Federal Cyber Workforce Training Act of 2025
- Bill Number
- H.R. 3435
- Origin Chamber
- House
- Congress
- 119th Congress, Session 1
- Policy Area
- Labor and Employment
- Status
- Introduced
- Latest Action
- 2025-05-15: Referred to the House Committee on Oversight and Government Reform.
- Last Updated
- 2025-10-22T08:05:40Z
AI-Generated Summary
Purpose
The Federal Cyber Workforce Training Act of 2025 (H.R. 3435) aims to strengthen the U.S. federal government's cybersecurity capabilities by requiring the National Cyber Director to develop and submit a plan for creating a centralized Federal institute. This institute would serve as a key resource for training and developing the federal cyber workforce, focusing on roles that involve designing, building, securing, and defending digital systems.
Key Provisions
- Definitions: The bill defines key terms, such as "agency" (any federal executive department or entity), "cyber work role" (positions outlined in the NICE Framework, a National Institute of Standards and Technology guide for cybersecurity jobs), and "work-based learning" (hands-on training as defined in federal career education law).
- Plan Requirement: Within 180 days of enactment, the National Cyber Director must consult with leaders from the Departments of Homeland Security and Defense, the Office of Personnel Management (OPM), and other relevant agencies to submit a detailed plan to Congress and make it publicly available. The plan outlines establishing a Federal institute to provide:
- Training for new hires and mid-career transitions in cyber roles, including upskilling (enhancing current skills) and reskilling (learning new skills).
- Training for human resources (HR) staff handling cyber personnel.
- Institute Functions: The institute would:
- Offer modular, role-specific training with hands-on exercises and skill assessments, tailored for people from diverse backgrounds.
- Develop curricula in line with the NICE Framework, coordinated across agencies, and considering existing federal programs.
- Prioritize entry-level positions while addressing mid-career and HR needs.
- Include work-based learning, a badging system (digital credentials for completed training, similar to those used in intelligence agencies), and options for in-person or virtual delivery.
- Provide training regardless of whether participants have a college degree.
- Plan Elements: The plan must recommend:
- Organizational structure (e.g., within one agency or across multiple).
- Alignment with NIST publications and other federal guidelines.
- Use of existing vs. new federal facilities and resources.
- Curriculum details, delivery methods, and duration, modeled on programs like the Department of Defense's Joint Cyber Analysis Course.
- Policies for those who don't complete training, a process for obtaining security clearances during training, and a governance model for interagency coordination.
- Funding estimates, needs for classified work, and partnerships with five National Security Agency-designated academic centers of excellence that have secure facilities.
- Ways to keep instructors up-to-date on cybersecurity trends and maintain teaching quality.
- Consultation and Reporting: The Director must consult OPM and federal councils (e.g., Chief Human Capital Officers Council) to create HR tools for managing cyber careers from hiring to retirement. A briefing on the plan, including funding and authority needs, is required 270 days after enactment.
- Funding Limitation: No new funds are authorized; implementation relies on existing resources.
Significant Changes to Existing Law
This bill does not amend prior laws directly but introduces a new mandate for planning a centralized training institute, building on existing frameworks like the NICE Framework and federal cyber programs. It shifts focus from fragmented agency-specific training to a coordinated, government-wide approach, without creating the institute immediately—only requiring a blueprint for Congress to review and potentially fund later.
Potential Impacts
- Government Agencies: Could streamline cyber training across agencies, reducing duplication and improving workforce readiness for threats like cyberattacks. Agencies like Homeland Security and Defense may see enhanced coordination but face challenges in resource allocation without new funding.
- Citizens: Indirectly benefits the public by bolstering federal cybersecurity defenses, potentially leading to safer digital infrastructure (e.g., protecting elections, utilities, and personal data from cyber risks).
- International Relations: May strengthen U.S. cyber posture globally by building a more skilled federal workforce, aiding responses to international cyber threats without direct foreign policy changes.
Main Stakeholders Affected
- National Cyber Director and Office: Leads plan development and implementation.
- Federal Agencies: Especially Departments of Homeland Security and Defense, OPM, and others with cyber roles; they provide input and would use the institute for training.
- Congressional Committees: Armed Services, Homeland Security/Governmental Affairs, and Oversight/Government Reform in both chambers oversee and fund potential follow-up.
- Federal Employees and HR Staff: Cyber workers (new hires to mid-career) and HR personnel gain access to standardized training and career tools.
- Academic Institutions: Five NSA-designated centers of excellence could partner for secure training delivery.
- Broader Federal Workforce: Emphasizes inclusive training, benefiting those without cyber degrees entering the field.
Notable Legal, Constitutional, or Political Implications
- Legal: Reinforces the federal cybersecurity ecosystem under existing authorities (e.g., NIST standards) but requires congressional approval for any future funding or establishment, ensuring oversight. The no-new-funds clause limits immediate action, tying it to budget processes.
- Constitutional: Aligns with Congress's power to organize the executive branch (Article I) and supports national defense needs (Article II), without raising separation-of-powers issues.
- Political: Promotes bipartisan workforce investment amid rising cyber threats; introduced by representatives from both parties, it emphasizes efficiency and accessibility, potentially influencing future cyber policy debates on talent shortages.
This summary was generated by AI and may contain inaccuracies. Refer to the official source document for the authoritative text.
Sponsor
Cosponsors (3)
Rep. Kaptur, Marcy [D-OH-9], Rep. Neguse, Joe [D-CO-2], Rep. Vindman, Eugene Simon [D-VA-7]
Recent Actions
- 2025-05-15: Referred to the House Committee on Oversight and Government Reform.
- 2025-05-15: Introduced in House
- 2025-05-15: Introduced in House
Bill Versions
- Federal Cyber Workforce Training Act of 2025 — issued 2025-05-15 — PDF (10 pages)