Wednesday, November 2, 2022

Review - HR 9085 Introduced – Cybersecurity Clinics

In September, Rep Veasey (D,TX) introduced HR 9085, the Cybersecurity Clinics Grant Program Act. The bill would require CISA to establish a new “Cybersecurity Clinics Grant Program”. The grants would be used to fund university-based cybersecurity clinics at community colleges and minority serving educational institutions. The bill would authorize such funding as necessary to carry-out the grant program.

Moving Forward

Veasy is not a member of the House Education and Labor Committee to which this bill was assigned for consideration. This means that there is not likely to be sufficient influence to see this bill considered in Committee. While I see nothing in this bill that would engender any organized opposition to the bill, it is so vaguely worded that there would likely not be enough support for the bill to carry it through the Committee to the floor of the House were it to be considered.

This looks very much like an election year “see I am doing something about cybersecurity education” type legislation.


This is a weak bill, with no provisions concerning the administration of the grant program and no indication about how much money CISA would be expected to provide in the grants. The conflicting requirements for CISA to provide an undefined ‘experiential cybersecurity curriculum’ while requiring the agency to provide guidance to schools on how to develop the same curriculum shows how poorly thought out this proposed program really is.


For more details about the provisions of this legislation, see my article at CFSN Detailed Analysis - - subscription required.

No comments:

/* Use this with templates/template-twocol.html */