VA security scholarship program delayed until 2011

Program will reimburse a handful of employees for costs of doctoral studies

A program enacted in 2006 to help the Veterans Affairs Department beef up its information security expertise by offering financial assistance to doctoral students and degree-holders still is more than a year away from awarding its first scholarship, according to a report to Congress.

The Information Security Education Assistance Program was created by Congress in the wake of the May 2006 loss of a computer drive that exposed personally identifiable information about millions of veterans and their dependents.

“The incident highlighted the seriousness of weaknesses in the department’s information security,” the Government Accountability Office wrote in a report to Congress on the progress of the program. “In testimony shortly after the breach, we noted that for many years, significant concerns had been raised about VA’s information security — particularly its lack of a robust information security program.”

To address that weakness, the program was included in the Veterans Benefits, Health Care, and Information Technology Act of 2006.

It would allow scholarships of up to $200,000 over five years for students agreeing to go to work at VA and debt repayment of up to $82,500 for current employees. But it has been bogged down in the rule-making process. The department’s general counsel made its first review of the proposed regulations for issuing the money in September but they still must be reviewed by the Office of Management and Budget and offered for public comment.

“VA officials estimate that, after the department addresses these comments and OMB performs another review, the final regulations could be issued in January 2011,” GAO said.

The earliest that a scholarship recipient could start work would be around January 2012, if one of the first recipients already is in the last year of study. Other students could take from three to six years to complete their studies. The program is set to expire in July 2017.

The purpose of the law is to “encourage the recruitment and retention of department personnel who have the information security skills necessary to meet department requirements” by providing “financial support for education in computer science and electrical and computer engineering at accredited institutions of higher education.” This would be done through scholarships for students pursuing doctoral degrees in computer science and electrical and computer engineering, and education debt reduction for VA personnel with recent doctoral degrees.

Scholarships can pay full tuition and a $1,500 monthly stipend, up to $50,000 a year and totaling no more than $200,000. In return, recipients must agree to work for the VA for at least as many years as the scholarship was provided. Debt reimbursement for qualified employees who received doctoral degrees in the past five years can be up to $16,500 a year, or up to $82,500 for five years, beginning after at least one year of employment at VA.

Preference in the program is given to veterans, especially disabled veterans, and students at schools recognized by the National Security Agency as Centers of Academic Excellence in Information Assurance Education.

Regulations are being developed by the VA’s Office of Information and Technology, but GAO reported that as of April 2008, the department’s Office of Regulation Policy and Management had not been updated on the rule-making process for a year. By January 2009 proposed regulations were sent to the VA Office of General Counsel for review, which provided initial comments in September. The rules must next be approved by the Veterans Affairs secretary before going to OMB.

VA has identified two current employees who could be eligible for debt repayment under the program. The department expects to name one scholarship candidate and three candidates for debt reduction over the next five years. Based on that, total costs of the program are estimated at $217,000 through 2015.

About the Author

William Jackson is a Maryland-based freelance writer.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Wed, Jan 6, 2010 Steve

It's not that security-related professional certifications are bad, or that requiring them for persons in security-related positions is wrong; the problem is that people in positions of authority and responsibility aren't required to obtain them, so they remain blissfully ignorant to the risks they face - until the day something bad happens. Even then, they are rarely held accountable for accepting the risk that bit them in the butt.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group