TX HB8

Requires the Department of Information Resources to establish an information sharing and analysis center for state agencies to share cybersecurity threats, best practices, and remediation strategies, and mandates the state cybersecurity coordinator establish a cybersecurity council with members from the governor's office, legislature, higher education, and private sector.

Mandates biennial vulnerability assessments by state agency information resources managers (changed from optional to required), due by October 15 of each even-numbered year, covering computers, networks, printers, mobile devices, and data processing systems.

Requires state agencies to notify the Department of Information Resources within 48 hours of discovering a breach, suspected breach, or unauthorized exposure of sensitive personal or confidential information, with election data breaches reported to the secretary of state.

Directs the secretary of state to conduct an election cyber attack study by December 1, 2018, examining vulnerabilities in county voting systems and registered voter lists, and establishes Senate and House Select Committees on Cybersecurity to report findings by January 13, 2019.

Expands closed meeting exceptions from only the Department of Information Resources to all governmental bodies for deliberations on security assessments, network security, and critical infrastructure deployment, and broadens confidentiality protections for network security information to cover all governmental entities.