ASSEMBLY, No. 6103

STATE OF NEW JERSEY

219th LEGISLATURE

INTRODUCED DECEMBER 2, 2021

Sponsored by:

Assemblyman  RAJ MUKHERJI

District 33 (Hudson)

SYNOPSIS

     Requires instruction on cybersecurity in grades nine through 12; requires Office of Secretary of Higher Education to develop cybersecurity model curricula; establishes loan redemption programs for individuals in certain cybersecurity occupations.

CURRENT VERSION OF TEXT

     As introduced.

An Act concerning cybersecurity curricula, degree programs, and loan redemption programs, and supplementing Title 18A of the New Jersey Statutes.

     Be It Enacted by the Senate and General Assembly of the State of New Jersey:

     1.  As used in sections 2 and 3 of P.L.    , c.    (C.        ) (pending before the Legislature as this bill), "cybersecurity" means the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from criminal or unauthorized use or attacks.

     2.    A school district shall incorporate instruction on cybersecurity in an appropriate place in the curriculum of students in each of the grades nine through 12 as part of the district's implementation of the New Jersey Student Learning Standards in Computer Science and Design Thinking.  The instruction shall be based on the curriculum guidelines established by the Commissioner of Education pursuant to section 3 of P.L.    , c.    (C.        ) (pending before the Legislature as this bill). The instruction shall be included in the curriculum for each grade in a manner adapted to the age and understanding of the students and shall provide a thorough and comprehensive treatment of the subject.

     3.  a.  The Commissioner of Education, in consultation with the Office of Homeland Security and Preparedness and the New Jersey Cybersecurity and Communications Integration Cell, shall develop curriculum guidelines to assist school districts in implementing the instruction on cybersecurity required pursuant to section 2 of P.L.    , c.    (C.        ) (pending before the Legislature as this bill). The guidelines shall provide for a sequential course of study for each of the grades nine through 12, and shall include, but need not be limited to, the following:

     (1)   an introduction to the field of cybersecurity and definitions of terms frequently used in the field of cybersecurity;

     (2)   information concerning the proper and safe use of the Internet as well as strategies to detect solicitations of private or personal information from bad actors and how to protect private or personal information;

     (3)   an overview of the fundamentals of computer hardware and software as well as information on various computer operating systems;

     (4)   a summary of the basic and advanced skills needed to be successful in the field of cybersecurity, including computer networking and coding;

     (5)   examples of research projects and other applied activities relating to cybersecurity that school districts may offer to students; and

     (6)   information concerning post-secondary opportunities in the field of cybersecurity as well as other career pathways a student may pursue in the field of cybersecurity.

     The guidelines shall include model instructional units, define learning objectives, and recommend instructional materials suitable for each of the grades nine through 12. 

     b.    The guidelines developed pursuant to this section shall be reviewed annually and shall be updated as appropriate to ensure that the guidelines and the instruction on cybersecurity required pursuant to section 2 of P.L.    , c.    (C.        ) (pending before the Legislature as this bill) reflects the most current information available on the field of cybersecurity. 

     4.  a.  No later than one year following the date of enactment of P.L.    , c.    (C.        ) (pending before the Legislature as this bill), the Office of the Secretary of Higher Education, in consultation with the Department of Labor and Workforce Development, the Economic Development Authority, the Office of Homeland Security and Preparedness, and the New Jersey Presidents' Council, shall develop a cybersecurity model curriculum for use by four-year institutions of higher education in the State and a cybersecurity model curriculum for use by county colleges in the State.  The model curricula developed pursuant to this subsection shall be made available to assist four-year institutions of higher education and county colleges that intend to develop cybersecurity-related degree programs. 

     b.  The cybersecurity model curricula developed pursuant to subsection a. of this section shall account for academic quality and  other applicable standards required for accreditation of cybersecurity-related degree programs.  The model curricula shall, at a minimum:

     (1)   provide a comprehensive sequence of courses that will ensure adequate preparation for further postsecondary education or a career in the field of cybersecurity;

     (2)   include a list of courses that would be suitable for cybersecurity-related degree programs; 

     (3)   detail any requirements, other than coursework, that may be part of cybersecurity-related degree programs; and

     (4)   detail overall expected student outcomes for cybersecurity-related degree programs as well as expected student outcomes for individual cybersecurity courses.

     c.     As part of the development of the cybersecurity model curricula required pursuant to subsection a. of this section, the Department of Labor and Workforce Development and the Economic Development Authority, in consultation with the New Jersey Presidents' Council, shall develop and distribute to institutions of higher education cybersecurity career pathway marketing materials that provide descriptions of cybersecurity careers and the benefits of pursuing such careers.

     d.    As used in this section, "cybersecurity" means the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from criminal or unauthorized use or attacks.

     5.    As used in sections 6 through 9 of P.L.    , c.    (C.        ) (pending before the Legislature as this bill):

     "Approved cybersecurity degree program" means an undergraduate or advanced degree program, approved by the Higher Education Student Assistance Authority, for persons engaged in a cybersecurity occupation approved by the Higher Education Student Assistance Authority pursuant to subsection a. of section 6 of P.L.    , c.    (C.        )(pending before the Legislature as this bill).  

     "Authority" means the Higher Education Student Assistance Authority.

     "Cybersecurity" means the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from criminal or unauthorized use or attacks.

     "Eligible qualifying loan expenses" means the cumulative outstanding balance of qualifying student loans, including interest paid or due, covering the cost of attendance at an institution of higher education for an undergraduate or advanced degree from an approved cybersecurity degree program.

     "Executive director" means the executive director of the Higher Education Student Assistance Authority.

     "Program" means the Cybersecurity Loan Redemption Program established pursuant to section 6 of P.L.    , c.    (C.        ) (pending before the Legislature as this bill).  

     "Program participant" means a person who contracts with the authority to engage in a cybersecurity occupation in exchange for the redemption of eligible qualifying loan expenses provided under the program.

     "Qualifying student loan" means a State or federal loan for the actual costs paid for tuition and reasonable education and living expenses relating to obtaining a degree in an approved cybersecurity degree program.

     "Total and permanent disability" means a physical or mental disability that is expected to continue indefinitely or result in death and renders a program participant unable to perform that person's employment obligation, as determined by the executive director or the executive director's designee.

     6.  a.  There is established within the Higher Education Student Assistance Authority a Cybersecurity Loan Redemption Program. The program shall provide $1,000 to program participants for each year of employment in a cybersecurity occupation approved by the executive director of the authority, up to a maximum of four years, for the redemption of a portion of eligible qualifying loan expenses.  The executive director shall annually post on the authority's Internet website a list of approved cybersecurity occupations that will qualify for loan redemption under the program.

     b.  A person seeking loan redemption under the program shall submit an application to the authority pursuant to application guidelines and procedures established by the authority.  To be eligible to participate in the Cybersecurity Loan Redemption Program, an applicant shall:

     (1)  be a resident of the State and maintain residency during program participation;

     (2)  be a graduate of an approved cybersecurity degree program at an institution of higher education located in New Jersey;

     (3)  have an outstanding balance on a qualifying student loan and

not be in default on any qualifying student loan;

     (4)  be employed in an approved cybersecurity occupation with an employer located in the State; and

     (5)  satisfy any additional criteria the authority may establish.

     7.  a.  The executive director or the executive director's designee shall select the program participants from among those applicants who meet the eligibility criteria established pursuant to section 6 of P.L.    , c.    (C.        ) (pending before the Legislature as this bill), subject to the availability of funds appropriated or otherwise made available to the program.

     b.  A person who meets the eligibility requirements under section 6 of P.L.    , c.    (C.        ) (pending before the Legislature as this bill) and has been selected by the executive director or the executive director's designee for participation in the program shall enter into a written contract with the authority. The contract shall specify the dates of required employment by the program participant in an approved cybersecurity occupation and shall require the program participant to serve at least one year in an approved cybersecurity occupation. 

     c. Prior to the annual redemption of loan indebtedness, the program participant shall submit to the authority certification of full-time employment in an approved cybersecurity occupation for the full year period with an employer located in the State.

     d.  A program participant, as a condition of participation, shall be required to adhere to performance standards established by the executive director or the executive director's designee.

     e. A program participant shall be eligible for participation in the program for no more than four years.

     8.    a.  A program participant who has previously entered into a contract with the authority may nullify the agreement by notifying the authority in writing and reassuming full responsibility for the remaining outstanding balance of the loan debt. In no event shall employment for less than the full calendar year entitle the program participant to any benefits under the program.

     b.    In the case of a program participant's death or total and permanent disability, the authority shall nullify the employment obligation of the program participant. The nullification shall terminate the authority's obligations under the loan redemption contract. When continued enforcement of the contract may result in extreme hardship, the authority may nullify or suspend the employment obligation of the program participant.

     c.     In the case of a program participant's conviction of a crime or an act of gross negligence in the performance of employment obligations, or a program participant's breach of the standards established pursuant to subsection d. of section 7 of P.L.    , c.    (C.        )(pending before the Legislature as this bill) act, the executive director or the executive director's designee is authorized to terminate the program participant's participation in the program.

     9.    A person who knowingly or willfully furnishes any false or misleading information for the purpose of receiving loan redemption benefits under the program is guilty of a crime of the fourth degree.

     10.  As used in sections 11 through 14 of P.L.    , c.    (C.        )(pending before the Legislature as this bill):

     "Authority" means the Higher Education Student Assistance Authority.

     "Cybersecurity" means the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from criminal or unauthorized use or attacks.

     "Eligible qualifying loan expenses" means the cumulative outstanding balance of qualifying student loans, including interest paid or due, covering the cost of attendance at an institution of higher education for an undergraduate or advanced degree from an approved cybersecurity degree program.

     "Executive director" means the executive director of the Higher Education Student Assistance Authority.

     "Program" means the Cybersecurity Teacher Loan Redemption Program established pursuant to section 11 of P.L.    , c.    (C.        ) (pending before the Legislature as this bill).  

     "Program participant" means a person who contracts with the authority to engage in service as a teacher in a cybersecurity-related subject matter in exchange for the redemption of eligible qualifying loan expenses provided under the program.

     "Qualifying student loan" means a State or federal loan for the actual costs paid for tuition and reasonable education and living expenses relating to obtaining a degree in an approved cybersecurity degree program.

     "Total and permanent disability" means a physical or mental disability that is expected to continue indefinitely or result in death and renders a program participant unable to perform that person's employment obligation, as determined by the executive director or the executive director's designee.

     11.  a.  There is established within the Higher Education Student Assistance Authority a Cybersecurity Teacher Loan Redemption Program.  The program shall provide $1,000 to program participants for each year of service as a teacher in a cybersecurity-related subject matter, as determined by the executive director of the authority, up to a maximum of four years, for the redemption of a portion of eligible qualifying loan expenses.  The executive director shall annually post on the authority's Internet website a list of approved cybersecurity-related subject matters that will qualify for loan redemption under the program.

     b.  A person seeking loan redemption under the program shall submit an application to the authority pursuant to application guidelines and procedures established by the authority.  To be eligible to participate in the Cybersecurity Teacher Loan Redemption Program, an applicant shall:

     (1)  be a resident of the State and maintain residency during program participation;

     (2)  be a teacher of an approved cybersecurity-related subject matter, who is employed by a school district, charter school, or renaissance school project in the State;

     (3)  have an outstanding balance on a qualifying student loan and

not be in default on any qualifying student loan; and

     (4)  satisfy any additional criteria the authority may establish.

     12.  a. The executive director or the executive director's designee shall select the program participants from among those applicants who meet the eligibility criteria established pursuant to section 11 of P.L.    , c.    (C.        ) (pending before the Legislature as this bill), subject to the availability of funds appropriated or otherwise made available to the program.

     b.  A person who meets the eligibility requirements under section 11 of P.L.    , c.    (C.        ) (pending before the Legislature as this bill) and has been selected by the executive director or the executive director's designee for participation in the program shall enter into a written contract with the authority. The contract shall specify the dates of required service by the program participant as a teacher in an approved cybersecurity-related subject matter and shall require the program participant to serve at least one year as a teacher in an approved cybersecurity-related subject matter. 

     c.     Prior to the annual redemption of loan indebtedness, the program participant shall submit to the authority certification of employment in a school district, charter school, or renaissance school as a teacher of an approved cybersecurity-related subject matter for the full school year period.

     d.  A program participant, as a condition of participation, shall be required to adhere to performance standards established by the executive director or the executive director's designee.

     e.     A program participant shall be eligible for participation in the program for no more than four years.

     13.  a.  A program participant who has previously entered into a contract with the authority may nullify the agreement by notifying the authority in writing and reassuming full responsibility for the remaining outstanding balance of the loan debt. In no event shall employment for less than the full school year entitle the program participant to any benefits under the program.

     b.    In the case of a program participant's death or total and permanent disability, the authority shall nullify the employment obligation of the program participant. The nullification shall terminate the authority's obligations under the loan redemption contract. When continued enforcement of the contract may result in extreme hardship, the authority may nullify or suspend the employment obligation of the program participant.

     c.     In the case of a program participant's conviction of a crime or an act of gross negligence in the performance of employment obligations, or a program participant's breach of the standards established pursuant to subsection d. of section 12 of P.L.    , c.    (C.        ) (pending before the Legislature as this bill), the executive director or the executive director's designee is authorized to terminate the program participant's participation in the program.

     14.  A person who knowingly or willfully furnishes any false or misleading information for the purpose of receiving loan redemption benefits under the program is guilty of a crime of the fourth degree.

     15.  The State Board of Education shall promulgate rules and regulations pursuant to the "Administrative Procedure Act," P.L.1968, c.410 (C.52:14B-1 et seq.), necessary to effectuate the provisions of sections 1 through 3 of P.L.    , c.    (C.        ) (pending before the Legislature as this bill).  The Higher Education Student Assistance Authority shall promulgate rules and regulations pursuant to the "Administrative Procedure Act," P.L.1968, c.410 (C.52:14B-1 et seq.), necessary to implement the provisions of sections 5 through 9 of P.L.    , c.    (C.        ) (pending before the Legislature as this bill).  The authority, in consultation with the Department of Education, shall promulgate rules and regulations pursuant to the "Administrative Procedure Act," P.L.1968, c.410 (C.52:14B-1 et seq.), necessary to implement the provisions of sections 10 through 14 of P.L.    , c.    (C.        ) (pending before the Legislature as this bill). 

     16.  This act shall take effect immediately and sections 1 through 3 shall first apply in the first full school year following the date of enactment. 

STATEMENT

     This bill requires school districts to incorporate instruction on cybersecurity in an appropriate place in the curriculum of students in each of the grades nine through 12.  The instruction will be based on curriculum guidelines established under the bill by the Commissioner of Education in consultation with the Office of Homeland Security and Preparedness and the New Jersey Cybersecurity and Communications Integration Cell.  The curriculum guidelines would provide for a sequential course of study for each of the grades nine through 12 and include various introductory concepts and activities related to cybersecurity.

     Under the bill, the Office of the Secretary of Higher Education, in consultation with the Department of Labor and Workforce Development, the Economic Development Authority, the Office of Homeland Security and Preparedness, and the New Jersey Presidents' Council, would develop a cybersecurity model curriculum for use by four-year institutions of higher education in the State and a cybersecurity model curriculum for use by county colleges in the State.  The model curricula developed pursuant would assist four-year institutions of higher education and county colleges in developing cybersecurity-related degree programs.  The Department of Labor and Workforce Development and the Economic Development Authority, in consultation with the New Jersey Presidents' Council, are required to develop and distribute to institutions of higher education cybersecurity career pathway marketing materials that provide descriptions of cybersecurity careers and the benefits of pursuing such careers.

     The bill also creates two student loan redemption programs for individuals seeking careers in cybersecurity-related roles.  The Cybersecurity Loan Redemption Program would provide $1,000 to program participants for each year of employment in a cybersecurity occupation approved by the Executive Director of the Higher Education Student Assistance Authority, up to a maximum of four years, for the redemption of a portion of eligible qualifying loan expenses.  Among other requirements enumerated in the bill, a program participant is required to be graduate of an approved cybersecurity degree program at an institution of higher education located in New Jersey and be employed in an approved cybersecurity occupation with an employer located in the State.

     The second loan redemption program, the Cybersecurity Teacher Loan Redemption Program, would similarly provide $1,000 to program participants for each year of service as a teacher in a cybersecurity-related subject matter, as determined by the Executive Director of the Higher Education Student Assistance Authority, up to a maximum of four years, for the redemption of a portion of eligible qualifying loan expenses. Among other requirements enumerated in the bill, a program participant is required to be a teacher of an approved cybersecurity-related subject matter, who is employed by a school district, charter school, or renaissance school project in the State.