[Senate Report 115-263]
[From the U.S. Government Publishing Office]


                                                      Calendar No. 440
115th Congress     }                                     {      Report
                                 SENATE
 2d Session        }                                     {     115-263
_______________________________________________________________________

                                     


              CYBER SCHOLARSHIP OPPORTUNITIES ACT OF 2017

                               __________

                              R E P O R T

                                 of the

           COMMITTEE ON COMMERCE, SCIENCE, AND TRANSPORTATION

                                   on

                                 S. 754

[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]


                  June 5, 2018.--Ordered to be printed
                                   ______

                         U.S. GOVERNMENT PUBLISHING OFFICE 

79-010                         WASHINGTON : 2018                   
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
                  
       SENATE COMMITTEE ON COMMERCE, SCIENCE, AND TRANSPORTATION
                     one hundred fifteenth congress
                             second session

                   JOHN THUNE, South Dakota, Chairman
 ROGER F. WICKER, Mississippi         BILL NELSON, Florida
 ROY BLUNT, Missouri                  MARIA CANTWELL, Washington
 TED CRUZ, Texas                      AMY KLOBUCHAR, Minnesota
 DEB FISCHER, Nebraska                RICHARD BLUMENTHAL, Connecticut
 JERRY MORAN, Kansas                  BRIAN SCHATZ, Hawaii
 DAN SULLIVAN, Alaska                 EDWARD J. MARKEY, Massachusetts
 DEAN HELLER, Nevada                  TOM UDALL, New Mexico
 JAMES M. INHOFE, Oklahoma            GARY C. PETERS, Michigan
 MIKE LEE, Utah                       TAMMY BALDWIN, Wisconsin
 RON JOHNSON, Wisconsin               TAMMY DUCKWORTH, Illinois
 SHELLEY MOORE CAPITO, West           MARGARETWOODHASSAN,NewHampshire
    Virginia
 CORY GARDNER, Colorado               CATHERINE CORTEZ MASTO, Nevada
 TODD C. YOUNG, Indiana               JON TESTER, Montana
                       Nick Rossi, Staff Director
                 Adrian Arnakis, Deputy Staff Director
                    Jason Van Beek, General Counsel
                 Kim Lipsky, Democratic Staff Director
           Christopher Day, Democratic Deputy Staff Director
















                                                      Calendar No. 440
115th Congress     }                                     {      Report
                                 SENATE
 2d Session        }                                     {     115-263

======================================================================



 
              CYBER SCHOLARSHIP OPPORTUNITIES ACT OF 2017

                                _______
                                

                  June 5, 2018.--Ordered to be printed

                                _______
                                

Mr. Thune, from the Committee on Commerce, Science, and Transportation, 
                        submitted the following

                              R E P O R T

                         [To accompany S. 754]

      [Including cost estimate of the Congressional Budget Office]

    The Committee on Commerce, Science, and Transportation, to 
which was referred the bill (S. 754) to support meeting our 
Nation's growing cybersecurity workforce needs by expanding the 
cybersecurity education pipeline, having considered the same, 
reports favorably thereon with an amendment (in the nature of a 
substitute) and recommends that the bill (as amended) do pass.

                          Purpose of the Bill

    The purpose of S. 754, the Cyber Scholarship Opportunities 
Act of 2017, is to support the growing need for cybersecurity 
professionals by updating and enhancing the National Science 
Foundation's (NSF) CyberCorps Scholarship for Service Program 
(Program).

                          Background and Needs

    The Committee has conducted oversight of the cybersecurity 
threat and related technical skills gap, holding hearings and 
passing legislation in both the 114th and 115th Congresses. In 
2014, then-Committee Chairman Rockefeller and Ranking Member 
Thune sponsored the Cybersecurity Enhancement Act of 2014 (Act 
of 2014),\1\ which authorized the Program. The Program provides 
grants to universities to award scholarships to cybersecurity 
students contingent upon a recipient agreeing to work for 
Federal or State government in a cybersecurity field for a 
period equal to the length of the scholarship.
    Government and private sector cybersecurity workforces face 
shortages due to increasing demand. A 2015 Cisco cybersecurity 
report found that the global shortage of cybersecurity 
professionals is more than 1 million,\2\ and a 2015 study by 
Cybersecurity and IT Security Certifications and Training 
((ISC)2),\3\ a certification organization for cybersecurity 
professionals, found that the information security workforce 
shortfall is widening.
---------------------------------------------------------------------------
    \1\Pub. L. 113-274, 128 Stat. 2971.
    \2\Cisco, ``Mitigating the Cybersecurity Skills Shortage: Top 
Insights and Actions from Cisco Security Advisory Services,'' 2015, at 
http://www.cisco.com/c/dam/en/us/products/collateral/security/
cybersecurity-talent.pdf.
    \3\(ISC)2, ``The 2015 (ISC)2 Information Security Workforce 
Study,'' April 2015, at https://www.boozallen.com/content/dam/
boozallen/documents/Viewpoints/2015/04/frostsullivan-ISC2-global-
information-security-workforce-2015.pdf.
---------------------------------------------------------------------------

                         Summary of Provisions

    The Act would support and expand the U.S. cybersecurity 
workforce by updating and enhancing the Program. The bill would 
establish a pilot program under the Program to provide 
scholarships to students pursuing associates degrees or 
specialized certifications in cybersecurity who either have 
bachelor's degrees or are veterans of the armed forces. The 
bill also would require the NSF, in coordination with the 
Office of Personnel Management (OPM), to assess the benefits 
and feasibility of providing CyberCorps scholarships directly 
to community college students. It also would expand eligible 
job placements to State, local, or tribal government-affiliated 
critical infrastructure non-profit organizations, while 
prioritizing the placement of at least 80 percent of 
scholarship recipients at Federal agencies in line with the 
original intent of the Program.
    In addition, the bill would require the NSF, in 
coordination with the OPM, to evaluate and disseminate public 
information and resources about CyberCorps job hiring and 
retention for potential applicants to the Program. The bill 
would require the NSF to report to Congress at least once every 
3 years on the results of its evaluation and any recent 
statistics about the size, composition, and educational 
requirements of the Federal cyber workforce. The bill also 
would authorize the NSF to award grants under the Program to 
improve cybersecurity education at the K-12 level to cultivate 
the next generation of cybersecurity professionals.
    Finally, the bill would amend the existing Robert Noyce 
Teacher Scholarship Program (Robert Noyce Program), which 
awards grants to recruit, train, and provide scholarships to 
science, technology, engineering, and math (STEM) students and 
professionals in exchange for service as STEM teachers at the 
K-12 level. The bill would specifically add the field of 
cybersecurity to the list of qualifying teachers and 
professionals.

                          Legislative History

    Senator Kaine (for himself and Senators Wicker and Murray) 
introduced S. 754 on March 28, 2017. Chairman Thune, Ranking 
Member Nelson, and Senator Perdue also cosponsored the bill.
    On March 22, 2017, the Committee held a hearing focused on 
the impacts of emerging technologies on cybersecurity, which 
included a discussion of the cybersecurity workforce.
    On March 29, 2017, the Committee held a hearing focused on 
addressing the technical skills gap and steps taken by the 
industry to address this issue and to foster a competitive 
workforce, including a focus on the value of technical training 
across various industries.
    On August 2, 2017, the Committee met in open Executive 
Session and, by voice vote, ordered the bill be reported 
favorably with an amendment (in the nature of a substitute).

                            Estimated Costs

    In accordance with paragraph 11(a) of rule XXVI of the 
Standing Rules of the Senate and section 403 of the 
Congressional Budget Act of 1974, the Committee provides the 
following cost estimate, prepared by the Congressional Budget 
Office:

S. 754--Cyber Scholarship Opportunities Act of 2017

    Summary: S. 754 would authorize the National Science 
Foundation (NSF) and the Office of Personnel Management (OPM) 
to develop and implement a pilot program at between 5 to 10 
community colleges to provide scholarships to eligible students 
pursuing an associate's degree in cybersecurity under the 
CyberCorps Scholarship-for-Service (CyberCorps SFS) program. 
The bill also would permanently extend support for 
cybersecurity education in primary and secondary schools, 
modify the evaluation and reporting requirements for the 
CyberCorps SFS program, and require the NSF and OPM to develop 
and maintain online resources for prospective scholarship 
recipients.
    Based on information provided by the NSF on existing 
program costs, CBO estimates that implementing S. 754 would 
cost $6 million over the 2018-2022 period; such spending would 
be subject to the availability of appropriated funds.
    Enacting the bill would not affect direct spending or 
revenues; therefore, pay-as-you-go procedures do not apply.
    CBO estimates that enacting S. 754 would not increase net 
direct spending or on-budget deficits in any of the four 
consecutive 10-year periods beginning in 2028.
    S. 754 contains no intergovernmental or private-sector 
mandates as defined in the Unfunded Mandates Reform Act (UMRA) 
and would impose no costs on state, local, or tribal 
governments.
    Estimated cost to the Federal Government: The estimated 
budgetary effect of S. 754 is shown in the following table. The 
costs of this legislation fall within budget function 250 
(general space, science, and technology).

----------------------------------------------------------------------------------------------------------------
                                                          By fiscal year, in millions of dollars--
                                          ----------------------------------------------------------------------
                                             2017      2018      2019      2020      2021      2022    2017-2022
----------------------------------------------------------------------------------------------------------------
                                  INCREASE IN SPENDING SUBJECT TO APPROPRIATION
 
Estimated Authorization Level............         0         1         2         1         1         1          6
Estimated Outlays........................         0         1         2         1         1         1          6
----------------------------------------------------------------------------------------------------------------

                           BASIS OF ESTIMATE

Spending Subject to Appropriation

    For this estimate, CBO assumes the legislation would be 
enacted at the beginning of fiscal year 2018 and that the 
estimated amounts will be appropriated each year.
    Community College Pilot Program. Under current law, 
community college students are eligible for CyberCorps SFS 
scholarships if their college is a partner to a participating 
four-year institution that agrees to transfer scholarship 
recipients in order to complete a bachelor's degree. According 
to the NSF, the average annual award for those scholarship 
recipients is $46,000 each year. For this estimate, CBO expects 
the pilot program would commence in 2018, span three years, and 
support a total of 30 students pursuing associate's degrees. 
Over the 2018-2022 period, CBO estimates that the community 
college pilot program would cost $3 million. That amount 
includes administrative costs associated with the program. In 
2016, the NSF spent $6 million on the CyberCorps SFS program 
for students pursuing a master's or bachelor's degree in 
cybersecurity.
    Evaluation and Reporting Requirements and Online Resources. 
S. 754 would require the NSF and OPM to evaluate and report 
information on the success of recruiting and job placement 
efforts related to scholarship recipients. The bill also would 
require the NSF and OPM to develop and maintain online 
resources on cybersecurity careers for prospective scholarship 
recipients. Based on an analysis of information provided by the 
NSF, CBO estimates that implementing those provisions would 
cost $600,000 annually, and $3 million over the 2018-2022 
period.
    Pay-As-You-Go considerations: None.
    Increase in long-term direct spending and deficits: CB0 
estimates that enacting S. 754 would not increase net direct 
spending or on-budget deficits in any of the four consecutive 
10-year periods beginning in 2028.
    Intergovernmental and private-sector impact: S. 75 contains 
no intergovernmental or private-sector mandates as defined in 
UMRA and would impose no costs on state, local, or tribal 
governments.
    Estmate prepared by: Federal costs: Janani Shankaran; 
Impact on state, local, and tribal governments: Jon Sperl; 
Impact on the private sector: Paige Piper/Bach.
    Estimate approved by: H. Samuel Papenfuss, Deputy Assistant 
Director for Budget Analysis.

                      Regulatory Impact Statement

    In accordance with paragraph 11(b) of rule XXVI of the 
Standing Rules of the Senate, the Committee provides the 
following evaluation of the regulatory impact of the 
legislation, as reported:

                       number of persons covered

    S. 754, as reported, would require the NSF, in coordination 
with the OPM, to develop and implement a pilot program 
consisting of not more than 10, but at least 5, community 
colleges to provide scholarships to eligible students. The bill 
also would require the NSF, in coordination with the OPM, to 
provide consolidated and user-friendly online resources for 
prospective scholarship recipients and modify the reporting 
requirements concerning the success of participants in the 
Program. As a result, the number of persons impacted by this 
bill would increase based on the expanded opportunities for 
students to obtain information about and apply to participate 
in the Program. However, the number of people subject to 
mandates under the bill would not change significantly.

                            economic impact

    S. 754 would positively impact the U.S. economy by 
addressing the labor shortage of cybersecurity professionals, 
whose mission is to safeguard and protect valuable data and 
assets in both the public and private sector. The bill would do 
so by expanding the opportunities to participate in the 
Program, which builds capacity in institutions of higher 
education and incentivizes students through scholarships to 
pursue cybersecurity careers.

                                privacy

    S. 754 is not expected to have an adverse impact on the 
personal privacy of individuals. While the bill would require 
the NSF, in coordination with the OPM, to report on the hiring 
and retention rates in the public sector of successful 
participants in the Program, it specifically would require that 
this information be made public in a manner that would protect 
the personally identifiable information of scholarship 
recipients.

                               paperwork

    S. 754 would require the NSF, in coordination with the OPM, 
to assess the potential benefits of providing scholarships 
through community colleges. The bill also would require the 
NSF, in coordination with the OPM, to evaluate and make public 
information on the success of individuals participating in the 
Program. The NSF, in coordination with the OPM, also would be 
required to report to Congress not less than every 3 years on 
its evaluation of public sector workforce hiring and retention 
under the Program and other Federal cyber workforce statistics.

                   Congressionally Directed Spending

    In compliance with paragraph 4(b) of rule XLIV of the 
Standing Rules of the Senate, the Committee provides that no 
provisions contained in the bill, as reported, meet the 
definition of congressionally directed spending items under the 
rule.

                      Section-by-Section Analysis


Sec. 1. Short title.

    This section would provide that the Act may be cited as the 
``Cyber Scholarship Opportunities Act of 2017.''

Sec. 2. Findings.

    This section would find that a 2015 National Academy of 
Public Administration report indicated a critical shortage of 
cybersecurity professionals,\4\ another 2015 study indicated 
that this shortage is growing, and the Program is successful in 
supporting cybersecurity capacity building.
---------------------------------------------------------------------------
    \4\National Academy of Public Administration, Increasing the 
Effectiveness of the Federal Role in Cybersecurity Education, October 
2015, at http://napawash.org/studies/academy-studies/
increasingx-0_effectiveness_of_federal_role_in_cybersecurity_
education.pdf.
---------------------------------------------------------------------------

Sec. 3. Community College Cyber Pilot Program and assessment.

    This section would require the NSF, in coordination with 
the OPM, to carry out a pilot program as part of the Program to 
provide scholarships to at least 5 and not more than 10 
community colleges for students pursuing associate degrees or 
certifications in cybersecurity who either have obtained 
bachelor's degrees or are veterans of the armed forces. The 
NSF, in coordination with the OPM, also would be required to 
assess the potential benefits and feasibility of providing 
scholarships to such students through community colleges.

Sec. 4. Federal Cyber Scholarship-For-Service Program updates.

    This section would amend the Act of 2014 to update 
eligibility requirements, including defining cybersecurity 
proficiency according to the cybersecurity workforce framework 
developed by the National Institute of Standards and Technology 
under the National Initiative for Cybersecurity Education.
    The section also would require the NSF, in coordination 
with the OPM, to evaluate and make public information on the 
following: the success of individuals participating in the 
Program, including job placement rates, locations, and 
durations; student salary ranges; and any remedial training 
needs. The NSF, in coordination with the OPM, also would be 
required to report to Congress not less than every 3 years on 
this information, as well as on the size, composition, and 
educational requirements of the Federal cybersecurity 
workforce. This section also would require the NSF, in 
coordination with the OPM, to provide user-friendly online 
resources for scholarship recipients, including job 
opportunities and a modernized view of cybersecurity careers.
    The section would amend the Act of 2014 to clarify and 
expand acceptable job placements for students participating in 
the Program to include the following: Federal executive 
agencies; Congress, including any agency, entity, office, or 
commission established in the legislative branch; interstate 
agencies; State, local, and tribal governments; and State, 
local, and tribal government-affiliated non-profits that are 
considered to be critical infrastructure (as defined in section 
1016(e) of the USA PATRIOT Act (42 U.S.C. 5195c(e))). The 
section also would prioritize placement of 80 percent of 
CyberCorps scholarship recipients in Federal executive agencies 
consistent with the original intent of the Program.
    This section would authorize grants to improve 
cybersecurity education at the K-12 level in order to increase 
interest in cybersecurity careers, improve online behavior, 
improve methods of delivery for cybersecurity content, and 
promote cybersecurity teacher recruitment.

Sec. 5. Cybersecurity teaching.

    This section would amend the Robert Noyce Program, 
authorized in the NSF Authorization Act of 2002, by adding the 
subject of cybersecurity to the current definition of 
``mathematics and science teacher.''
    The section also would amend the Robert Noyce Program to 
add the field of cybersecurity to the definition of ``science, 
technology, engineering, or mathematics professional.''

                        Changes in Existing Law

    In compliance with paragraph 12 of rule XXVI of the 
Standing Rules of the Senate, changes in existing law made by 
the bill, as reported, are shown as follows (existing law 
proposed to be omitted is enclosed in black brackets, new 
material is printed in italic, existing law in which no change 
is proposed is shown in roman):

         NATIONAL SCIENCE FOUNDATION AUTHORIZATION ACT OF 2002


                  [Public Law 107-368; 116 Stat. 3034]

SEC. 10A. ROBERT NOYCE TEACHER SCHOLARSHIP PROGRAM.

  (a) * * *
  (i) Definitions.--In this section--
          (1) the term ``cost of attendance'' has the meaning 
        given such term in section 472 of the Higher Education 
        Act of 1965 (20 U.S.C. 1087ll);
          (2) the term ``eligible entity'' means--
                  (A) an institution of higher education; or
                  (B) an institution of higher education that 
                receives grant funds on behalf of a consortium 
                of institutions of higher education;
          (3) the term ``fellowship'' means an award to an 
        individual under section 10A;
          (4) the term ``high need local educational agency'' 
        has the meaning given such term in section 201 of the 
        Higher Education Act of 1965 (20 U.S.C. 1021);
          [(5) the term ``mathematics and science teacher'' 
        means a science, computer science, technology, 
        engineering, or mathematics teacher at the elementary 
        school or secondary school level;]
          (5) the term ``mathematics and science teacher'' 
        means a science, technology, engineering, mathematics, 
        or computer science, including cybersecurity, teacher 
        at the elementary school or secondary school level;
          (6) the term ``scholarship'' means an award under 
        subsection (c);
          [(7) the term ``science, technology, engineering, or 
        mathematics professional'' means a person who holds a 
        baccalaureate, master's, or doctoral degree in science, 
        technology, engineering, or mathematics, and is working 
        in or had a career in such field or a related area; 
        and]
          (7) the term ``science, technology, engineering, or 
        mathematics professional'' means an individual who 
        holds a baccalaureate, master's, or doctoral degree in 
        science, technology, engineering, mathematics, or 
        computer science, including cybersecurity, and is 
        working in or had a career in such field or a related 
        area; and
          (8) the term ``stipend'' means an award under 
        subsection (d).
  (j) Mathematics and Science Scholarship Gift Fund.--In 
accordance with section 11(f) of the National Science 
Foundation Act of 1950 (42 U.S.C. 1870(f)), the Director is 
authorized to accept donations from the private sector to 
supplement but not supplant scholarships, stipends, 
internships, or fellowships associated with programs under this 
section or section 10A.
  (k) Assessment of Teacher Service and Retention.--Not later 
than 4 years after the date of enactment of the America 
COMPETES Act, the Director shall transmit to the Committee on 
Health, Education, Labor, and Pensions of the Senate and the 
Committee on Science and Technology of the House of 
Representatives a report on the effectiveness of the programs 
carried out under this section and section 10A. The report 
shall include the proportion of individuals receiving 
scholarships, stipends, or fellowships under the program who--
          (1) fulfill the individuals' service obligation 
        required under this section or section 10A;
          (2) remain in the teaching profession beyond the 
        individuals' service obligation; and
          (3) remain in the teaching profession in a high need 
        local educational agency beyond the individuals' 
        service obligation.
  (l) Evaluation.--Not less than 2 years after the date of 
enactment of the America COMPETES Act, the Director, in 
consultation with the Secretary of Education, shall conduct an 
evaluation to determine whether the scholarships, stipends, and 
fellowships authorized under this section and section 10A have 
been effective in increasing the numbers of high-quality 
mathematics and science teachers teaching in high need local 
educational agencies and whether there continue to exist 
significant shortages of such teachers in high need local 
educational agencies.

                  CYBERSECURITY ENHANCEMENT ACT OF 2014


                        [15 U.S.C. 7421 et seq.]

SEC. 302. FEDERAL CYBER SCHOLARSHIP-FOR-SERVICE PROGRAM.

                            [15 U.S.C. 7442]

  (a) In General.--The Director of the National Science 
Foundation, in coordination with the Director of the Office of 
Personnel Management and Secretary of Homeland Security, shall 
continue a Federal cyber scholarship-for-service program to 
recruit and train the next generation of information technology 
professionals, industrial control system security 
professionals, and security managers to meet the needs of the 
cybersecurity mission for Federal, State, local, and tribal 
governments.
  (b) Program Description and Components.--The Federal Cyber 
Scholarship-for-Service Program shall--
          (1) provide scholarships through qualified 
        institutions of higher education, including community 
        colleges, to students who are enrolled in programs of 
        study at institutions of higher education leading to 
        degrees or specialized program certifications in the 
        cybersecurity field;
          (2) provide the scholarship recipients with summer 
        internship opportunities or other meaningful temporary 
        appointments in the Federal information technology 
        workforce; and
          [(3) prioritize the employment placement of 
        scholarship recipients in the Federal Government.]
          (3) prioritize the employment placement of at least 
        80 percent of scholarship recipients in an executive 
        agency (as defined in section 105 of title 5, United 
        States Code); and
          (4) provide awards to improve cybersecurity education 
        at the kindergarten through grade 12 level--
                  (A) to increase interest in cybersecurity 
                careers;
                  (B) to help students practice correct and 
                safe online behavior and understand the 
                foundational principles of cybersecurity;
                  (C) to improve teaching methods for 
                delivering cybersecurity content for 
                kindergarten through grade 12 computer science 
                curricula; and
                  (D) to promote teacher recruitment in the 
                field of cybersecurity.
  (c) Scholarship Amounts.--Each scholarship under subsection 
(b) shall be in an amount that covers the student's tuition and 
fees at the institution under subsection (b)(1) for not more 
than 3 years and provides the student with an additional 
stipend.
  [(d) Post-award Employment Obligations.--Each scholarship 
recipient, as a condition of receiving a scholarship under the 
program, shall enter into an agreement under which the 
recipient agrees to work in the cybersecurity mission of a 
Federal, State, local, or tribal agency for a period equal to 
the length of the scholarship following receipt of the 
student's degree.]
  (d) Post-award Employment Obligations.--Each scholarship 
recipient, as a condition of receiving a scholarship under the 
program, shall enter into an agreement under which the 
recipient agrees to work for a period equal to the length of 
the scholarship, following receipt of the student's degree, in 
the cybersecurity mission of--
          (1) an executive agency (as defined in section 105 of 
        title 5, United States Code);
          (2) Congress, including any agency, entity, office, 
        or commission established in the legislative branch;
          (3) an interstate agency;
          (4) a State, local, or tribal government; or
          (5) a State, local, or tribal government-affiliated 
        non-profit that is considered to be critical 
        infrastructure (as defined in section 1016(e) of the 
        USA Patriot Act (42 U.S.C. 5195c(e))).
  (e) Hiring Authority.--
          (1) Appointment in excepted service.--Notwithstanding 
        any provision of chapter 33 of title 5, United States 
        Code, governing appointments in the competitive 
        service, an agency shall appoint in the excepted 
        service an individual who has completed the eligible 
        degree program for which a scholarship was awarded.
          (2) Noncompetitive conversion.--Except as provided in 
        paragraph (4), upon fulfillment of the service term, an 
        employee appointed under paragraph (1) may be converted 
        noncompetitively to term, career-conditional or career 
        appointment.
          (3) Timing of conversion.--An agency may 
        noncompetitively convert a term employee appointed 
        under paragraph (2) to a career-conditional or career 
        appointment before the term appointment expires.
          (4) Authority to decline conversion.--An agency may 
        decline to make the noncompetitive conversion or 
        appointment under paragraph (2) for cause.
  (f) Eligibility.--To be eligible to receive a scholarship 
under this section, an individual shall--
          (1) be a citizen or lawful permanent resident of the 
        United States;
          (2) demonstrate a commitment to a career in improving 
        the security of information technology;
          [(3) have demonstrated a high level of proficiency in 
        mathematics, engineering, or computer sciences;]
          (3) have demonstrated a high level of competency in 
        relevant knowledge, skills, and abilities, as defined 
        by the national cybersecurity awareness and education 
        program under section 401;
          [(4) be a full-time student in an eligible degree 
        program at a qualified institution of higher education, 
        as determined by the Director of the National Science 
        Foundation; and]
          (4) be a full-time student in an eligible degree 
        program at a qualified institution of higher education, 
        as determined by the Director of the National Science 
        Foundation, except that in the case of a student who is 
        enrolled in a community college, be a student pursuing 
        a degree on a less than full-time basis, but not less 
        than half-time basis; and
          (5) accept the terms of a scholarship under this 
        section.
  (g) * * *
  [(m) Evaluation and Report.--The Director of the National 
Science Foundation shall evaluate and report periodically to 
Congress on the success of recruiting individuals for 
scholarships under this section and on hiring and retaining 
those individuals in the public sector workforce.]
  (m) Public Information.--
          (1) Evaluation.--The Director of the National Science 
        Foundation, in coordination with the Director of the 
        Office of Personnel Management, shall periodically 
        evaluate and make public, in a manner that protects the 
        personally identifiable information of scholarship 
        recipients, information on the success of recruiting 
        individuals for scholarships under this section and on 
        hiring and retaining those individuals in the public 
        sector cyber workforce, including on--
                  (A) placement rates;
                  (B) where students are placed, including job 
                titles and descriptions;
                  (C) student salary ranges for students not 
                released from obligations under this section;
                  (D) how long after graduation they are 
                placed;
                  (E) how long they stay in the positions they 
                enter upon graduation;
                  (F) how many students are released from 
                obligations; and
                  (G) what, if any, remedial training is 
                required.
          (2) Reports.--The Director of the National Science 
        Foundation, in coordination with the Office of 
        Personnel Management, shall submit, at least once every 
        3 years, to the Committee on Commerce, Science, and 
        Transportation of the Senate and the Committee on 
        Science, Space, and Technology of the House of 
        Representatives a report, including the results of the 
        evaluation under paragraph (1) and any recent 
        statistics regarding the size, composition, and 
        educational requirements of the Federal cyber 
        workforce.
          (3) Resources.--The Director of the National Science 
        Foundation, in coordination with the Director of the 
        Office of Personnel Management, shall provide 
        consolidated and user-friendly online resources for 
        prospective scholarship recipients, including, to the 
        extent practicable--
                  (A) searchable, up-to-date, and accurate 
                information about participating institutions of 
                higher education and job opportunities related 
                to the field of cybersecurity; and
                  (B) a modernized description of cybersecurity 
                careers.

                                  [all]