FEDERAL · 6 U.S.C. · Chapter SUBCHAPTER II—INFORMATION ANALYSIS
Cybersecurity workforce assessment and strategy
6 U.S.C. § 146
This text of 6 U.S.C. § 146 (Cybersecurity workforce assessment and strategy) is published on Counsel Stack Legal Research, covering United States primary law. Counsel Stack provides free access to over 12 million legal documents including statutes, case law, regulations, and constitutions.
Bluebook
6 U.S.C. § 146.
Text
(a)Workforce assessment
Not later than 180 days after December 18, 2014, and annually thereafter for 3 years, the Secretary shall assess the cybersecurity workforce of the Department.
The assessment required under paragraph (1) shall include, at a minimum—
(A)an assessment of the readiness and capacity of the workforce of the Department to meet its cybersecurity mission;
(B)information on where cybersecurity workforce positions are located within the Department;
(C)information on which cybersecurity workforce positions are—
(i)performed by—
(I)permanent full-time equivalent employees of the Department, including, to the greatest extent practicable, demographic information about such employees;
(II)independent contractors; and
(III)individuals employed by other Federal agencies, inc
Free access — add to your briefcase to read the full text and ask questions with AI
Source Credit
History
(Pub. L. 113–246, §3, Dec. 18, 2014, 128 Stat. 2880.)
Editorial Notes
Editorial Notes
Codification
Section was enacted as part of the Cybersecurity Workforce Assessment Act, and not as part of the Homeland Security Act of 2002 which comprises this chapter.
Statutory Notes and Related Subsidiaries
Homeland Security Cybersecurity Workforce Assessment
Pub. L. 113–277, §4, Dec. 18, 2014, 128 Stat. 3008, provided that:
"(a) Short Title.—This section may be cited as the 'Homeland Security Cybersecurity Workforce Assessment Act'.
"(b) Definitions.—In this section:
"(1) Appropriate congressional committees.—The term 'appropriate congressional committees' means—
"(A) the Committee on Homeland Security and Governmental Affairs of the Senate;
"(B) the Committee on Homeland Security of the House of Representatives; and
"(C) the Committee on House Administration of the House of Representatives.
"(2) Cybersecurity work category; data element code; specialty area.—The terms 'Cybersecurity Work Category', 'Data Element Code', and 'Specialty Area' have the meanings given such terms in the Office of Personnel Management's Guide to Data Standards.
"(3) Department.—The term 'Department' means the Department of Homeland Security.
"(4) Director.—The term 'Director' means the Director of the Office of Personnel Management.
"(5) Secretary.—The term 'Secretary' means the Secretary of Homeland Security.
"(c) National Cybersecurity Workforce Measurement Initiative.—
"(1) In general.—The Secretary shall—
"(A) identify all cybersecurity workforce positions within the Department;
"(B) determine the primary Cybersecurity Work Category and Specialty Area of such positions; and
"(C) assign the corresponding Data Element Code, as set forth in the Office of Personnel Management's Guide to Data Standards which is aligned with the National Initiative for Cybersecurity Education's National Cybersecurity Workforce Framework report, in accordance with paragraph (2).
"(2) Employment codes.—
"(A) Procedures.—Not later than 90 days after the date of the enactment of this Act [Dec. 18, 2014], the Secretary shall establish procedures—
"(i) to identify open positions that include cybersecurity functions (as defined in the OPM Guide to Data Standards); and
"(ii) to assign the appropriate employment code to each such position, using agreed standards and definitions.
"(B) Code assignments.—Not later than 9 months after the date of the enactment of this Act, the Secretary shall assign the appropriate employment code to—
"(i) each employee within the Department who carries out cybersecurity functions; and
"(ii) each open position within the Department that have been identified as having cybersecurity functions.
"(3) Progress report.—Not later than 1 year after the date of the enactment of this Act, the Director shall submit a progress report on the implementation of this subsection to the appropriate congressional committees.
"(d) Identification of Cybersecurity Specialty Areas of Critical Need.—
"(1) In general.—Beginning not later than 1 year after the date on which the employment codes are assigned to employees pursuant to subsection (c)(2)(B), and annually through 2021, the Secretary, in consultation with the Director, shall—
"(A) identify Cybersecurity Work Categories and Specialty Areas of critical need in the Department's cybersecurity workforce; and
"(B) submit a report to the Director that—
"(i) describes the Cybersecurity Work Categories and Specialty Areas identified under subparagraph (A); and
"(ii) substantiates the critical need designations.
"(2) Guidance.—The Director shall provide the Secretary with timely guidance for identifying Cybersecurity Work Categories and Specialty Areas of critical need, including—
"(A) current Cybersecurity Work Categories and Specialty Areas with acute skill shortages; and
"(B) Cybersecurity Work Categories and Specialty Areas with emerging skill shortages.
"(3) Cybersecurity critical needs report.—Not later than 18 months after the date of the enactment of this Act, the Secretary, in consultation with the Director, shall—
"(A) identify Specialty Areas of critical need for cybersecurity workforce across the Department; and
"(B) submit a progress report on the implementation of this subsection to the appropriate congressional committees.
"(e) Government Accountability Office Status Reports.—The Comptroller General of the United States shall—
"(1) analyze and monitor the implementation of subsections (c) and (d); and
"(2) not later than 3 years after the date of the enactment of this Act, submit a report to the appropriate congressional committees that describes the status of such implementation."
Definitions
Pub. L. 113–246, §2, Dec. 18, 2014, 128 Stat. 2880, provided that: "In this Act [enacting this section and provisions set out as a note under section 101 of this title]—
"(1) the term 'Cybersecurity Category' means a position's or incumbent's primary work function involving cybersecurity, which is further defined by Specialty Area;
"(2) the term 'Department' means the Department of Homeland Security;
"(3) the term 'Secretary' means the Secretary of Homeland Security; and
"(4) the term 'Specialty Area' means any of the common types of cybersecurity work as recognized by the National Initiative for Cybersecurity Education's National Cybersecurity Workforce Framework report."
Codification
Section was enacted as part of the Cybersecurity Workforce Assessment Act, and not as part of the Homeland Security Act of 2002 which comprises this chapter.
Statutory Notes and Related Subsidiaries
Homeland Security Cybersecurity Workforce Assessment
Pub. L. 113–277, §4, Dec. 18, 2014, 128 Stat. 3008, provided that:
"(a) Short Title.—This section may be cited as the 'Homeland Security Cybersecurity Workforce Assessment Act'.
"(b) Definitions.—In this section:
"(1) Appropriate congressional committees.—The term 'appropriate congressional committees' means—
"(A) the Committee on Homeland Security and Governmental Affairs of the Senate;
"(B) the Committee on Homeland Security of the House of Representatives; and
"(C) the Committee on House Administration of the House of Representatives.
"(2) Cybersecurity work category; data element code; specialty area.—The terms 'Cybersecurity Work Category', 'Data Element Code', and 'Specialty Area' have the meanings given such terms in the Office of Personnel Management's Guide to Data Standards.
"(3) Department.—The term 'Department' means the Department of Homeland Security.
"(4) Director.—The term 'Director' means the Director of the Office of Personnel Management.
"(5) Secretary.—The term 'Secretary' means the Secretary of Homeland Security.
"(c) National Cybersecurity Workforce Measurement Initiative.—
"(1) In general.—The Secretary shall—
"(A) identify all cybersecurity workforce positions within the Department;
"(B) determine the primary Cybersecurity Work Category and Specialty Area of such positions; and
"(C) assign the corresponding Data Element Code, as set forth in the Office of Personnel Management's Guide to Data Standards which is aligned with the National Initiative for Cybersecurity Education's National Cybersecurity Workforce Framework report, in accordance with paragraph (2).
"(2) Employment codes.—
"(A) Procedures.—Not later than 90 days after the date of the enactment of this Act [Dec. 18, 2014], the Secretary shall establish procedures—
"(i) to identify open positions that include cybersecurity functions (as defined in the OPM Guide to Data Standards); and
"(ii) to assign the appropriate employment code to each such position, using agreed standards and definitions.
"(B) Code assignments.—Not later than 9 months after the date of the enactment of this Act, the Secretary shall assign the appropriate employment code to—
"(i) each employee within the Department who carries out cybersecurity functions; and
"(ii) each open position within the Department that have been identified as having cybersecurity functions.
"(3) Progress report.—Not later than 1 year after the date of the enactment of this Act, the Director shall submit a progress report on the implementation of this subsection to the appropriate congressional committees.
"(d) Identification of Cybersecurity Specialty Areas of Critical Need.—
"(1) In general.—Beginning not later than 1 year after the date on which the employment codes are assigned to employees pursuant to subsection (c)(2)(B), and annually through 2021, the Secretary, in consultation with the Director, shall—
"(A) identify Cybersecurity Work Categories and Specialty Areas of critical need in the Department's cybersecurity workforce; and
"(B) submit a report to the Director that—
"(i) describes the Cybersecurity Work Categories and Specialty Areas identified under subparagraph (A); and
"(ii) substantiates the critical need designations.
"(2) Guidance.—The Director shall provide the Secretary with timely guidance for identifying Cybersecurity Work Categories and Specialty Areas of critical need, including—
"(A) current Cybersecurity Work Categories and Specialty Areas with acute skill shortages; and
"(B) Cybersecurity Work Categories and Specialty Areas with emerging skill shortages.
"(3) Cybersecurity critical needs report.—Not later than 18 months after the date of the enactment of this Act, the Secretary, in consultation with the Director, shall—
"(A) identify Specialty Areas of critical need for cybersecurity workforce across the Department; and
"(B) submit a progress report on the implementation of this subsection to the appropriate congressional committees.
"(e) Government Accountability Office Status Reports.—The Comptroller General of the United States shall—
"(1) analyze and monitor the implementation of subsections (c) and (d); and
"(2) not later than 3 years after the date of the enactment of this Act, submit a report to the appropriate congressional committees that describes the status of such implementation."
Definitions
Pub. L. 113–246, §2, Dec. 18, 2014, 128 Stat. 2880, provided that: "In this Act [enacting this section and provisions set out as a note under section 101 of this title]—
"(1) the term 'Cybersecurity Category' means a position's or incumbent's primary work function involving cybersecurity, which is further defined by Specialty Area;
"(2) the term 'Department' means the Department of Homeland Security;
"(3) the term 'Secretary' means the Secretary of Homeland Security; and
"(4) the term 'Specialty Area' means any of the common types of cybersecurity work as recognized by the National Initiative for Cybersecurity Education's National Cybersecurity Workforce Framework report."
Cite This Page — Counsel Stack
Bluebook (online)
6 U.S.C. § 146, Counsel Stack Legal Research, https://law.counselstack.com/usc/6/146.