PIVOTT Act Revived to Tackle Growing Cybersecurity Workforce Shortages

The cyber workforce gap is one of the most pressing and persistent challenges facing the cybersecurity industry. In 2024, ISC2 found that the gap amounted to 4.8 million people globally, up 19% from the previous year. Both public and private sector organizations – including the UK’s NCSC and the SANS Institute – have introduced countless initiatives in an attempt to close the cyber workforce gap, but it keeps growing. Perhaps the US PIVOTT Act will work better? 

What is the PIVOTT Act? 

The PIVOTT Act, otherwise known by its full, monstrously long title, “Providing Individuals Various Opportunities for Technical Training to Build a Skills-Based Cyber Workforce Act of 2025,” aims to address the workforce gap through a full-scholarship program for two-year degrees, primarily at community colleges and technical schools, in exchange for a commitment to government service. 

First introduced by Congressman and Chairman of the Committee on Homeland Security Mark E. Green late last year and reintroduced in February 2024, the program will require recipients to serve at the federal, state, local, tribal, or territorial levels upon completion of their degrees.  

The PIVOTT Act primarily targets entry-level cyber talent, including both those just beginning their professional lives and those who want to transition into cyber. In many ways, it’s extremely timely: as professionals grow anxious about the possibility of job cuts caused by AI, many will be looking to start a new, future-proof career.  

“The ‘Cyber PIVOTT Act’ opens doors for professionals seeking to ‘pivot’ to the specialty of cybersecurity without a traditional four-year degree––rewarding and supporting those who use their valuable skills to protect government networks and ensuring they’re ready to work on day one,” said House Committee on Homeland Security Chairman Mark E. Green. 

Administered by the Cybersecurity and Infrastructure Security Agency (CISA), the Act streamlines the pathway into government service, including positions requiring high levels of security clearance, and will make exemptions for military members who what to build cyber skills. 

Why is the PIVOTT Act Important? 

When discussing legislation of this nature, the global context must be considered. The past few years have been the most geopolitically fraught in decades, and if the first two months of 2025 are any indication, things aren’t going to calm down anytime soon. Essentially, the cyber threat to the US government has never been greater, and the PIVOTT is a reflection of that fact. 

“Every minute our cyber professionals are unprepared to meet the moment gives foreign adversaries and opportunistic criminals the upper hand. Recognizing this threat, the ‘Cyber PIVOTT Act’ focuses on the most valuable resource for effective, whole-of-government cybersecurity––the right people in the right jobs, with the right skills, when our country needs them most,” said House Committee on Homeland Security Chairman Mark E. Green. 

More broadly, organizations of all shapes and sizes are suffering significant workforce shortages – the 2025 Fortra State of Cybersecurity Survey revealed that 45% of security leaders cite the skills gap as a top execution challenge. And, frankly, the public sector simply can’t offer the same wages as the private sector, meaning public sector organizations will be more likely to experience these shortages. 

These shortages can have serious consequences: 60% of respondents to the ISC2 survey said that skills gaps have significantly impacted their ability to secure the organization, with 58% stating that they put their organizations at significant risk.

“As threats to our critical infrastructure and civilian networks from Beijing, Tehran, and Moscow grow and AI lowers the barrier to entry for attacks, our worsening cyber workforce gap has created a dangerous homeland security threat,” said House Committee on Homeland Security Chairman Mark E. Green. 

How Can Fortra Help?

If your organization is suffering from workforce shortages, Fortra can help. Fortra provides a complete cybersecurity package that includes best-of-breed solutions across the most prevalent threat vectors. There are unlimited threats to your security, but you only need one platform for peace of mind. Here’s what Fortra offers:

• A cloud-native, multi-vector cyber defense platform

• AI-powered cyber kill chain prevention

• Intelligence across infrastructure, offensive, and data security

• Industry-renowned experts driving security solution and compliance innovations

• Consistent long-term return on security investments

• Minimal administrative overhead

Ultimately, Fortra helps improve security outcomes – detecting attacks, aggregating and correlating information, and mitigating threats – to help your team conduct more efficient operations. By simplifying administration and unifying intelligence, Fortra ensures your team can do more with less. 

Want to find out more about what Fortra can do for your organization? Contact us today.