The Texas Department of Information Resources (DIR) has launched a new portal that local government entities can use to report cybersecurity incidents.
The portal brings DIR into compliance with state Senate Bill 271, which was passed earlier this year. As part of the legislation, Texas now requires local government entities such as counties, cities, special districts, and K-12 schools to report a breach or suspected breach of system security, and ransomware to DIR.
Before Senate Bill 271 took effect, only state agencies and institutions of higher education were required to report a breach or suspected breach to DIR.
Under the new law, security incidents must be submitted to DIR within 48 hours of discovery, and security incident details and analysis are due to DIR within 10 days of incident eradication, closure, and recovery. After receiving an incident submission, DIR will send an incident email confirmation with an incident identification number.
“With both state and local government entities reporting cybersecurity incidents to the state, DIR will have a more complete picture of the cyber threats Texas is facing,” State Cybersecurity Coordinator Tony Sauerhoff said. “DIR is here to assist state and local governments in the aftermath of a cyber incident. Sharing threat intelligence gained from these reports with other entities will prevent additional cyberattacks aimed at Texas.”
