The Congressional Budget Office (CBO) reported Friday that S. 3437, the Federal Rotational Cyber Workforce Program Act of 2018, would cost less than $500,000 a year to implement.
The bill would “establish a civilian personnel rotation program for Federal cybersecurity professionals at agencies that confront cybersecurity challenges,” according to a press release from the bill’s sponsor Sen. Gary Peters, D-Mich. The program would operate on a short-term basis, with cybersecurity professionals serving no more than a year at another agency. The goal of the program is to help Federal cyber professionals “develop multiagency and policy expertise on cyber threats.” Additionally, in the current draft, the bill’s authority would expire in five years.
“The private data of millions of Americans and sensitive infrastructural system information are the routine targets of sophisticated cyber-attacks, and it is crucial that the federal government trains and retains highly skilled personnel who can repel a wide variety of cyber threats,” said Sen. Peters. “This bipartisan legislation will promote collaboration between agencies and provide pathways for federal employees to advance their careers and broaden their cybersecurity expertise.”
The CBO undertook its reporting on Sept. 26 at the request of the Senate Committee on Homeland Security and Governmental Affairs, after the committee advanced the legislation. The CBO examined annual implementation costs for the period of 2019-2023 and took into account new regulations, additional staff training, and administrative expenses. It further said that its estimated costs of less than $500,000 would be “subject to the availability of appropriated funds.”
In its report, the CBO did note that the legislation could impact direct spending by some agencies, specifically mentioning the Tennessee Valley Authority, because “they are authorized to use receipts from the sale of goods, fees, and other collections to cover their operating costs; therefore, pay-as-you-go procedures apply.” However, CBO also noted that because “most of those agencies can make adjustments to the amounts collected, CBO estimates that any net changes in direct spending by those agencies would not be significant. Enacting the bill would not affect revenues.” Enacting S. 3437 would not “significantly increase net direct spending or on-budget deficits in any of the four consecutive 10-year periods beginning in 2029,” CBO said.
“Cybersecurity threats are increasing and the federal government already faces a cyber-workforce shortage,” said Sen. John Hoeven, R-N.D., a member of the Senate Homeland Security Committee. “Our legislation will help retain our existing workforce while also boosting collaboration between agencies so we are better equipped to deal with sophisticated cybersecurity threats.”
While the Senate Homeland Security Committee advanced the legislation in September, no companion bill exists in the House.