Section 2059.104 - Center Services and Support(a) The department shall provide the following managed security services through the center: (1) real-time network security monitoring to detect and respond to network security events that may jeopardize this state and the residents of this state, including vulnerability assessment services consisting of a comprehensive security posture assessment, external and internal threat analysis, and penetration testing;(2) continuous, 24-hour alerts and guidance for defeating network security threats, including firewall preconfiguration, installation, management and monitoring, intelligence gathering, protocol analysis, and user authentication;(3) immediate incident response to counter network security activity that exposes this state and the residents of this state to risk, including complete intrusion detection systems installation, management, and monitoring and a network operations call center;(4) development, coordination, and execution of statewide cyber-security operations to isolate, contain, and mitigate the impact of network security incidents at state agencies;(5) operation of a central authority for all statewide information assurance programs; and(6) the provision of educational services regarding network security.(b) The department may provide: (1) implementation of best-of-breed information security architecture engineering services, including public key infrastructure development, design, engineering, custom software development, and secure web design; or(2) certification and accreditation to ensure compliance with the applicable regulatory requirements for cyber-security and information technology risk management, including the use of proprietary tools to automate the assessment and enforcement of compliance.Tex. Gov't. Code § 2059.104
Added by Acts 2005, 79th Leg., Ch. 760, Sec. 1, eff. 9/1/2005.