On September 5, 2023, the Texas Department of Information Resources (DIR) launched a security incident reporting platform for local government agencies. This development complies with the recently enacted legislation mandating state and local governments with computers holding sensitive data to report security breaches within 48 hours of discovery. After resolving the security issue, additional information and analysis must be provided to DIR within 10 days. This reporting platform aims to improve cybersecurity efforts by swiftly identifying, addressing, and mitigating potential risks within the state’s digital infrastructure. It also facilitates better communication and cooperation between government entities, enabling them to learn from each other’s experiences and implement more robust security measures.

State Measures to Combat Cyber Threats

Tony Sauerhoff, Texas Cybersecurity Coordinator, states that requiring both state and local government bodies to report cyber-attacks delivers a more extensive understanding of the cyber risks faced by Texas. Texas’ measure is similar to recent steps taken by authorities in North Dakota and Indiana, where local governments must report cyber incidents to the state. By mandating the reporting of cyber-attacks, these states aim to improve their overall cybersecurity posture and facilitate a more coordinated response to threats. The sharing of information between entities allows for better resource allocation, faster incident response, and a heightened awareness of common vulnerabilities in the region.

Expanded Reporting Requirements in Texas

Texas law now mandates local government bodies, including counties, cities, special districts, and K-12 schools, to report cybersecurity breaches. Previously, only state agencies and higher education institutions had this obligation. Organizations required to report to an independent agency certified by the Public Utility Commission of Texas are not subject to this regulation. This new legislation is aimed at creating a more transparent system for the public while offering a comprehensive view of the state’s cybersecurity vulnerabilities and threats. It not only ensures that adequate preventive measures are in place, but also enables swift action in case of a breach to minimize potential damage to public entities and citizens of Texas.

Cybersecurity Concerns in K-12 Schools

K12 Six, a national non-profit organization dedicated to cybersecurity in public schools, has observed a growing number of ransomware and malicious cyber activities targeting K-12 school districts. These attacks have disrupted remote learning, compromised sensitive data, and left school districts scrambling to protect their systems and students. As a result, educators and IT staff are teaming up to develop comprehensive cybersecurity strategies to mitigate the risks and safeguard educational environments from future cyber threats.

Funding for K-12 Cybersecurity Initiatives

In response, the Texas Legislature granted $55 million to the Texas Education Agency, and the Biden administration introduced the K-12 Cybersecurity Act in March, which supports school districts in addressing cybersecurity threats through training and system enhancements. This influx of funding and legislative support aims to equip schools with the necessary resources to bolster their cybersecurity defenses and protect sensitive student information. As these initiatives unfold, it is crucial for educators and administrators to stay informed and proactive in establishing robust cybersecurity measures within their digital learning environments.

Reporting Cybersecurity Incidents in Texas

Local government agencies in Texas can report cybersecurity incidents using the Archer Engage secure webform offered by DIR after setting up an account. The Archer Engage secure webform serves as a crucial means of communication with DIR, ensuring that pertinent information is conveyed promptly and securely. In turn, this facilitates a more efficient and effective response to cybersecurity incidents, allowing local government agencies in Texas to protect and maintain their cyber infrastructure.

Incident Identification Numbers and Follow-Up

After submitting a report, DIR will provide an email confirmation with an incident identification number. This identification number is essential for future reference and tracking the progress of your complaint. It is highly recommended to store this number in a secure location and mention it in any further communication regarding the incident.

DIR Security Hotline for Immediate Support

Entities can also contact the DIR Security Hotline for immediate support concerning the incident. Additionally, the DIR Security Hotline ensures confidentiality and prompt assistance to address any concerns related to the incident. This resource enables entities to make well-informed decisions, implement effective countermeasures, and minimize potential damages associated with the security breach.

FAQ

Why was the security reporting platform created?

The security incident reporting platform was created to facilitate swift identification, addressing, and mitigation of potential risks within the state’s digital infrastructure. It aims to improve cybersecurity efforts and ensure better communication and cooperation between government entities.

What entities are required to report cybersecurity breaches?

Local government bodies, including counties, cities, special districts, and K-12 schools, are required to report cybersecurity breaches. State agencies and higher education institutions also have this obligation.

How does this platform help K-12 schools?

The platform ensures that K-12 schools follow adequate preventive measures for cybersecurity and enables swift action in case of a breach. This minimizes potential damage and protects the sensitive information of students, teachers, and administrators.

How can local government agencies report cybersecurity incidents?

Local government agencies in Texas can report cybersecurity incidents using the Archer Engage secure webform offered by DIR after setting up an account. This webform allows for prompt and secure communication with DIR.

What happens after submitting a report?

After submitting a report, DIR will provide an email confirmation with an incident identification number. This number is essential for future reference and tracking the progress of your complaint. It should be stored in a secure location and mentioned in any further communication regarding the incident.

Is there a hotline for immediate support?

Yes, entities can contact the DIR Security Hotline for immediate support concerning the incident. The DIR Security Hotline ensures confidentiality and prompt assistance to address any concerns related to the security breach.

First Reported on: statescoop.com
Featured Image Credit: Photo by Vivian Arcidiacono; Unsplash; Thank you!