Expanding Cybersecurity Workforce Act of 2025
Summary
What This Bill Does
The Expanding Cybersecurity Workforce Act of 2025 expands CISA Cybersecurity Education and Training Assistance Program. Within 180 days, the CISA Director must establish a program to promote cybersecurity careers to disadvantaged communities, including older individuals, racial and ethnic minorities, people with disabilities, geographically diverse communities, socioeconomically diverse communities, women, people from nontraditional educational paths, veterans, and formerly incarcerated individuals. To promote the program and the cybersecurity workforce, CISA must conduct outreach to educators, unions, chambers of commerce, State and local workforce development offices, private sector entities, community colleges, parents of K-12 students, and other institutions the Director considers appropriate. CISA must tailor the program to the unique needs of each region and sector across the United States. Within one year and annually after, CISA must report to the House Homeland Security Committee and Senate Homeland Security and Governmental Affairs Committee on program efficacy, impacts on the characteristics of the cyber workforce, and suggestions for Congress. The bill authorizes $20,000,000 for FY2026 and each fiscal year through FY2031 and defines disability, geographic diversity, and nontraditional educational paths.
Who Benefits and How
Disadvantaged and underrepresented people seeking cybersecurity careers benefit from targeted outreach and workforce promotion. Older workers, racial and ethnic minorities, people with disabilities, women, veterans, formerly incarcerated individuals, community college students, trade-school graduates, and other nontraditional learners benefit from explicit inclusion. Community colleges, trade schools, educators, unions, chambers of commerce, and workforce offices benefit from CISA outreach partnerships. Cybersecurity employers benefit if the program expands the talent pipeline across regions and sectors.
Who Bears the Burden and How
CISA must establish the program within 180 days, tailor it by region and sector, conduct outreach to many institution types, track workforce effects, and report annually to Congress. State and local workforce offices and education partners may need to coordinate outreach. Federal taxpayers fund the $20,000,000 annual authorization for FY2026 through FY2031. CISA must also define and operationalize categories such as geographic diversity and nontraditional educational path.
Key Provisions
- Requires CISA to establish a cybersecurity workforce outreach program within the Cybersecurity Education and Training Assistance Program within 180 days.
- Targets disadvantaged and underrepresented communities, including older individuals, racial and ethnic minorities, people with disabilities, women, veterans, formerly incarcerated individuals, and nontraditional learners.
- Requires outreach to educators, unions, chambers of commerce, workforce offices, private-sector entities, community colleges, and parents of K-12 students.
- Requires the program to be tailored to regional and sector needs.
- Requires annual reports to House and Senate homeland security committees on efficacy and workforce impacts.
- Authorizes $20,000,000 annually for FY2026 through FY2031.
Evidence Chain:
This summary is generated from the full bill text using AI analysis. Expand "Detailed Analysis" below for identified beneficiaries/burden bearers with clause-level evidence links.
At a Glance
What This Bill Does
Requires CISA to create a cybersecurity workforce outreach program for disadvantaged and underrepresented communities within 180 days, tailor it by region and sector, report annually to Congress, and authorizes $20 million annually for FY2026 through FY2031.
Key Policy Areas
Cybersecurity, Labor, Education, Technology
Primary Purpose
Requires CISA to create a cybersecurity workforce outreach program for disadvantaged and underrepresented communities within 180 days, tailor it by region and sector, report annually to Congress, and authorizes $20 million annually for FY2026 through FY2031.
Policy Domains
Substantive provisions
Identified Gains
- Disadvantaged cybersecurity trainees
- Older workers
- Racial minority workers
- Veterans
- Formerly incarcerated individuals
- Community colleges
- Trade schools
- Cybersecurity employers
Identified Costs
- CISA workforce staff
- State workforce offices
- Local workforce offices
- Education partners
- Federal taxpayers
Sponsors
Legislative Progress
In CommitteeReferred to the Subcommittee on Cybersecurity and Infrastructure Protection.
Ms. Brown (for herself, Ms. Stevens, Mrs. Ramirez, Ms. Wasserman …
Referred to the House Committee on Homeland Security.
Introduced in House
Stakeholder Effects
cui bono?How this legislation distributes effects. Mention counts reflect frequency, not effect magnitude.
Disadvantaged cybersecurity trainees, Formerly incarcerated individuals, Older workers
Bill Structure & Actor Mappings
Who is "The Secretary" in each section?
We use a combination of our own taxonomy and classification in addition to large language models to assess meaning and potential beneficiaries. High confidence means strong textual evidence. Always verify with the original bill text.
Learn more about our methodology