Sec. 31.052. CYBERSECURITY COORDINATION PROGRAM FOR UTILITIES. (a) The commission shall establish a program to monitor cybersecurity efforts among utilities in this state. The program shall:
(1) provide guidance on best practices in cybersecurity and facilitate the sharing of cybersecurity information between utilities; and
(2) provide guidance on best practices for cybersecurity controls for supply chain risk management of cybersecurity systems used by utilities, which may include, as applicable, best practices related to:
(A) software integrity and authenticity;
(B) vendor risk management and procurement controls, including notification by vendors of incidents related to the vendor's products and services; and
(C) vendor remote access.
(b) The commission may collaborate with the state cybersecurity coordinator and the cybersecurity council established under Chapter 2054, Government Code, in implementing the program.
Added by Acts 2019, 86th Leg., R.S., Ch. 509 (S.B. 64), Sec. 22, eff. September 1, 2019.