Honorable Charles Schwertner, Chair, Senate Committee on Business & Commerce
FROM:
Jerry McGinty, Director, Legislative Budget Board
IN RE:
SB1204 by Paxton (Relating to state and local government information technology infrastructure, information security, and data breach and exposure reporting.), As Introduced
No significant fiscal implication to the State is anticipated.
The bill would amend Government Code Sec. 2054.068, requiring the Department of Information Resources (DIR) to rate the security maturity of state agencies. It would also authorize DIR to audit agencies with certain ratings and make recommendations for improvements.
The bill would amend Government Code Sec. 2054.0594 to allow, but not require, DIR to establish an interstate information sharing and analysis organization (ISAO) to provide a forum for states to share information regarding cybersecurity threats, best practices, and remediation strategies.
The bill would modify the use of the Technology Improvement and Modernization Fund.
It is assumed that any costs associated with the bill could be absorbed using existing resources.
Local Government Impact
The bill would require local government entities to report security incidents to DIR. Is is assumed that any costs associated with this reporting process could be absorbed using existing resources.