Texas taps AT&T for statewide managed security services

The State of Texas has awarded a managed security services contract to AT&T that will expand the IT security and privacy options available to state agencies, higher education, and local government offices throughout the state.

The contract provides that AT&T will offer services for security monitoring and device management, incident response, and risk and compliance. The contract is an outgrowth of the fact that the state takes cybersecurity and data privacy “very seriously,” Stacey Napier, executive director for the Texas Department of Information Resources (DIR), said in an official statement.

“The wellbeing of many people depends on it,” Napier said. “So, we must protect sensitive information and use necessary tools to educate and protect ourselves from attacks. DIR is committed to proactively strengthening our security services.”

The contract follows the Texas Cybersecurity Act, a law passed by the legislature in August that creates new governance bodies and requirements for cybersecurity across state government, including the creation of a “cyber sharing task force” and congressional committees on cybersecurity.

AT&T says the new contract will help agencies arm themselves with tools needed to meet requirements of the new law. New requirements for the state include a 48 hour window for breach notification to a state cybersecurity coordinator, more frequent reviews of security policy, regular risk assessments, and adoption of national standards like those outlined by the National Institute of Standards and Technology (NIST).

State Chief Information Officer Todd Kimbriel told StateScoop earlier this year that the state’s security plans are modeled after the Multi-State Information Sharing & Analysis Center, in which several “centers of excellence” will serve as information sharing hubs.