Cybersecurity

State-Mandated Cybersecurity Training

Texas Government Code Section 2054.5191 mandates cybersecurity training for local government employees, elected officials, and appointed officials who have access to a local government computer system or database and use a computer to perform at least 25 percent of their duties. Click here for the Pool's DIR-certified training options.

TML Risk Pool/CISA Offering No-Cost Tabletop Exercise Training

Been meaning to run a tabletop exercise but don’t have the time or resources?  You’re in luck! The TML Risk Pool and the federal Cybersecurity and Infrastructure Security Agency are partnering to help you out – for FREE. In a hands-on, in-person workshop, we’ll show you how to run an exercise with facilitated discussions, scenario-driven problem-solving, and expert insights. No prior experience is necessary. This is a learning opportunity for participants at all levels of cybersecurity familiarity. We’ll be doing several of these across the state over the coming months. Click here for more info or to find a future event near you!

Cyber Liability Coverage and Related Resources

Cyber threats are becoming increasingly common, and governmental entities are being directly targeted. The Pool’s cyber coverage is designed to protect both individual Members and the partnership itself. Most importantly, the Pool provides resources to help you avoid an attack. Many of the Pool's services are provided through ERiskHub, including:

The Cyber Squad Provides these No Cost Pre-Breach Services 

  • Cybersecurity Best Practices
  • Information Security Policy Review/Development
  • Incident Response Plan Review
  • Risk Assessment Assistance
  • Table-Top Cybersecurity Exercises
  • Disaster Recovery Planning
  • Cybersecurity Training
  • Information Security Job Descriptions

Post-Breach Services

  • Privacy Breach Response Services
  • Notification of Affected Individuals
  • Call Center Support
  • Breach Resolution
  • Legal Services
  • Computer Expert Services
  • Public Relations and Crisis Management Services

Cyber Grant Program 

Simulated Phishing Exercises: We send emails to your employees to test their awareness of the techniques used by cybercriminals. We also provide video training to help identify red flags contained in those emails.

CyberAssess Network Scan: We identify vulnerabilities and provide the results compared against the National Institute of Standards and Technology (NIST) Framework, which is a set of guidelines for mitigating organizational cybersecurity risks.

Cyber Training 

Check out the Cyber Squad's YouTube Channel for cyber training videos and the following episodes in the squad's October 2024 video podcast series:

Ep. 1 - The Current Cybersecurity Threat Landscape: Hear about password complexity, current breach statistics, and much more.

Ep. 2 - Reducing the Risk of a Ransomware Attack: Hear about data backups, patch management, user awareness, and organizational culture.

Ep. 3 - Recognizing Phishing Attack Types: Hear about tactics such as phishing, spear-phishing, smishing, and quishing, and how to avoid being a victim.

Ep. 4 - Stay Safer with “MFA”: Hear about what MFA does for an organization, which accounts should have MFA enabled, and why should you be using it now.

Ep. 5 - Why Proper Data Backups Matter: Hear about the 3-2-1 backup strategy, offline backups, and recovery time objective/recovery point objective considerations.

Ep. 6 - Cyber Squad Services: Hear about the no-cost services provided to TML Risk Pool Members by the Cyber Squad, as well as information on obtaining a .gov domain and the recent TikTok ban. 

Ep. 7 - Planning for the Unexpected:  Business Impact Analyses, Business Continuity Plans, Incident Response Plans, and More.

Ep. 8 - Five Questions Every City Leader Should Be Asking Their IT and Their Staff.

 

 

''