The University of Texas Strauss Center for International Security and Law, the Center for Cybersecurity Policy and Law, and ON2IT Cybersecurity, hosted local cyber security leaders at UT Austin’s campus to discuss progress with state and local cyber resilience. More than 30 cyber security leaders from Texas agencies and cities, water and energy districts, local Department of Defense (DoD) representatives, representatives from the Cybersecurity Infrastructure Security Agency (CISA), legislative staff, and security vendors joined a half day policy roundtable to hear briefings from technical and policy experts on the State’s new Texas Cyber Command.

The discussion focused on the mission realignment of the Texas Department of Information Resources (DIR) and the newly established Texas Cyber Command, utilizing Zero Trust strategies in an era of AI, and how to improve Federal to State cyber cooperation in the face federal resource constriction and increasing threats from criminal and state-sponsored cyber threats to our national and state critical infrastructure. 

Key discussion questions included: 

• What frameworks are needed to align cyber resilience efforts across Texas government, critical infrastructure, and academia?
• What role can state-level initiatives, such as the Texas Cyber Command, play in building cyber resilience at the local level?
• How can public-private partnerships be designed to effectively share threat intelligence from the Federal level down to the front line at the city and county level?
• What next steps can interested cyber leaders take to continue building on open communications?

Key Takeaways:

1. The Role and Structure of Texas Cyber Command

Key leaders who were involved at all levels, updated the thinking around the implementation of House Bill 150 (Capriglione/Parker) which created the Texas Cyber Command to be housed at University of Texas at San Antonio (USTA). Its purpose is to centralize incident response, threat intelligence, digital forensics, training and standard setting for state/local government and critical infrastructure. 

HB 150 allocated $135 million from Texas’ 2027 general revenue, with an additional $94 million from The University of Texas system for property, building renovations and start-up costs. Key elements of the update included the command’s planned operational launch on September 1, 2025, personnel priorities, and legislative backing, particularly the migration of critical DIR services, such as the Texas Information Sharing and Analysis Organization (TX-ISAO), to be housed within the new command structure. The initiative is also expected to streamline federal partners communications, including CISA and the DoD, by co-locating in San Antonio, thereby enhancing coordination and visibility among state, local, and federal cyber stakeholders.

There was strong consensus that the command represents an opportunity to unify incident response, expand threat intelligence centralization and reach, and build systemic resilience through trusted relationships with local partners and critical infrastructure owner-operators.

2. Information Sharing and Intelligence Coordination

There was widespread agreement that Texas Cyber Command must become a convening authority and trusted facilitator of real-time, bi-directional intelligence sharing. Local authorities noted that information sharing is often aligned based on the actor type rather than impacted entities. For example if an adversary was suspected to be associated with a nation state actor, then information on an incident may be more closely held and thus restricted. These same authorities noted that regardless of who the actor was, information that could help avoid or mitigate an incident should be prioritized in sharing with those in a position to defend against it. 

Formalized governance structures and technical mechanisms are urgently needed to streamline communication between local, state, and federal level actors in cyber incidents, agnostic of the suspected actor association. Tools such as the Cybersecurity Information Sharing Act of 2015 were sighted as critical to ensuring the public sector entities that hold intelligence can work with targeted or impacted private sector infrastructure owners and operators. Attendees were hopeful that as information sharing remained a key mandate of the new Texas Cyber Command, that streamlining information and intelligence sharing coordination would be a near term priority.

3. Zero Trust as a Foundational Cyber Resilience Strategy

The Texas DIR’s 2022–2026 State Strategic Plan for Information Resources Management explicitly recommends that public sector agencies "explore a zero‑trust model as a long‑term approach to reducing vulnerabilities," especially in hybrid and cloud environments. 

This directive is part of a broader mandate assessing identity-based access controls and minimizing third-party risk. The strategic plan also mandated regional cybersecurity working groups and required agencies to establish baseline practices like multifactor authentication and network segmentation — all of which align with the core tenets of zero trust. 

With this significant focus on a zero trust strategy at the state and local level, George Finney of the University of Texas System, was invited to lead a discussion on utilizing zero trust strategy in the age of generative AI tool adoption. He emphasized that zero trust should not be viewed as a standalone product, but rather as a comprehensive framework for wraparound security assurance. This distinction is especially critical in the AI era, where models are often designed to “trust” inputs too readily. 

To illustrate the importance of security fundamentals, Finney used analogies from restaurant logistics, underscoring the need for clear access controls, clean and vetted data inputs, and strong model governance. He cautioned against the rapid integration of AI technologies into core infrastructure without adequate security guardrails. 

The discussion reaffirmed a shared consensus among participants that Zero Trust is essential for strengthening State, Local, Tribal, and Territorial (SLTT) infrastructure. However, they acknowledged the need to tailor implementation to the resource constraints of smaller entities. In this context, the Texas Cyber Command was identified as a key resource for helping local governments operationalize Zero Trust principles effectively.

Conclusion and Recommendations: Trust-Building, Intelligence Sharing, and Zero Trust Best Practices

To maximize its impact, the Texas Cyber Command should prioritize:

1. Standing Up a Fusion Center-like Intelligence Apparatus -  To enhance SLTT cyber defense capabilities, the establishment of a fusion center–like intelligence apparatus is recommended. This centralized entity would serve as a “single front door” for inquiries and coordination, simplifying access to support and collaboration across SLTT stakeholders. It would provide clear, standardized guidance on incident reporting and improve the speed and consistency of intelligence dissemination. Addressing existing legal and procedural bottlenecks through standardized memoranda of understanding (MOUs) and data-sharing agreements would further facilitate cooperation. To support timely and secure information exchange, the apparatus should also implement technical platforms that allow for fast, anonymized sharing of threat 
2. Creating Structured Forums for Policy Solution Exchanges - Additionally, structured forums for ongoing policy solution exchange are essential to foster collaboration across sectors. These forums should include participants from academia, the private sector, and municipal entities to ensure diverse perspectives and expertise. Regular engagements would help build trust, facilitate the onboarding of local organizations into broader state and federal cybersecurity ecosystems, and dismantle persistent information silos. Such a structure encourages a continuous and proactive approach to threat response and innovation.
3. Promoting Zero Trust Adaptation for SLTT Contexts - Finally, there is a strong need to promote Zero Trust strategies and solutions tailored to the operational realities of SLTT organizations. This includes providing templated security policies, bulk license opportunities, and model network architectures specifically designed for small municipalities and critical infrastructure operators. Furthermore, subsidized access to Zero Trust–aligned tools and services—facilitated through state-level procurement channels would help overcome resource constraints and accelerate secure modernization efforts at the local level.

The Roundtable underscored the leadership role Texas has taken with regard to SLTT cyber resilience while discussing the urgent need for a further unified, coordinated cyber defense strategy and resources for at-risk entities. The launch of the Texas Cyber Command is a pivotal development, but its effectiveness will hinge on the trust it builds among SLTT stakeholders and its ability to scale knowledge-sharing and operational collaboration.

‍