Building a More Secure and Prosperous Texas through Expanded Cybersecurity

1. Building a More Secure and Prosperous Texas through Expanded Cybersecurity Mary Dickerson Texas Cybersecurity, Education and Economic Development Council April 2013

2. The Texas Cybersecurity Education, and Economic Development Council (TCEEDC) • Established in 2011 by Texas Legislature (SB 988) • 9 members from government, academia, industry • Council directive - provide recommendations to: • Improve the infrastructure of the state’s cybersecurity operations with existing resources and through partnerships between government, business, and institutions of higher education • Examine specific actions to accelerate the growth of cybersecurity as an industry in Texas

3. TCEEDC SWOT Analysis

4. Advancing a Cyber Secure Infrastructure for Texas • Recommendations: • State level Coordinator for CyberSecurity within the Office of the Governor • Business Executives for Texas Security (BETS) partnership • “Cyber Star” program to foster improvement of cyber resiliency in both private and public infrastructure in the state as well as increasing public trust establishing a baseline for responsible cyber operations

5. Advancing a Cyber Secure Infrastructure for Texas • Recommendations (cont.) • Adopt the Community Cyber Security Maturity Model (CCSMM) as a State-wide guide • Update the Duties and Powers of the Texas Department of Information Resources (DIR)

7. Proposed CyberStar Program

8. Benefits of Cyber Star • Process-driven model that encourages continuous innovation with risk mitigation • Private and public sector mutually incented, and protected physically and legally • Enables application of resilience framework across all objectives: protect/deter, detect/monitor, constrain/isolate, maintain/recover, and adapt

9. Developing CyberSecurityIndustryin Tx • Recommendations: • Develop a comprehensive strategy and roadmap • Increase the number of cybersecurity practitioners in Texas • Provide a consistent voice for industry • Continue investment in higher education cybersecurity programs. • Promote collaboration, innovation, and entrepreneurship in cybersecurity

10. Creating an EnduringCybersecurityCulture in Texas • Recommendations: • Establish the BETS group to set in motion activities that will create the Texas cybersecurity education pipeline • Review and sharpen DIR’s leadership role in establishing a sustainable cybersecurity awareness program for all Texans

12. Proposed Texas Legislation • SB 1101 - Extends the Council to September 2015 (2 additional years) • SB 1102 – Establishes the state cybersecurity coordinator position and framework, allows for implementation of the  BETS/CyberStar concepts as well as any of the Council’s recommendations

13. Proposed Texas Legislation cont. • SB 1134 – Expands DIR roles to include cybersecurity initiatives for state agencies and also to promote public awareness of cybersecurity • SB 1597 – Requires state agencies to document specific information security plans and submit biannual reports to DIR

14. For More Information:TCEEDC: http://www2.dir.state.tx.us/sponsored/SB988/Pages/overview.aspxMary E. Dickerson, MBA CISSP, CISM, PMPExecutive Director, IT SecurityChief Information Security OfficerUniversity of Houston | University of Houston Systemphone: 832-842-4679email: mdickerson@uh.edu