Sending Office: Honorable James R. Langevin
Supported by ACTE, Advance CTE, BSA | The Software Alliance, National Technology Security Coalition, International Consortium of Minority Cybersecurity Professionals, Enlisted Association of the National Guard of the United States, Society
for Maintenance and Reliability Professionals
Sponsored by Reps. Langevin, Thompson (PA), Craig, Fitzpatrick, McCaul, Ruppersberger
In high-risk critical infrastructure sectors – whether it’s telecommunications, agriculture or healthcare – a workforce with basic cyber skills is essential to our public safety. Unfortunately, the majority of skilled workers lack any cybersecurity training
specific to the systems they work with on daily.
As critical infrastructure systems have become increasingly Internet-enabled, or “smart,” malicious cyber actors have attempted to wreak havoc on these systems. Some examples include: Russian hacking on Ukrainian power grids in 2015 and 2016 led to power
outages for over 200,000 people, and more recently, the Triton malware, which affect Schneider Electric safety equipment. Infections with Triton could have caused the release of toxic chemicals from petrochemical refineries, creating serious health concerns
in nearby areas.
Many individuals in critical infrastructure fields – like skilled tradespeople, health technicians, and advanced manufacturers – work jobs that
require more than a high school diploma but less than bachelor’s degree. These high-wage and in-demand positions require workers with skills acquired through career and technical education (CTE).
H.R. 1592, the Cybersecurity Skills Integration Act, would fund the development of critical infrastructure sector CTE programs that integrate cybersecurity. While it’s important that we have cybersecurity experts to help protect these sectors,
it’s also important that every worker, especially those dealing with operational technology, understand their role in keeping systems secure. Our goal is to build a culture of cyber safety that’s as much a part of workforce training as physical safety.
An electrician, who has been thoroughly trained in physical safety, would never leave a “hazard” door to a high-voltage distribution panel unlocked, but she may plug in a network cable and walk away. However, plugging in that “smart” device without changing
default credentials or alerting the network team is just as dangerous as leaving a door open.
President Trump agrees. In his May 2nd Executive Order on America’s Cybersecurity Workforce, the President recognized the need to mitigate vulnerabilities in critical infrastructure OT systems and build curricula to address the cybersecurity skills
gaps of workers in these sectors.
The bipartisan Cybersecurity Skills Integration Act would align CTE programs with industry needs by giving businesses a seat at the table with postsecondary institutions crafting programs that ensure students are learning relevant skills, including cybersecurity
competencies. To cosponsor H.R. 1592, please contact Kerry McKittrick in Rep. Langevin’s office at
Kerry.firstname.lastname@example.org or 202-225-2735.
JIM LANGEVIN GLENN “GT” THOMPSON
Member of Congress Member of Congress
e-Dear Colleague version 2.0