Concerns about the state's water supply and its power grid led the conversation as two Texas House committees met Tuesday to discuss cybersecurity issues and potential cyberthreats.
The House Committee on Government Transparency and Operation and the House Committee on Urban Affairs each addressed interim charges to “identify and address potential gaps” in cybersecurity policies.
State Rep. Gary Elkins, a Republican from Houston and chair of the Government Transparency & Operation Committee, presided over a hearing on the state’s policies, while state Rep. Carol Alvarado, a Democrat from Houston and chair of Urban Affairs, oversaw a meeting on cities’ policies.
House Speaker Joe Straus talked about the importance of asking lawmakers to consider cybersecurity before the legislative session on 2017.
“Cybersecurity is a priority for the Texas House because it can directly affect our infrastructure, privacy and the integrity of our economy,” the speaker said. “It’s a complex issue that affects a number of different policy areas.”
State Rep. Todd Hunter, a Republican from Corpus Christi and vice chair of Urban Affairs, said there is a need to coordinate and communicate with cities, agencies and the private industry about handling security.
“Cybersecurity is a growing issue and concern that affects public utilities, electric/gas and water systems,” Hunter told the American Statesman. “It is important to develop efficient and effective ways to promote security and protect against hacking information that could impact our cities and state and citizens.”
Hunter, Alvarado and other members heard testimony from Art Conklin, director of the Center for Information Security Research and Education at the University of Houston, who talked about the threat of ransomware to electrical grids. The state and communities haven’t had to deal with hackers who hold computer systems hostage until money is paid to them, but officials and regulators need to remain vigilant to protect the state’s electrical grids, he said.
Smaller grids are particularly at risk, he said, because they often lack the same sophisticated countermeasures employed at bigger operations.
But even more worrisome are water supplies across the state, Conklin testified.
Alvarado said she wants to hold officials and regulators accountable for safety.
“We cannot continue to think about it in a typical bureaucratic way,” she said.
Brian Lloyd, executive director of the Public Utility Commission of Texas, warned about governmental micromanagement of the process. He said the state’s big utilities already are doing everything they can.
But in the end Lloyd, Conklin and the lawmakers on the committee agreed that an official study could be helpful to find out what’s occurring in terms of address cyber-attacks, what still should be done to help prevent them and who is available to help fend them off.
Michael Goin, information security manager at Austin Energy, also testified. Much of Goin’s testimony focused on information requests through the state’s open records laws.
Filling the requests often is time consuming and can be dangerous if sensitive information is pieced together to give a comprehensive mapping of the utility’s systems, he said. Goin recommended that lawmakers next session revisit the public information laws that pertain to utilities.