Perhaps heeding a call for cybersecurity training long advocated by experts, Congressional legislators have introduced a measure to require House members to attend mandatory cybersecurity and information technology (IT) instruction.
Under the bipartisan Congressional Cybersecurity Training Resolution, co-sponsored by New York Reps. Kathleen Rice (D) and John Katko (R), House members will join House officers and employees already required to take yearly cybersecurity and IT training.
Rice, who sits on the House Committee on Homeland Security, said it is “past time that members are held to the same standard and bear the same responsibility” as House officers and employees. “Cyberattacks continue to pose a growing and vexing threat at nearly every level of government and Congressional Offices are no exception,” she said. “If we want to effectively counter those threats, then we need to make sure members of Congress are equipped with the tools and knowledge to play an active role in this fight.”
Annual Cyber Training: The Pitch
The legislation aims to ensure that all House members and staff are fully aware of the rising threat of cyberattacks and have the necessary knowledge and skills to safeguard critical data and information on government systems, the bill’s sponsors said. New members will be required to undergo training within 30 days of beginning service to the House, and all members would be required to complete annual training by January 31st of each year.
Katko, the ranking member of the House Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection and Innovation, said it is “imperative” that members of Congress complete the same mandatory cybersecurity training as their staff. “Americans in the private and public sector are increasingly susceptible to cybersecurity attacks,” he said. “Elected officials serving the House are no exception. Members of Congress must be able to properly identify these risks.”
The resolution drew support from civil liberties and Internet freedom advocate Demand Progress. “We applaud Rep. Kathleen Rice's introduction of a resolution to strengthen Congress's cyber security posture by requiring annual training for all members of Congress, officers, and employees,” said Daniel Schuman, Demand Progress policy director. “The threat landscape is ever-changing, and her legislation is an important component of keeping the House ahead of the curve.”
It was also praised by the Washington Cyber Roundtable, a non-profit, industry liaison comprised of technology, consulting, and professional services firms affected by cybersecurity issues. “Because Congressional offices interact daily with constituents, government agencies and industry, one weak link in the institution’s cybersecurity could have disastrous ripple effects across the public and private sectors,” said Barbara George, the group’s executive director. “To truly fortify the House – and ultimately the Republic – from adversaries, cyber awareness within the institution must be all-inclusive for best practices to take root and become routine.”