|
House Bill 8 |
House Author: Capriglione et al. |
|
Effective: 9-1-17 |
Senate Sponsor: Nelson et al. |
House Bill 8, the Texas Cybersecurity Act, amends the Election Code and Government Code to set out provisions relating to cybersecurity for state agency information resources. The bill, among other provisions, requires the Department of Information Resources (DIR) to develop a plan to address cybersecurity risks and incidents in Texas and to establish an information sharing and analysis center for state agencies to share information regarding cybersecurity threats, best practices, and remediation strategies and sets out certain notification requirements for applicable state agencies in the event of a breach, suspected breach, or unauthorized exposure of government information. The bill provides for the composition and duties of the cybersecurity council; a biennial state agency information security assessment and report of each state agency's information resources systems, network systems, digital data storage systems, digital data security measures, and information resources vulnerabilities; a biennial data security plan for online and mobile applications for each state agency other than a public institution of higher education; and the adoption and implementation of a policy for data security procedures for online and mobile applications by each public institution of higher education.
House Bill 8 requires the secretary of state to conduct an election cyber attack study and prepare related reports. The bill provides for the establishment of the Senate Select Committee on Cybersecurity and House Select Committee on Cybersecurity. The bill also includes among the criteria the Sunset Advisory Commission must consider during sunset review an assessment of a state agency's cybersecurity practices using confidential information available from DIR or any other appropriate state agency.