Cyber PIVOTT Act
- Bill Number
- H.R. 1000
- Origin Chamber
- House
- Congress
- 119th Congress, Session 1
- Policy Area
- Government Operations and Politics
- Status
- Introduced
- Latest Action
- 2025-09-08: ASSUMING FIRST SPONSORSHIP - Mrs. Biggs (SC) asked unanimous consent that she may hereafter be considered as the first sponsor of H.R. 1000, a bill originally introduced by Representative Green (TN), for the purpose of adding cosponsors and requesting reprintings pursuant to clause 7 of rule XII. Agreed to without objection.
- Last Updated
- 2025-09-09T08:05:40Z
AI-Generated Summary
Purpose of the Legislation
The "Providing Individuals Various Opportunities for Technical Training to Build a Skills-Based Cyber Workforce Act of 2025" (or "Cyber PIVOTT Act") aims to strengthen the U.S. cybersecurity workforce by expanding education and training programs through the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS). It focuses on providing accessible, skills-based training to students at community colleges and technical schools to prepare them for cybersecurity roles in government and critical infrastructure, addressing workforce shortages in this field.
Key Provisions
- Establishment of the PIVOTT Program: Creates a new program under CISA to partner with community colleges, technical schools, and other two-year higher education institutions (referred to as "participating institutions"). The program offers education and training in cybersecurity and related fields, including associate's degrees or technical certifications aligned with national cybersecurity frameworks (e.g., the NICE Cybersecurity Workforce Framework).
- Student Eligibility and Scholarships:
- Eligible students include those starting or enrolled in two-year cybersecurity programs, career changers with a high school diploma, or entry-level individuals.
- Provides full scholarships covering tuition, fees, travel, lodging, stipends, internships, certification tests, and other necessary expenses.
- Requires a two-year service obligation in a cybersecurity role at federal, state, local, Tribal, or territorial governments post-completion, with exceptions for military service or further education.
- Program must be completed within four years, with possible extensions for hardship.
- Institutional Requirements:
- Participating institutions must be part of the National Centers of Academic Excellence in Cybersecurity (NCAE-C) or deemed eligible by CISA based on course alignment with cybersecurity pathways and campus resources like cybersecurity clinics.
- Program Components:
- Students complete at least four skills-based exercises per year (e.g., lab work, hackathons, virtual simulations, workshops), with at least one in-person every two years, coordinated with federal agencies and non-federal experts.
- Mandates internships in government entities, rural or high-risk critical infrastructure, or federal agencies, prioritizing those seeking federal roles and initiating security clearances early.
- Includes outreach like regional initiatives, industry reports on relevant skills, and annual federal recruitment fairs at participating institutions.
- Completion Benefits:
- Access to an online database of cybersecurity resources and job opportunities.
- Funding for up to three industry-recognized certifications within ten years of completion.
- Scholarships for up to ten program graduates per year (after seven years of federal service) to pursue advanced degrees at NCAE-C institutions.
- Repayment and Compliance:
- Scholarships must be repaid (as a loan with interest) if students fail to meet academic, disciplinary, or service obligations, unless exempted (e.g., military enlistment or good-faith job search efforts).
- Institutions monitor compliance; repayments return to DHS, with a fixed percentage retained by institutions for administrative costs.
- Waivers possible for extreme hardship.
- Implementation Timeline:
- Enroll at least 250 students in the first full academic year (one year after enactment), doubling annually until reaching 1,000, with a long-term plan for 10,000 students per year within ten years.
- CISA must report to Congress on enrollment shortfalls and review existing education programs for costs, reach, and gaps within 90 days of enactment.
- DHS must report on supporting the existing CyberCorps Scholarship for Service program.
Significant Changes to Existing Law
- Amends the Homeland Security Act of 2002 by adding a new Section 1334 to Subtitle D of Title XIII, specifically creating the PIVOTT Program and outlining its operations.
- Updates the Act's table of contents to include the new section.
- Introduces repayment mechanisms modeled on federal student loans (e.g., Federal Direct Unsubsidized Stafford Loans under the Higher Education Act of 1965), which were not previously specified for CISA scholarships.
- No direct repeal or alteration of existing cybersecurity training laws, but enhances CISA's role in workforce development beyond current programs like CyberCorps.
Potential Impacts
- On Government Agencies: Bolsters federal, state, local, Tribal, and territorial cybersecurity staffing by creating a pipeline of trained professionals, potentially reducing recruitment costs and improving response to cyber threats. CISA and DHS will need additional funding and administrative resources for scholarships, partnerships, and monitoring.
- On Citizens: Provides affordable access to cybersecurity education for underrepresented or entry-level individuals, fostering career opportunities in high-demand fields. However, service obligations could limit immediate post-graduation flexibility for some participants.
- On International Relations: Indirectly strengthens U.S. national security by enhancing domestic cyber resilience, which could improve the country's position in global cybersecurity efforts, though no direct international provisions are included.
Main Stakeholders Affected
- Students and Potential Participants: Primary beneficiaries through scholarships and training, but obligated to government service.
- Educational Institutions: Community colleges, technical schools, and two-year programs gain funding and partnerships but must meet eligibility criteria and monitor compliance.
- Government Entities: CISA, DHS, other federal agencies (e.g., DoD, FBI, NSA), and state/local governments receive trained interns and employees to fill cyber roles.
- Critical Infrastructure Operators: Benefit from internships and a skilled workforce, especially in rural or high-risk sectors.
- Industry and Non-Profits: Involved in outreach, exercises, and certifications; may see expanded talent pools.
Notable Legal, Constitutional, or Political Implications
- Legal: Establishes enforceable service obligations and repayment rules, potentially leading to disputes over exemptions or waivers; integrates with existing federal loan frameworks, ensuring consistency but requiring regulatory updates by DHS and the Department of Education.
- Constitutional: No apparent conflicts; supports the federal government's role in national security and education under the Commerce Clause and general welfare provisions.
- Political: Promotes bipartisan cybersecurity priorities by addressing workforce gaps, with built-in congressional oversight (e.g., briefings on enrollment and plans). Could face debates over funding levels (subject to appropriations) and program scalability, emphasizing skills-based hiring over traditional degrees to appeal to workforce development advocates.
This summary was generated by AI and may contain inaccuracies. Refer to the official source document for the authoritative text.
Sponsor
Cosponsors (12)
Rep. Guest, Michael [R-MS-3], Rep. Gimenez, Carlos A. [R-FL-28], Rep. Higgins, Clay [R-LA-3], Rep. Strong, Dale W. [R-AL-5], Rep. Ezell, Mike [R-MS-4], Rep. Rogers, Harold [R-KY-5], Rep. Biggs, Sheri [R-SC-3], Rep. Evans, Gabe [R-CO-8], Rep. Moolenaar, John R. [R-MI-2], Rep. Garbarino, Andrew R. [R-NY-2], Rep. Pfluger, August [R-TX-11], Rep. Gonzales, Tony [R-TX-23]
Recent Actions
- 2025-09-08: ASSUMING FIRST SPONSORSHIP - Mrs. Biggs (SC) asked unanimous consent that she may hereafter be considered as the first sponsor of H.R. 1000, a bill originally introduced by Representative Green (TN), for the purpose of adding cosponsors and requesting reprintings pursuant to clause 7 of rule XII. Agreed to without objection.
- 2025-02-26: Ordered to be Reported by the Yeas and Nays: 17 - 8.
- 2025-02-26: Committee Consideration and Mark-up Session Held
- 2025-02-26: Subcommittee on Cybersecurity and Infrastructure Protection Discharged
- 2025-02-05: Referred to the Subcommittee on Cybersecurity and Infrastructure Protection.
- 2025-02-05: Referred to the Committee on Homeland Security, and in addition to the Committee on Education and Workforce, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
- 2025-02-05: Referred to the Committee on Homeland Security, and in addition to the Committee on Education and Workforce, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
- 2025-02-05: Introduced in House
- 2025-02-05: Introduced in House
Bill Versions
- Providing Individuals Various Opportunities for Technical Training to Build a Skills-Based Cyber Workforce Act of 2025 — issued 2025-02-05 — PDF (21 pages)