribal government-
        affiliated asset, system, or network that is considered to be 
        part of a critical infrastructure sector as described in 
        Presidential Policy Directive-21, issued February 12, 2013 
        (related to critical infrastructure security and resilience), 
        or any successor; and
            ``(2) develop a pilot program to enhance critical 
        infrastructure protection training for students pursuing 
        careers in cybersecurity.
    ``(r) Study.--The Director of the National Science Foundation, in 
coordination with the Director of the Office of Personnel Management, 
shall assess the potential benefits and feasibility of granting 
scholarship awards under this section to students who do not possess a 
bachelor's degree to pursue an associate's degree or an industry-
recognized credential in a cybersecurity field.''.
                                 <all>