Cybersecurity

State-Mandated Cybersecurity Training

Texas Government Code Section 2054.5191 mandates cybersecurity AND artificial intelligence training for local government employees, elected officials, and appointed officials who have access to a local government computer system or database and use a computer to perform at least 25 percent of their duties. The Pool is preparing compliant training courses that will be available in early 2026. A notification email will be sent to all fund contacts when the training is live. Please check this page for updates, as well. 

Cyber Liability Coverage and Related Resources

Cyber threats are becoming increasingly common, and governmental entities are being directly targeted. The Pool’s cyber coverage is designed to protect both individual Members and the partnership itself. Most importantly, the Pool provides resources to help you avoid an attack. Many of the Pool's services are provided through ERiskHub, including:

Post-Breach Services

  • Privacy Breach Response Services
  • Notification of Affected Individuals
  • Call Center Support
  • Breach Resolution
  • Legal Services
  • Computer Expert Services
  • Public Relations and Crisis Management Services

Cyber Grant Program 

Simulated Phishing Exercises: We send emails to your employees to test their awareness of the techniques used by cybercriminals. We also provide video training to help identify red flags contained in those emails.

CyberAssess Network Scan: We identify vulnerabilities and provide the results compared against the National Institute of Standards and Technology (NIST) Framework, which is a set of guidelines for mitigating organizational cybersecurity risks.

Cyber Training 

Check out the Cyber Squad's YouTube Channel for cyber training videos and the following episodes in the squad's October 2024 video podcast series:

Ep. 1 - The Current Cybersecurity Threat Landscape: Hear about password complexity, current breach statistics, and much more.

Ep. 2 - Reducing the Risk of a Ransomware Attack: Hear about data backups, patch management, user awareness, and organizational culture.

Ep. 3 - Recognizing Phishing Attack Types: Hear about tactics such as phishing, spear-phishing, smishing, and quishing, and how to avoid being a victim.

Ep. 4 - Stay Safer with “MFA”: Hear about what MFA does for an organization, which accounts should have MFA enabled, and why should you be using it now.

Ep. 5 - Why Proper Data Backups Matter: Hear about the 3-2-1 backup strategy, offline backups, and recovery time objective/recovery point objective considerations.

Ep. 6 - Cyber Squad Services: Hear about the no-cost services provided to TML Risk Pool Members by the Cyber Squad, as well as information on obtaining a .gov domain and the recent TikTok ban. 

Ep. 7 - Planning for the Unexpected:  Business Impact Analyses, Business Continuity Plans, Incident Response Plans, and More.

Ep. 8 - Five Questions Every City Leader Should Be Asking Their IT and Their Staff.

Ep. 9. - Fire Drills for Cyber Disasters: Do You Pass the Test? Hear about the importance of having a disaster recovery plan and practicing the plan using a tabletop exercise.  

Ep. 10 - Cyber Resources Available From UT-Austin With Special Guest, Cam Beasley.

Ep. 11 - Cyber Resources Available from UT-San Antonio CIAS, with Special Guest Natalie Sjelin.