86R32465 TSS-D
By: Nelson, et al. S.B. No. 820
(Meyer)
Substitute the following for S.B. No. 820: No.
A BILL TO BE ENTITLED
AN ACT
relating to a requirement that a school district adopt a
cybersecurity policy.
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS:
SECTION 1. Subchapter D, Chapter 11, Education Code, is
amended by adding Section 11.175 to read as follows:
Sec. 11.175. DISTRICT CYBERSECURITY. (a) In this section:
(1) "Cyber attack" means an attempt to damage,
disrupt, or gain unauthorized access to a computer, computer
network, or computer system.
(2) "Cybersecurity" means the measures taken to
protect a computer, computer network, or computer system against
unauthorized use or access.
(b) Each school district shall adopt a cybersecurity policy
to:
(1) secure district cyberinfrastructure against cyber
attacks and other cybersecurity incidents; and
(2) determine cybersecurity risk and implement
mitigation planning.
(c) A school district's cybersecurity policy may not
conflict with the information security standards for institutions
of higher education adopted by the Department of Information
Resources under Chapters 2054 and 2059, Government Code.
(d) The superintendent of each school district shall
designate a cybersecurity coordinator to serve as a liaison between
the district and the agency in cybersecurity matters.
(e) The district's cybersecurity coordinator shall report
to the agency any cyber attack or other cybersecurity incident
against the district cyberinfrastructure that constitutes a breach
of system security as defined by Section 521.053, Business &
Commerce Code, as soon as practicable after the discovery of the
attack or incident.
SECTION 2. This Act takes effect September 1, 2019.