Certification Standards for FY 21-22 Cybersecurity Training Programs
Texas Government Code Section 2054.5191 requires state and local government employees to annually complete a certified cybersecurity training. Texas Department of Information Resources (DIR) in consultation with the Texas Cybersecurity Council is required to certify the cybersecurity training programs and update standards for maintenance of certification.
For FY 21-22, one new criterion has been added to the certification requirements: The definition of spear phishing, and how to identify and report on spear phishing attempts.
Recertification Process for FY 21-22 Cybersecurity Training Programs
On June 1, DIR will begin accepting applications for FY 21-22 training program certifications. Training programs that were certified in FY 20-21, and have had no changes to the criteria's content, can be submitted through a Recertification Request instead of a comprehensive application. The Recertification Request will have an expedited review process and will only require submission of program content related to the new criterion.
Training programs that were certified in FY 20-21, but have had changes to the criteria's content, will need to be submitted through a comprehensive application and will go through the full review process.
DIR will post the application for training program certification on June 1 and will accept applications through July 31, 2021. DIR will publish the list of certified programs to the DIR website on August 31 for completion of the required training by June 14, 2022.
The FY 21-22 certification criteria and links to the applications will be available here: https://dir.texas.gov/View-About-DIR/Information-Security/Pages/Content.aspx?id=154.
Please direct any questions to TXTrainingCert@dir.texas.gov.