88R3800 SCP-F
By: Capriglione H.B. No. 2156
A BILL TO BE ENTITLED
AN ACT
relating to the position of chief information security officer in
the Department of Information Resources.
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS:
SECTION 1. Subchapter N-1, Chapter 2054, Government Code,
is amended by adding Section 2054.510 to read as follows:
Sec. 2054.510. CHIEF INFORMATION SECURITY OFFICER. (a) In
this section, "state information security program" means the
policies, standards, procedures, elements, structure, strategies,
objectives, plans, metrics, reports, services, and resources that
establish the information resources security function for this
state.
(b) The department shall employ a chief information
security officer.
(c) The chief information security officer shall oversee
cybersecurity matters for this state including:
(1) implementing the duties described by Section
2054.059;
(2) responding to reports received under Section
2054.1125;
(3) developing a statewide information security
framework;
(4) overseeing the development of statewide
information security policies and standards;
(5) developing, in coordination with state agencies,
local governmental entities, and other entities operating or
exercising control over state information systems or
state-controlled data, information security policies, standards,
and guidelines to strengthen this state's cybersecurity;
(6) overseeing the implementation of the policies,
standards, and guidelines developed under Subdivisions (3), (4),
and (5);
(7) providing information security leadership,
strategic direction, and coordination for the state information
security program; and
(8) providing strategic direction to:
(A) the network security center established
under Section 2059.101, Government Code; and
(B) statewide technology centers operated under
Subchapter L.
(d) Not later than November 15 of each even-numbered year,
the chief information security officer shall submit a written
report on the status and effectiveness of the state information
security program to:
(1) the executive director;
(2) the governor;
(3) the lieutenant governor;
(4) the speaker of the house of representatives; and
(5) each standing committee of the legislature with
primary jurisdiction over matters related to the department.
SECTION 2. This Act takes effect September 1, 2023.