Texas Awards InfoSec Training Contract


The Texas Department of Information Resources (DIR) will soon have an information security and cybersecurity training program. The Department has awarded a contract to Learning Tree International to administer the program. As the lead agency for Texas information and technology resources, DIR provides security and educational training opportunities for state government security professionals. The contract will be in place until 2022.

Learning Tree provides IT certification training to public and private sector organizations and can provide online live training in addition to on-demand module style learning.

Texas had $77.1 million in cyber losses in 2016 according to a report from the Internet Crime Complaint Center and since then, the state has been working through various agencies to harden its online infrastructure and train public sector employees. “Vigilance is our best protection against known and unknown bad actors,” said Nancy Rainosek, State of Texas Chief Information Security Officer.

Texas’ DIR created a cybersecurity council last year made up of local private sector cybersecurity professionals. The council is tasked with making recommendations to government for initiatives like the Learning Tree program. Earlier this month, Texas also announced that it would be working with Deloitte to overhaul Texas.gov in order to improve service delivery for residents when they use government services online. The project will also update technology for mobile responsiveness and improved security.

In the wake of several high profile cyber attacks that have targeted state and local government agencies and infrastructure, many policymakers are looking for new ways to train government workers quickly. As CivSource previously reported, the most recent Verizon Data Breach Information Report shows that humans continue to be the weakest link when it comes to information security. Individuals are susceptible to social engineering and phishing style attacks where adversaries pretend to be in positions of authority and ask for sensitive information. Verizon’s report also showed that when it comes to public sector cyberattack, adversaries are often state-sponsored actors with espionage as a motive.

Systems in Atlanta’s city government were offline for several days earlier this year after cyberattackers used ransomware to hold computers and other municipal systems hostage. There have also been similar attacks in North Carolina, Baltimore and San Francisco. As with phishing attacks, humans can fall prey to ransomware by inadvertently opening attachments or clicking on links that appear to be legitimate.