A bill to direct the Director of the Cybersecurity and Infrastructure Security Agency to establish a K-12 Cybersecurity Technology Improvement Program, and for other purposes.
Impact
The legislative implications of SB1191 include the establishment of a Cybersecurity Incident Registry, which would serve as a voluntary repository for reporting cyber incidents impacting K-12 institutions. This registry aims to enhance nationwide data collection on cyber threats affecting educational entities and support the development of systematic preventative measures. Additionally, the introduction of training programs for school staff will promote broader awareness and preparedness against potential cyber risks, suggesting a foundational shift in how educational institutions approach cybersecurity.
Summary
SB1191, titled the Enhancing K–12 Cybersecurity Act, aims to establish a directed effort by the Cybersecurity and Infrastructure Security Agency (CISA) to improve the cybersecurity posture of K-12 educational institutions. The bill requires CISA to develop a comprehensive program designed to help elementary and secondary schools strengthen their defenses against cyber threats through various means, including strategic cybersecurity planning and the installation of pertinent tools. Notably, this program will leverage partnerships with Information Sharing and Analysis Organizations to deliver tailored cybersecurity solutions to these schools.
Contention
While many anticipate the positive effects of SB1191 in bolstering school cybersecurity frameworks, potential concerns include the allocation of federal funding for these initiatives. Some stakeholders worry about the effectiveness of funding distributions and the implications for local governance in managing cybersecurity protocols effectively. Moreover, ensuring that the information shared in these registries is adequately anonymized and protects students' privacy has been highlighted as an essential requirement to avoid misuse of sensitive data.
A bill to create an Office of Cybersecurity at the Federal Trade Commission for supervision of data security at consumer reporting agencies, to require the promulgation of regulations establishing standards for effective cybersecurity at consumer reporting agencies, to impose penalties on credit reporting agencies for cybersecurity breaches that put sensitive consumer data at risk, and for other purposes.
DHS Cybersecurity On-the-Job Training and Employment Apprentice Program Act This bill requires the Department of Homeland Security (DHS) to establish a DHS Cybersecurity On-the-Job Training and Employment Apprentice Program to identify and train DHS employees for cybersecurity work. The Cybersecurity and Infrastructure Security Agency within DHS must lead the program. Among other things, the agency must (1) track the status of cybersecurity positions at DHS, (2) develop a program curriculum, and (3) recruit DHS employees for the program.
Requires instruction on cybersecurity in grades nine through 12; requires Office of Secretary of Higher Education to develop cybersecurity model curricula; establishes loan redemption programs for individuals in certain cybersecurity occupations.
Requires instruction on cybersecurity in grades nine through 12; requires Office of Secretary of Higher Education to develop cybersecurity model curricula; establishes loan redemption programs for individuals in certain cybersecurity occupations.
Requires instruction on cybersecurity in grades nine through 12; requires Office of Secretary of Higher Education to develop cybersecurity model curricula; establishes loan redemption programs for individuals in certain cybersecurity occupations.
In regulation of insurers and related persons generally, providing for insurance data security; in reserve liabilities, repealing provisions relating to small company exemption and providing for adoption of exemption standards of NAIC Valuation Manual; and imposing penalties.