Establishing Cyber Security Educational Programs at Academic Institutions Act
- Bill Number
- H.R. 6631
- Origin Chamber
- House
- Congress
- 119th Congress, Session 1
- Policy Area
- Science, Technology, Communications
- Status
- Introduced
- Latest Action
- 2025-12-11: Referred to the Committee on Armed Services, and in addition to the Committee on Education and Workforce, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
- Last Updated
- 2026-01-20T14:52:21Z
AI-Generated Summary
Purpose
The legislation, titled the "Establishing Cyber Security Educational Programs at Academic Institutions Act," aims to strengthen national cybersecurity by requiring the Secretary of Defense to create a collaborative program with academic institutions. This program focuses on developing cybersecurity education to build a skilled workforce, without authorizing new funding.
Key Provisions
- Program Establishment: The Secretary of Defense must set up a program to partner with academic institutions on cybersecurity education. This includes creating curriculum standards (guidelines for what students learn), building skills in cybersecurity, promoting community awareness and participation, sharing best practices across programs, and addressing gaps in meeting educational needs for cyber threats.
- Consultation Requirements: The Secretary must consult with key federal leaders, including the Directors of the National Security Agency (NSA, which handles signals intelligence and cybersecurity), Cybersecurity and Infrastructure Security Agency (CISA, focused on protecting critical infrastructure from cyber risks), National Institute of Standards and Technology (NIST, which develops tech standards), Federal Bureau of Investigation (FBI, for law enforcement), and National Science Foundation (NSF, for science research funding). The goal is to prevent overlap or conflicts with existing federal cyber education efforts. Additional consultations occur with other federal agencies, private companies, academics, and organizations as needed. The program must also align with opportunities outlined in a 2020 defense law report.
- Institution Designations: The Secretary will designate qualifying academic institutions in areas like cyber defense (protecting systems), cyber operations (conducting cyber activities), and cyber research (studying cyber issues). Designations are based on:
- Alignment with established frameworks, such as the Defense Cyber Workforce Framework (DoD's guide to cyber job roles) and NIST's NICE Framework (a national guide to cyber education and jobs).
- Criteria emphasizing community outreach, leadership in workforce development (e.g., training faculty and researchers), creating educational standards for cyber professionals at all levels, implementing best practices across disciplines, addressing needs at federal, state, local, territorial, and tribal levels, holding regional accreditation (official quality approval from education bodies), and fostering collaboration on materials and with employers to define job skills.
- Metrics and Reporting: The Secretary, in collaboration with the consulted directors, will develop metrics (measurable indicators) and data requirements to evaluate the program's success. An annual report to Congress, starting one year after enactment, will assess benefits to participants and the Department of Defense (DoD) versus costs borne by institutions and sponsors.
- Limitations and Definitions: The program does not override existing federal authorities or require new funding. "Academic institution" is defined as U.S. higher education institutions receiving DoD research funding or senior military colleges (specialized schools for military training).
Significant Changes to Existing Law
This bill introduces a new DoD-led program for cybersecurity education collaboration, building on but not amending prior laws like the National Defense Authorization Act for Fiscal Year 2020 (which required a report on cyber education investments). It formalizes interagency coordination and institution designations to standardize and expand efforts, without creating competing programs.
Potential Impacts
- Government Agencies: Enhances coordination among DoD, NSA, CISA, NIST, FBI, and NSF, potentially streamlining federal cyber education initiatives and improving DoD's access to trained talent. It may reduce redundancies but relies on existing budgets, limiting scope.
- Citizens: Increases access to high-quality cybersecurity training at designated institutions, fostering a larger, more diverse national cyber workforce. This could lead to better job opportunities in cyber fields and stronger community awareness of cyber risks.
- International Relations: Indirectly bolsters U.S. cyber defenses, which may improve the country's position in global cyber diplomacy and deterrence against foreign threats, though the focus is domestic education.
Main Stakeholders Affected
- Department of Defense (DoD): Leads implementation, designations, and reporting.
- Academic Institutions: Eligible for partnerships and designations; must meet criteria to participate and may bear some costs.
- Federal Agencies: NSA, CISA, NIST, FBI, NSF, and others provide input and align programs.
- Private Sector and Employers: Collaborate on workforce needs; benefit from a skilled talent pool.
- Students and Communities: Gain educational opportunities, outreach, and pathways to cyber careers, especially in underserved areas.
- Congress: Receives annual reports to oversee effectiveness.
Notable Legal, Constitutional, or Political Implications
- Legal: Reinforces interagency collaboration under existing authorities (e.g., no supersession of roles), ensuring compliance with frameworks like NIST standards. The lack of new funding authorization ties implementation to current appropriations, potentially requiring future budget debates.
- Constitutional: Aligns with Congress's power to provide for national defense (Article I, Section 8) by supporting education for security needs, without infringing on state or institutional autonomy due to voluntary participation.
- Political: Promotes bipartisan interest in cybersecurity workforce development (introduced by representatives from different parties), but could spark debates on resource allocation amid competing defense priorities. It emphasizes equity by addressing multi-level government needs, potentially influencing broader cyber policy.
This summary was generated by AI and may contain inaccuracies. Refer to the official source document for the authoritative text.
Sponsor
Cosponsors (1)
Rep. Luttrell, Morgan [R-TX-8]
Recent Actions
- 2025-12-11: Referred to the Committee on Armed Services, and in addition to the Committee on Education and Workforce, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
- 2025-12-11: Referred to the Committee on Armed Services, and in addition to the Committee on Education and Workforce, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
- 2025-12-11: Introduced in House
- 2025-12-11: Introduced in House
Bill Versions
- Establishing Cyber Security Educational Programs at Academic Institutions Act — issued 2025-12-11 — PDF (7 pages)