Sending Office: Honorable James R. Langevin
Sent By:
Kerry.McKittrick@mail.house.gov

Supported by Association for Career & Technical Education, Advance CTE, BSA | The Software Alliance, National Technology Security Coalition, International Consortium of Minority Cybersecurity Professionals, Enlisted Association of the
National Guard of the United States, Society for Maintenance and Reliability Professionals, National Grid, Edison Electric Institute

Sponsored by Reps. Langevin, Thompson (PA), Craig, Fitzpatrick, Harder, Houlahan, McCaul, Ruppersberger

Dear Colleague,

In high-risk critical infrastructure sectors – whether it’s telecommunications, agriculture or healthcare – a workforce with basic cyber skills is essential to our public safety. Unfortunately, the majority of skilled workers lack any cybersecurity training
specific to the systems they work on daily.

As critical infrastructure systems have become increasingly Internet-enabled, or “smart,” malicious cyber actors have attempted to wreak havoc on these systems. Some examples include: Russian hacking on Ukrainian power grids in 2015 and 2016, which led to
power outages for over 200,000 people, and more recently, the Triton malware, which affect Schneider Electric safety equipment. Infections with Triton could have caused the release of toxic chemicals from petrochemical refineries, creating serious health concerns
in nearby areas.  

Many individuals in critical infrastructure fields – like skilled tradespeople, health technicians, and advanced manufacturers – work jobs that
require more than a high school diploma but less than bachelor’s degree. These high-wage and in-demand positions require workers with skills acquired through career and technical education (CTE).

H.R. 1592, the Cybersecurity Skills Integration Act, would fund the development of critical infrastructure sector CTE programs that integrate cybersecurity. While it’s important that we have cybersecurity experts to help protect these sectors,
it’s also important that every worker, especially those dealing with operational technology, understand their role in keeping systems secure. Our goal is to build a culture of cyber safety that’s as much a part of workforce training as physical safety.

An electrician, who has been thoroughly trained in physical safety, would never leave a “hazard” door to a high-voltage distribution panel unlocked, but she may plug in a network cable and walk away. However, plugging in that “smart” device without changing
default credentials or alerting the network team is just as dangerous as leaving a door open.

President Trump agrees. In his May 2nd Executive Order on America’s Cybersecurity Workforce, the President recognized the need to mitigate vulnerabilities in critical infrastructure OT systems and build curricula to address the cybersecurity skills
gaps of workers in these sectors.

The bipartisan Cybersecurity Skills Integration Act would align CTE programs with industry needs by giving businesses a seat at the table with postsecondary institutions crafting programs that ensure students are learning relevant skills, including cybersecurity
competencies. To cosponsor H.R. 1592, please contact Kerry McKittrick in Rep. Langevin’s office at
Kerry.mckittrick@mail.house.gov or 202-225-2735.

Sincerely,

 

JIM LANGEVIN                                                        GLENN “GT” THOMPSON

Member of Congress                                                   Member of Congress

Related Legislative Issues

Selected legislative information: Education, Homeland Security, Labor, Technology

icon eDC logo e-Dear Colleague version 2.0
 
e-Dear Colleagues are intended for internal House use only.