The new reporting obligation — which gives local governments a 48-hour window — was passed on Sept. 1 and applies to counties, cities, special districts, schools and more. If any of these local entities are hit with ransomware or if they discover — or even suspect — a system security breach, they must inform the Texas Department of Information Resources (DIR). Local governments then must follow up within 10 days of “incident eradication, closure and recovery” to give the DIR their analysis of the incident, per a press release emailed to media.
State agencies and higher education institutions were already required to report to DIR. State entities will continue following existing reporting processes; the new portal is just for local governments.
“With both state and local government entities reporting cybersecurity incidents to the state, DIR will have a more complete picture of the cyber threats Texas is facing,” State Cybersecurity Coordinator Tony Sauerhoff said in a press release. “DIR is here to assist state and local governments in the aftermath of a cyber incident. Sharing threat intelligence gained from these reports with other entities will prevent additional cyber attacks aimed at Texas.”
This story is excerpted from a longer item that originally ran in Government Technology, a sister publication to Industry Insider — Texas.