HB 3834 Compliance | Texas DIR Cybersecurity Training

HB 3834 Compliance | Texas DIR Cybersecurity Training

It’s probably on your to-do list: find out exactly how to meet the requirements of Texas Cybersecurity Awareness Training, which was mandated by House Bill 3834.

This article was written to help you do just that!

HB 3834 passed a year ago, so let’s give you the information you need to know right now so you can cross Texas mandatory cybersecurity training off your to-do list.

By June 2020, people who are required to take the training must have completed a certified cybersecurity training course pre-approved by the Texas DIR.

The remainder of this article will answer these questions:

  1. Who EXACTLY has to take the mandated HB 3834 training?
  2. Where can you find properly certified instructors for Texas cybersecurity training?
  3. Why is this mandatory? Is cybersecurity awareness truly necessary?
  4. What are we supposed to learn with Texas DIR cybersecurity training?

Who Has To Take Texas Mandatory Cybersecurity Training as Required by Texas DIR HB 3834?

Sometimes in haste, the bill is described as something affecting all Texas state and local government employees.

That’s not actually true. It’s not all, but it certainly is most, especially at the local level. Here are the rules for who has to take the training as described by the DIR (Department of Information Resources) themselves.

Scope of Texas HB 3834 Cybersecurity Training

  •  State Agencies – Employees who use a computer to complete at least 25 percent of the employee’s required duties, and elected or appointed officers of the agency.
  • Local Government Entities – Employees who have access to a local government computer system or database, and elected officials.
  • Contractors of State Agencies – Those contractors who have access to a state computer system or database must complete training during the term of the contract and during any renewal period.

This encompasses a large group of people from utility bill specialists to teachers. If you’re still unsure if you have to take the Texas mandatory cybersecurity training, call us at CIMA Managed Technology Services at (972) 499 - 8260 and we'll help you figure it out.


Where To Find Approved Texas DIR Cybersecurity Training

Fortunately, this is one of the easiest parts. You've already found it! Cima Solutions Managed IT is on the Texas DIR approved vendor list, so you can access the training through us.

As a full-service Managed IT Solutions group, we’ve got you covered!

We’ve formed a partnership with the internationally recognized cybersecurity training firm, KnowBe4. One of the world’s largest cybersecurity authorities, KnowBe4 has been rated top in the cybersecurity training industry by global research from Gartner for years now.

It Takes One To Know One!

The story behind Know Be 4 is quite unique.

When investigators try to solve a crime, they always try to “get inside” the mind of the perpetrator. Who knows a cybercriminal’s mind better than a cybercriminal?

One of the founding experts at KnowBe4 is the famous reformed cybercriminal, Kevin Mitnick. The subject of two movies, Kevin is now considered one of the best teachers in the world on how to avoid cybercrime.KnowBe4 graphic for phishing after implemenation

The business founder of Know Be 4 is a successful entrepreneur named Stu Sjouwerman (pronounced “shower-man”). He has over thirty years of experience in the field of IT Managed security.

We have full and complete confidence in the cybersecurity training offered by KnowBe4. Our contract with the state allows for you to receive a discount from the usual price.

The Story Behind Why HB 3834 Was Passed

Passed with a great sense of urgency, HB 3834 was the result of a dark time that began in August 2019. It’s now known as a scary first in the battle against cybercrime.

You probably saw it on the news. 22 Texas towns were attacked at once by foreign cybercriminals. They hacked into and froze all their municipal website data.

It was the first time such a massive, coordinated attack had ever happened. Officials described the repercussions as being as damaging as if the crooks had personally walked right into City Hall and ripped everything to shreds.

Victims were mostly small rural towns with easy-to-hack websites. Described by investigators as a crime of opportunity, these folks were hit - not because they represented small Texas towns, but because they were simple websites built without proper safety precautions.

Keene, Texas, a population of 6,100 in East-Central Texas, was one of the towns hit. Keene Mayor Gary Heinrich said hackers demanded a ransom of $2.5 million.

Infographic on cyber ransom payments and data loss

Similar attacks have skyrocketed across America in recent years because perpetrators can net a lot of money. According to a 2019 report from CyberEdge, 45 percent of organizations hit with ransomware paid the ransom, and a good chunk of them never got their data back. That means nearly half had no adequate backup, so were stuck on the losing end of a very expensive crime.

Governments are less likely to pay than businesses, but sometimes, the inability to restore backups leaves no other option. In Lake City, Florida, a town of about 12,000 residents, officials paid nearly half a million in bitcoin, the preferred payment among cybercriminals since it’s untraceable.

The state of Texas rightly reacted to this massive breach by passing HB 3834, creating the mandatory cybersecurity regulations. The mission is to teach people simple precautions to avoid cyberattacks in the first place.

What Will You Learn with DIR Mandatory Cybersecurity Training?

Let’s take a quick cybersecurity awareness quiz and see how much you already know. If you want to be safe on the internet from all manner of cybercrime, which should you choose?

A. Spend top-dollar to buy the best software and systems available
B. Train your employees not to fall for common cybersecurity tricks

Believe it or not, the answer is to invest in employee training because a whopping 90% of all cyberattacks are caused by human error, usually due to a lack of knowledge!

Crooks actually target human error and ignorance because they know that’s the easiest way in.

Without even realizing it, employees inadvertently invite trouble by not being able to recognize what cyberattacks actually look like. With our cybersecurity awareness training, we’ll walk you through simulated attack scenarios so you’ll see exactly how it can happen. You can’t be fooled again.

Using simulated attacks based on actual threats, cybersecurity awareness training will give you the knowledge you need to thwart the crooks. The threat is real and the solutions begin with you.

Our representative at KnowBe4 is offering a free 30-minute demo to show you just what the program is like. If you need to sign up for Texas mandatory cybersecurity training, just click this link. Our Account Manager will reach out to you with all the information you need.

We’re glad you stopped by our website. We’re happy to help you complete the requirements for Texas DIR security awareness training!

Leave a comment!

Your email address will not be published. Required fields are marked *