State of Texas Cybersecurity Vision
The State of Texas will use its resources efficiently, collaboratively and effectively to create a risk-aware culture that places high value on protecting information entrusted to the state, and to form a protected and resilient cybersecurity environment.
The Office of the Chief Information Security Officer
The Office of the Chief Information Security Officer (OCISO) provides statewide information security program guidance to state agencies, institutions of higher education, and other governmental entities. Led by the State of Texas Chief Information Security Officer, Nancy Rainosek, the team works to set state information security policies and standards, publish guidance on best practices, improve incident response preparedness, monitor and analyze incidents, coordinate security services, and promote information sharing throughout the public sector cybersecurity community.
If you have any questions or comments about the services we provide, please contact DIRSecurity@dir.texas.gov.
News & Updates
2018 Cybersecurity Report
Sec. 2054.0591, Government Code requires the Texas Department of Information Resources to publish a biennial report on cybersecurity by November 15th of each even-numbered years.
View the 2018 Cybersecurity Report (.pdf)
October is Cybersecurity Awareness Month!
DIR is excited to announce that we will be hosting a cybersecurity awareness PSA competition for Texas high school grades 9-12. Other events include a cybersecurity presentation at the capitol, and the HHS Cyberfair. For more information, visit our Cybersecurity Awareness Month webpage.
Agency Security Plans Due October 15, 2018
Sec. 2054.133, Government Code, requires each state agency and institution of higher education to develop an information security plan to be submitted no later than October 15 of each even-numbered year to DIR. DIR has created a Security Plan Template in the SPECTRIM portal as the mechanism for submitting the individual plans. Notable changes for this iteration of the plan include the inclusion of an executive risk acknowledgement form and four additional security objectives and controls for data security to meet requirements of HB 8, 85(R). More information and resources for completing the plan can be found on our Agency Security Plan webpage.
Prioritization of Cybersecurity and Legacy Modernization Projects (PCLS)
SB 1 85(R), Article IX, Section 9.10 (the General Appropriations Act) requires the Department of Information Resources to submit a prioritization of state agencies' cybersecurity projects and projects to modernize or replace legacy systems (as defined in the October 2014 Legacy Systems Study). These projects and their associated prioritization will be considered for funding in the agencies’ related Legislative Appropriation Requests (LAR). DIR must submit the prioritization report to the Legislative Budget Board by October 1, 2018. To be included in the prioritization effort, agencies must submit information about their requests to DIR through the SPECTRIM portal prior to the agency’s LAR due date and include the associated PCLS tracking key in their LAR submission. More information about PCLS can be obtained by emailing firstname.lastname@example.org or visiting the PCLS webpage.