Cybersecurity Committee Update

Representatives of the TAGITM Cybersecurity Committee had a series of meetings Thursday, October 31 with State Cybersecurity Incident Response (IR) working group in Austin, as well as Department of Information Resource (DIR) leadership and a representative from DHS. Here are some of the topics that were discussed.

Incident Preparedness/Prevention

Incident Response

Communication

The meetings were productive, and our questions and input were well received. DIR is working with other agencies to identify a vetted and secure means of communication before, during and after such events.  There is also a need to have a means for local government to securely share intelligence related to malicious activity that we are seeing in our agencies. That intelligence needs to be collected, reviewed and anonymized so that it may be shared back to local government as threat intelligence. There are existing avenues such as MS-ISAC and HISN portals that may be used, but they are looking at various options.  DIR is also working on information that can be shared related to the cybersecurity response resources that are available to local government. 

With SB 64, which included cybersecurity events as incidents that could be declared a disaster, local government now has access to emergency management resources should an event be declared a disaster at either the local or state level. This is a new process. The IR working group with which we met, as well as emergency management officials across the state, are working to understand how they can best aid with a cybersecurity event, which is quite different from the natural disasters to which they most often respond. The good news is there are resources available to local government IT. IT leadership is encouraged to get to know their emergency manager/coordinator as they will be a great resource in the event of a declared disaster. 

If you have an incident with which you need help, additionally you may can call DIR directly. They can help connect you with resources to quickly and cost effectively assist with remediation and response if requested. They also work closely with other state and federal agencies. For non-urgent requests, email DIRsecurity@dir.texas.gov. If the issue is urgent, you can call DIR’s 24-hour hotline at 512-350-3282.  Contacting DIR does not replace the need to contact your emergency coordinator, local PD, cybersecurity insurance provider, etc. as applicable. 

A clearly defined process to address all the items that committee members shared in the bulleted lists above will not happen overnight. However, progress has been made to open communication channels with the officials that have the means to implement the needed processes and programs. Follow-up meetings and communication will continue.