Bill Text: TX SB820 | 2019-2020 | 86th Legislature | Introduced
NOTE: There are more recent revisions of this legislation. Read Latest Draft
Bill Title: Relating to a requirement that a school district adopt a cybersecurity policy.
Spectrum: Bipartisan Bill
Status: (Passed) 2019-06-10 - Effective on 9/1/19 [SB820 Detail]
Download: Texas-2019-SB820-Introduced.html
Bill Title: Relating to a requirement that a school district adopt a cybersecurity policy.
Spectrum: Bipartisan Bill
Status: (Passed) 2019-06-10 - Effective on 9/1/19 [SB820 Detail]
Download: Texas-2019-SB820-Introduced.html
| 86R7097 TSS-D | ||
| By: Nelson | S.B. No. 820 | |
|
|
||
|
|
||
| relating to a requirement that a school district develop and | ||
| maintain a cybersecurity framework. | ||
| BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS: | ||
| SECTION 1. Subchapter D, Chapter 11, Education Code, is | ||
| amended by adding Section 11.175 to read as follows: | ||
| Sec. 11.175. DISTRICT CYBERSECURITY. (a) In this section: | ||
| (1) "Cyber attack" means an attempt to damage, | ||
| disrupt, or gain unauthorized access to a computer, computer | ||
| network, or computer system. | ||
| (2) "Cybersecurity" means the measures taken to | ||
| protect a computer, computer network, or computer system against | ||
| unauthorized use or access. | ||
| (b) Each school district shall develop and maintain a | ||
| cybersecurity framework for: | ||
| (1) the securing of district cyberinfrastructure | ||
| against cyber attacks and other cybersecurity incidents; and | ||
| (2) cybersecurity risk assessment and mitigation | ||
| planning. | ||
| (c) A school district's cybersecurity framework must be | ||
| consistent with the information security standards for | ||
| institutions of higher education adopted by the Department of | ||
| Information Resources under Chapters 2054 and 2059, Government | ||
| Code. | ||
| (d) The superintendent of each school district shall | ||
| designate a cybersecurity coordinator to serve as a liaison between | ||
| the district and the agency in cybersecurity matters. | ||
| (e) The district's cybersecurity coordinator shall report | ||
| to the agency any cyber attack, attempted cyber attack, or other | ||
| cybersecurity incident against the district cyberinfrastructure as | ||
| soon as practicable after the discovery of the attack or incident. | ||
| SECTION 2. This Act takes effect September 1, 2019. | ||
