The bill puts Texas on a “path toward resiliency” that will help governments and communities respond to and recover from cyber incidents, said Rep. Giovanni Capriglione, the bill’s author.
“Cyber attacks from criminal networks and adversarial nation-states have grown exponentially year over year. This jeopardizes the security of our hospitals, schools, cities, counties and critical infrastructure to meet the increasing threat,” he said.
The legislation passed the GOP-dominated House 133-12. Identical legislation is awaiting a hearing in the Senate.
House Bill 150 would spend $135 million over the next two years to create the Texas Cyber Command, administered through the University of Texas System and based at the University of Texas-San Antonio. The command’s primary duties would include cybersecurity threat response, management, forensics, and training.
The center would collaborate with the region’s existing cybersecurity infrastructure, which includes an office of the Federal Bureau of Investigation’s cyber crime division, Capriglione said..
Republican Gov. Greg Abbott made the creation of the command an emergency item for the Legislature this session, saying Texas must fortify its infrastructure against cyberattacks from hostile foreign countries like China, Iran and Russia. He also has directed lawmakers to harden the state’s online systems and its water and grid infrastructure.
The state now manages cybersecurity threats through the Department of Information, which also oversees procurement and information gathering, agency websites, and similar IT duties.
The legislation removes cybersecurity from the DIR as a primary responsibility, with the cyber command serving as a clearinghouse for the diffused system now in place to deal with online threats.
Its location in San Antonio puts the center near one of the nation’s strongest cybersecurity infrastructure centers, with resources such as the Federal Bureau of Investigation’s cyber division. UTSA is also a national hub for cybersecurity innovation, said Rep. Liz Campos, D-San Antonio.
If the bill passes, state agencies would still have their own cybersecurity systems in place, with guidance and support from the command. Several have asked lawmakers for new funds for beefed up security.
“Texas public entities are alluring targets for cyber threat actors who are using increasingly sophisticated tactics, techniques, and procedures; never-before-seen tools; and exploitative technologies,” reads the DIR’s State of Texas Cybersecurity Strategic Plan 2024-2029.
Opponents of the bill in the House suggested the state shouldn’t create new state agencies and spend more tax money to do so.
Rep. Andy Hopper, R-Decatur, attempted to halt the creation of a new state agency and instead centralize cybersecurity duties under the Texas State Guard, which he said would be cheaper and more efficient. The effort went down 116-27.
“It makes no sense that we should stand up a completely separate entity to do what the Texas (State) Guard already does,” Hopper said.
Capriglione said the bill prevents public entities from losing money to malware and ransomware attacks, allows the government to operate more efficiently when it’s secure from threats, and puts citizens’ safety first.
Ransomware attacks alone have cost billions of dollars and affected 53 cities in Texas in the last five years, Capriglione, who chairs the House Delivery of Government Efficiency Committee, said.
In March, the mayor of Mission filed a local state of disaster declaration after a cyberattack on the city and said the incident was “of such severity and magnitude that extraordinary measures must be taken to alleviate the immeasurable and imminent cybersecurity incident.”
“The City of Mission, Texas, has suffered a cybersecurity incident such that the entire City computer server is at severe risk of a cyberattack that could release protected personal information, protected health information, civil and criminal records, and/or any and all other data held by the City of Mission and all departments within the City,” Mayor Norie Gonzalez Garza wroteAbbott in a letter asking for an emergency declaration.
In 2023, thousands of Asian-American Texans were victimized when an organized crime organization broke into the state’s driver license system and ordered duplicates for identity theft purposes.
“I have a list of cities and private companies in your district that have been affected,” he told lawmakers during debate on the legislation. “And people lost not just money, but they lose their identities. They are breached, and so to that respect, I would say absolutely it is much more efficient and much, much more intelligent, to be honest with you, for the government to go and create this cyber command.”
© 2025 The Dallas Morning News. Distributed by Tribune Content Agency, LLC.
