By: Nelson, West S.B. No. 820
 
 
A BILL TO BE ENTITLED
 
AN ACT
  relating to a requirement that a school district develop and
  maintain a cybersecurity framework.
         BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS:
         SECTION 1.  Subchapter D, Chapter 11, Education Code, is
  amended by adding Section 11.175 to read as follows:
         Sec. 11.175.  DISTRICT CYBERSECURITY. (a)  In this section:
               (1)  "Cyber attack" means an attempt to damage,
  disrupt, or gain unauthorized access to a computer, computer
  network, or computer system.
               (2)  "Cybersecurity" means the measures taken to
  protect a computer, computer network, or computer system against
  unauthorized use or access.
         (b)  Each school district shall develop and maintain a
  cybersecurity framework for:
               (1)  the securing of district cyberinfrastructure
  against cyber attacks and other cybersecurity incidents; and
               (2)  cybersecurity risk assessment and mitigation
  planning.
         (c)  A school district's cybersecurity framework must be
  consistent with the information security standards for
  institutions of higher education adopted by the Department of
  Information Resources under Chapters 2054 and 2059, Government
  Code.
         (d)  The superintendent of each school district shall
  designate a cybersecurity coordinator to serve as a liaison between
  the district and the agency in cybersecurity matters. 
         (e)  The district's cybersecurity coordinator shall report
  to the agency any cyber attack, attempted cyber attack, or other
  cybersecurity incident against the district cyberinfrastructure as
  soon as practicable after the discovery of the attack or incident. 
         SECTION 2.  This Act takes effect September 1, 2019.