By: Parker S.B. No. 621
(In the Senate - Filed January 26, 2023; February 17, 2023,
read first time and referred to Committee on Business & Commerce;
March 16, 2023, reported adversely, with favorable Committee
Substitute by the following vote: Yeas 11, Nays 0; March 16, 2023,
sent to printer.)
Click here to see the committee vote
COMMITTEE SUBSTITUTE FOR S.B. No. 621 By: Birdwell
A BILL TO BE ENTITLED
AN ACT
relating to the position of chief information security officer in
the Department of Information Resources.
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS:
SECTION 1. Subchapter N-1, Chapter 2054, Government Code,
is amended by adding Section 2054.510 to read as follows:
Sec. 2054.510. CHIEF INFORMATION SECURITY OFFICER. (a) In
this section, "state information security program" means the
policies, standards, procedures, elements, structure, strategies,
objectives, plans, metrics, reports, services, and resources that
establish the information resources security function for this
state.
(b) The executive director, using existing funds, shall
employ a chief information security officer.
(c) The chief information security officer shall oversee
cybersecurity matters for this state including:
(1) implementing the duties described by Section
2054.059;
(2) responding to reports received under Section
2054.1125;
(3) developing a statewide information security
framework;
(4) overseeing the development of statewide
information security policies and standards;
(5) developing, in coordination with state agencies,
local governmental entities, and other entities operating or
exercising control over state information systems or
state-controlled data, information security policies, standards,
and guidelines to strengthen this state's cybersecurity;
(6) overseeing the implementation of the policies,
standards, and guidelines developed under Subdivisions (3), (4),
and (5);
(7) providing information security leadership,
strategic direction, and coordination for the state information
security program;
(8) providing strategic direction to:
(A) the network security center established
under Section 2059.101; and
(B) statewide technology centers operated under
Subchapter L; and
(9) overseeing the preparation and submission of the
report described by Section 2054.0591.
SECTION 2. This Act takes effect September 1, 2023.
* * * * *