On June 21, 2022, U.S. President Joe Biden signed two cybersecurity bills into law. The new legislation is the most recent in a line of initiatives to strengthen the country’s cybersecurity. It aims to increase the knowledge and expertise of the federal cyber workforce and foster collaboration on security-related issues at all levels of government.
STATE AND LOCAL GOVERNMENT CYBERSECURITY ACT OF 2021
The legislation was authored by US Senators Gary Peters and Rob Portman. They said state and local governments need some additional help or access to expertise to address increasing cybersecurity threats.
The State and Local Government Cybersecurity Act of 2021 aims to enhance communication between state, local, tribal, and territory governments and the Cybersecurity and Infrastructure Security Agency (CISA). These organisations will be able to exchange security resources, protocols, and data more conveniently under the new regulation.
The new laws continue a trend of increased efforts to shore up cybersecurity at the federal, state, and local levels. This March saw the passage of the Cyber Incident Reporting Act, which requires organisations in critical infrastructure sectors (as defined by CISA) to report a cyberattack within 72 hours and a ransomware payment within 24.
The State and Local Government Cybersecurity Act places CISA in charge of managing the National Cybersecurity and Communications Integrations Center (NCCIC), allowing them to share their security-related technologies, processes, policies, and products with state and local governments more successfully. Overall communication will be improved, and the Multi-State Information Sharing and Analysis Center will function more effectively.
FEDERAL ROTATIONAL CYBER WORKFORCE PROGRAM ACT OF 2021
The Federal Rotational Cyber Workforce Program Act, a second measure signed into law by President Biden, aims to make it easier for federal agencies to rotate their civilian workforce. The law creates a more formal procedure for permitting cybersecurity workers to switch between agencies to improve information exchange, gain new skills, and fill knowledge gaps.
The federal government “lacks a clear, integrated government-wide plan for establishing a national cybersecurity workforce,” according to a CISA-commissioned assessment published in January. Also, one of the U.S. senators who backed the legislation, Senator Jacky Rosen, said in May that the threat to economic and national security posed by the cybersecurity workforce is fundamental.
The rotation program intends to broaden the employment opportunities for cyber experts while enhancing communication and collaboration within agencies. The Act is positioned to assist as the cybersecurity talent shortfall and skills gap loom. The main objective is to improve the nation’s federal cybersecurity workforce by attracting talent and providing new professional opportunities for advancement.
Since over 700,000 cybersecurity jobs are open in the US, with close to 40,000 in the public sector, retaining talent within the government is now crucial.
These steps taken by the United States federal government, along with the multiple precautionary practices that private entities are already following, make the end goal of strengthening cybersecurity look like a task that can soon be achieved.
(The author is Mr. Akarsh Singh CEO & Co-founder, Tsaaro and the views expressed in this article are his own)