Texas proposed that state agencies share IT security with universities – Fxsad

Texas proposed that state agencies share IT security with universities

Given the high demand for IT security talent nationwide, the Texas Department of Information Resources (DIR) has proposed allowing state and local agencies to share their dedicated information security officers (ISOs) with colleges and universities.

The recommendation outlined in the department’s 2022 biennial performance report on tracking state agencies’ technology progress states that state law requires each state agency and institution of higher education to designate an ISO, but does not allow agencies or institutions to jointly designate a common ISO. Source. According to the department’s report, changing this policy would allow colleges and universities with the capacity to share IT security expertise to fill cybersecurity administrative roles and help with limited resources struggling to retain staff.

“Authorizing state agencies and IHAs [institutions of higher education] A joint ISO, which is employed by one organization and serves simultaneously as an ISO for two or more designated entities, provides a cost-effective way to designate and resource sharing that benefits smaller agencies and IHAs,” read recommendations in the report.

According to the state’s chief information security officer, Nancy Rynocek, the recommendation is aimed at helping smaller agencies and institutions with generally less staff and funding gain the expertise they need to secure networks that are growing as digital education and telecommuting increases.

While Texas allows agencies to share information with resource managers every two years to help develop operational plans and project management practices, Rainosek said in an email. Government technology The new proposal applies this idea to ISOs. Smaller government agencies and public junior colleges are more likely to benefit if they implement this policy, she said, “with the goal of providing proper controls to prevent security incidents and respond effectively when necessary.”

“Unlike large government agencies and higher education institutions, smaller agencies often don’t have the resources to handle security full-time on their staff, and ISOs wear many hats, such as network administrator or IT manager,” she wrote. “Having the ability to ‘share’ ISOs between agencies is a priority in those smaller agencies where security is a priority. State junior colleges can also benefit from such a program.”

Allowing universities, colleges and other agencies to share cybersecurity expertise will strengthen network security as cyberattacks against government entities become more frequent and sophisticated, Rhinocek said. The need is especially important for colleges and universities battling costly data breaches and cyberattacks, such as last year’s hacker attack on the University of Texas at El Paso that shut down networks for days, and the permanent shutdown of Illinois’ Lincoln College earlier this year, as did the ransomware attacks.

“Information security threats to the public and private sector in general are evolving and increasing,” Rainosek wrote. “The goal is to equip the Texas public sector to prepare for attacks.”

Brandon Paykamian is a government technology staff writer. He has a bachelor’s degree in journalism from East Tennessee State University and years of experience as a multimedia reporter, focusing primarily on public education and higher education.

See more stories by Brandon Paykamian

Leave a Comment