House Oversight Committee advances bills affecting cyber, AI for feds

Bills to modernize cybersecurity hiring, broaden AI training and streamline regulatory documents advance out of the House Oversight and Accountability Committee...

Amid a long to-do list and some massive divisions between Democrats and Republicans on the House Oversight and Accountability Committee, members recently reached across the aisle in a few key areas.

Out of the 10 bills the committee marked up last week, three in particular would have lasting impacts for the federal workforce — and all three of them gained bipartisan support.

Changing the hiring landscape for cybersecurity

Improving cybersecurity hiring for agencies was top of mind for the committee members. One piece of legislation, first introduced by Rep. Nancy Mace (R-S.C.), chairwoman of the subcommittee on Cybersecurity, IT and Government Innovation, aims to roll back degree requirements for hiring cyber professionals into government positions.

Specifically, the Modernizing the Acquisition of Cybersecurity Experts Act would prohibit mandatory college degree requirements for federal cybersecurity jobs, unless there are specific legal requirements for a federal position. But that’s rarely the case for entry-level positions — the area that Mace is most acutely targeting.

“We have some remarkable young people coming through this generation that have great talent because they’ve been around technology their entire life and shouldn’t be prevented from using those talents in the federal IT workforce,” Mace said during the July 12 committee markup. “We should be welcoming that kind of talent in any way, shape or form we can. While the cyber workforce is crucial to our national security, it’s graying rapidly.”

Currently, federal employees working in IT are on average older than those who comprise the federal workforce overall. In fiscal 2022, just 3.8% of federal IT employees were under age 30, compared with about 7% in the same age range for the federal workforce overall. In contrast, federal workers ages 60 and older make up more than 17% of the federal IT workforce, but just about 14.5% of the federal workforce overall. More than half of the federal IT workforce is over age 50.

Image from the White House’s analytical perspectives section, “Strengthening the federal workforce,” of fiscal 2024 budget request.

The latest efforts in Congress also come as agencies face a governmentwide skills gap in cybersecurity, and a shortage of cybersecurity workers nationwide. The legislation gained bipartisan support in the committee, originally co-sponsored by Rep. Katie Porter (D-Calif.).

“No part of the federal government should disqualify an individual from competing for a federal job based on whether they have one type of educational credential,” Porter said. “College isn’t always affordable and accessible for everybody, and the reality is that many people gain the skills necessary to flourish and succeed at federal cybersecurity jobs as part of other experiences, including military service, or training and apprenticeship programs. The door needs to be open to both kinds of qualified candidates — those with or without a degree.”

The committee lawmakers hope the bill will help codify part of an executive order that urges an emphasis on experience over education in public sector hiring — it’s the direction that the private sector has been moving toward as well. The executive order, signed by former President Donald Trump, called on agencies to prioritize tangible skills rather than college degrees in federal hiring. Upheld in the Biden administration, the order led to guidance from the Office of Personnel Management in 2022 that focused on skills-based recruitment.

And OPM has taken other steps to address cyber workforce challenges, such as standing up a rotational cyber workforce program, creating cyber workforce dashboards and approving a Special Salary Rate for IT professionals — however, the future of the SSR is still undetermined.

More training in AI for federal employees

Another bill, the AI Training Expansion Act, would expand training in AI for federal employees. The legislation, which Mace sponsored, aims to build on a recently established governmentwide training program for AI by broadening training access to reach more federal employees, and incorporating more training topics.

Under the bill, if enacted, managers would be able to establish new training programs, or fold them into existing training. The training would cover the capabilities and risks of AI, best practices for working with AI and managing AI systems.

Rep. Gerry Connolly (D-Va.) is the original co-sponsor for the AI Training Expansion Act.

“We’ve got to have a federal workforce that is conversant with AI and is trained both in the positive applications of AI and in the risks AI might pose,” Connolly said. “We also need to address the aging federal workforce. We’re going to make sure that the next generation of federal employees has this kind of training so that they can interact with the private sector in a knowledgeable and equal basis and protect the American public.”

The AI training legislation is one of many tactics from both Congress and the executive branch that look at how to improve the role of AI in the federal workforce, and in a broader sense, modernize federal IT. In another recent move, OPM issued governmentwide guidance that looks at more than 50 competencies agencies should consider when hiring staff into AI-related positions.

Addressing ‘regulatory dark matter’

One other piece of legislation, originally from committee Republicans, takes aim at updating the regulatory process for federal agencies. The Guidance out of Darkness (GOOD) Act, which Oversight Committee Chairman James Comer (R-Ky.) introduced in February, would require agencies to publish all of their guidance documents in a centralized and easily accessible online location.

“Agency guidance documents are not easy to find,” Comer said during the committee markup. “The problem is so bad that agency guidance documents are known as ‘regulatory dark matter.’”

Agency documents, in the terms of the bill, include everything from memos, notices and directives to news releases, letters and blog posts — and more. If enacted, the Office of Management and Budget would have a three-month deadline to create the hub for all agencies to post their guidance documents.

The legislation follows on a 2019 executive order from Trump, which also had additional orders for agencies to review all their guidance documents and rescind any that weren’t needed. President Joe Biden revoked the order in 2021, during his first week in office.

This new legislation is a pared-down version of the executive order and focuses solely on the creation of a single website for all agencies to post guidance documents. During the committee markup, Committee Ranking Member Jamie Raskin (D-Md.) voiced his support for the GOOD Act.

“In many cases, these documents are already public information,” Raskin said. “Making them more accessible and more centralized in a public way is a good and transparent idea.”

All three bills from the markup advanced out of the committee with nearly unanimous member support.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories

    Unbanked Survey

    VA CIO: ‘Historic’ pay raise coming for IT workforce, as Special Salary Rate goes into effect in July

    Read more

    If agencies let cyber employees temporarily leave their jobs, will it keep them on staff longer?

    Read more