Cybersecurity Training Is Not Optional…Unless You Are in the House

Congressional Cybersecurity Training Resolution will mandate training for elected officials.

Cybersecurity risk management is about understanding why you are a target, how you will be attacked, and the fallout if an attack is successful.

Election security is a big deal. Right now, Florida is trying to get a handle on exactly who might have  been impacted by a breach by Russian attackers and what it means for consumer privacy.

Consumer privacy is a big deal. The EU agrees and so does California.

Protecting the government supply chain is a big deal. Under DFARS 252.204-7012, anyone at a company that handles government Controlled Unclassified Information must take annual infosec training, and has been since 2017.

Government employees will tell you that information security training has been an annual requirement for years, long before private companies made it mandatory for their employees.

But elected officials have no infosec training requirement? Huh.

The Congressional Cybersecurity Training Resolution of 2019, submitted by Rep. Kathleen Rice (D-NY) and Rep. John Katko (R-NY) would (FINALLY) require House members, officers, and employees to take annual training on information security. Interestingly, last year the Senate began working to re-instate mandatory training for EMPLOYEES, but it’s unclear on the specifics for senators themselves.

When you think about it, these officials are the ones making decisions on technology, privacy, and policy that will impact us all for years to come. Having seen some pretty embarrassing question and answer sessions when elected officials quiz technology execs, clearly there is a lot of work to be done.

Just to make sure our duly elected representatives get the most out of this training, here is Sera-Brynn’s recommended starting curriculum:

Technology Basics

Getting Serious

When training parents on family safety and cybersecurity, I often use the analogy that we are digital immigrants. Our kids are digital natives.  We have to work harder to grasp the languages, customs, and rules. Our kids inherently understand and move with ease in a digital world. We remember landlines as the only form of phone communication. It’s safe to say a whole lot of elected officials are digital immigrants.

Rep. Kathleen Rice and Rep. John Katko have the right idea.

Heather EngelHeather Engel is Chief Strategy Officer of Sera-Brynn. She has nineteen years of experience in cyber security, with an emphasis on cyber risk management including regulatory compliance, incident response, crisis communications, Continuity of Operations (COOP) planning, development and exercise execution; policy development, and computer network operations.

Sera-Brynn is internationally ranked as a top-tier cybersecurity firm. Sera-Brynn is a Payment Card Industry (PCI) Qualified Security Assessor (QSA) and a certified FedRAMP assessor. To speak to a team member, contact us at or via