Bipartisan bill pushes Pentagon to close cyber talent gaps, hardwire workforce strategy into national security
Publish Date: 2026-01-19 04:40:00
Source Domain: industrialcyber.co
Using an unordered list, summarize the following article with between 4 and 8 key points.
Two U.S. Senators introduced bipartisan legislation to build on existing efforts to recruit and retain cybersecurity professionals within the federal government. Titled ‘Department of Defense Comprehensive Cyber Workforce Strategy Act,’ the bill would require the Department of Defense (DoD) to further its development of a comprehensive cybersecurity workforce strategy to ensure critical national security missions have the skilled workforce needed to protect the nation’s networks and defend against foreign adversaries and cybercriminals.
Proposed by Gary Peters, a Michigan Democrat and ranking member of the Homeland Security and Governmental Affairs Committee, and Mike Rounds, a Republican from South Dakota, the legislation proposes that not later than Jan. 31, 2027, the Secretary of Defense shall, acting through the Chief Information Officer of the Department of Defense and the Assistant Secretary of Defense for Cyber Policy, and in consultation with the Chief Information Officers and Principal Cyber Advisors of the military departments, develop a comprehensive cyber workforce strategy and submit a report on that strategy to the Committees on Armed Services of the Senate and the House of Representatives.
The legislative move prioritizes cybersecurity workforce recruitment and retention efforts, enabling the nation to retain skilled experts and ensure mission continuity, thereby protecting against evolving cyber threats.
“Cyberattacks pose a significant threat to our national security and will only continue to become more complex with new developments in technology,” Senator Peters said in a media statement. “This bipartisan, commonsense bill will ensure that we have the highly skilled experts we need in place to protect against ever-evolving cybersecurity threats.”
“Readiness is a critical part of our nation’s cybersecurity,” said Senator Rounds. “We must make certain that we have a well-trained and ready workforce operating in close coordination with our national security enterprise to support our overall cyber strategy, prepare for future threats, and respond to incoming attacks.”
Despite the complex national security systems and technological resources for which the Department of Defense is responsible, the agency has faced many challenges in recruiting and retaining skilled cybersecurity professionals. As of September 2025, the Department has a vacancy rate of 10%, or roughly 25,000 empty cybersecurity positions.
The report required by the Department of Defense Comprehensive Cyber Workforce Strategy Act shall include an assessment of the progress achieved and remaining gaps in implementing the 2023–2027 Department of Defense Cyber Workforce Strategy, including the identification of elements that should be continued, modified, or discontinued in the strategy developed. It shall also cover a descriptive analysis of the Defense Cyber Workforce Framework, including the goals, activities, milestones, and key performance indicators used by the Department of Defense to measure progress and assess the effectiveness of the strategy’s implementation.
It shall also contain an assessment of the scope of the affected workforce for the Framework, including specific workforce numbers, vacancy numbers, work roles, or other statistical data relating to personnel system metrics. Identification of the progress of the Department in implementing the Framework based on the goals, activities, milestones, and key performance indicators.
The report shall also cover the identification of any issues, problems, or roadblocks identified by the Department in implementing the Framework, as well as any adjustments required to measurements of progress or inclusions of new goals, activities, milestones, key performance indicators, or work roles since publication of such framework, and any steps taken by the Department to overcome issues or lack of authority to address roadblocks.
Opportunities to leverage support from non-Department entities, or any workforce or talent management authorities that exist within other Federal agencies, in which inclusion in the Framework might benefit the Department.
The availability of commercial tools that support Framework talent management processes and might enhance performance or effectiveness, including workforce qualification and certification tracking, talent identification and tracking, tagging for additional skill identifiers in existing personnel management systems, or enhancing skill development for specific work roles. Opportunities to leverage supplementary personnel models that might be adapted from other domains, such as cyber civilian reserves or cyber auxiliary forces.
The report will also involve integrating existing academic centers of excellence or other university partnerships to help improve workforce development, talent acquisition, and skills development. A review of Framework work roles for artificial intelligence, data science, and data engineering to assess alignment with corresponding work roles in industry and recommendations for modifications to enable more effective recruiting of industry talent. Resource requirements and an implementation timeline for the strategy were developed, including budget estimates and key milestones.
The bill further proposed that, in developing the strategy required, the Secretary may solicit or coordinate input from external organizations with relevant expertise in human resources planning and human capital strategy, higher education and training, or cyber industry associations.
Last September, the U.S. National Institute of Standards and Technology (NIST) awarded more than US$3 million to strengthen cybersecurity workforce development efforts across 13 states. The funding, distributed through 17 cooperative agreements, aims to help address the nation’s persistent shortage of skilled cybersecurity professionals. With the newly awarded cooperative agreements, there are now 47 Regional Alliances and Multistakeholder Partnerships to Stimulate (RAMPS) communities established across 25 states.
Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.
