- (a) The command shall develop and annually assess best practices and minimum standards for use by governmental entities to enhance the security of information resources in this state.
- (b) The command shall establish and periodically assess mandatory cybersecurity training that must be completed by all information resources employees of state agencies. The command shall consult with the Information Technology Council for Higher Education established under Section 2054.121 regarding applying the training requirements to employees of institutions of higher education.
- (c) Except as otherwise provided by this subsection, the command shall adopt policies to ensure governmental entities are complying with the requirements of this section. The command shall adopt policies that ensure that a person who is not a citizen of the United States may not be a member, employee, contractor, volunteer, or otherwise affiliated with the command or any entity or organization established or operated by the command under this chapter.
Added by Acts 2025, 89th Leg., R.S., Ch. 331 (H.B. 150), Sec. 1, eff. September 1, 2025.