Originally published by the Dallas Morning News in November 2025.
Texas Cyber Command is set to protect infrastructure from complex threats.
By Davis Y. Hake and Demetra Koelling
Texas has a reputation for thinking big and acting decisively. With the signing of HB 150 in June 2025, Gov. Greg Abbott and the Texas Legislature created the Texas Cyber Command, positioning Texas as a national leader in cybersecurity.
As attacks on local governments, school districts, and utilities grow, this new command represents more than bureaucratic reform; it’s a commitment to defend Texas’s infrastructure against increasingly complex threats. These are no longer hypotheticals, they are realities. If Cyber Command gets this right, it will set a national model for cyber resilience.
Texas has long led in cybersecurity innovation. The State Cybersecurity Strategic Plan (2024–2029) is grounded in Zero Trust, the globally recognized framework created by Texan John Kindervag and built on the principle “never trust, always verify.” Zero Trust offers a disciplined, layered approach to defense: verifying users, limiting access, segmenting systems, and ensuring visibility across networks.
Texas’s digital landscape mirrors its geography: vast, decentralized, and full of local variation. Each county, city, and utility runs its own systems. Expecting every entity to build its own Zero Trust architecture is like asking each county to construct its own missile defense system.
The Texas Cyber Command recognizes that decentralized ownership is both a strength and a challenge. HB 150 consolidates key cybersecurity functions from the Department of Information Resources (DIR), grants rulemaking, and mandates coordination with local governments and critical infrastructure. The challenge now is shifting from reactive reporting to proactive resilience.
A real-time early warning system
Under Texas law, local governments must report cybersecurity incidents, previously to DIR and now to Cyber Command. But reporting is retrospective, explaining what happened, not how to stop it.
Cyber Command must detect, triage, and understand incidents as they unfold, acting as a digital early-warning system that aggregates statewide threat data and enables real-time response. That approach doesn’t require local governments to rebuild infrastructure; it honors Texas’s values of local control, local sovereignty, and unified defense.
Cyber sovereignty doesn’t mean isolation. It means resilience. Cyber Command can strengthen local control by providing visibility without centralized authority. Every jurisdiction should retain ownership of its logs, identities, and audit data, while the Command uses information, under clear legal and privacy safeguards, to enhance collective defense.
Local governments must know their data remains theirs: controlled, protected, and never shared without consent. Without that assurance, cooperation falters. With it, Texas can build a network of mutual defense.
Procurement power is another strategic advantage. The DIR can leverage economies of scale to deliver affordable tools, identity management, monitoring, and forensics to local jurisdictions. Pre-vetted vendors and cooperative contracts can give small towns access to enterprise-grade defenses without big-city budgets.
Even the smallest water authority can connect with a simple integration and expand over time. No community should be left out, or left behind.
Zero Trust is a comprehensive framework, but visibility is its foundation. By leading with visibility, Cyber Command can accelerate statewide implementation, enabling faster detection, coordinated response, and shared learning across thousands of systems.
This visibility-first approach turns Cyber Command from a policy concept into an operational force; Texas’s digital radar, capable of spotting and stopping attacks before they spread.
If Cyber Command embraces a visibility-first, technology-agnostic strategy, it can become Texas’s digital early-warning system, seeing threats before they escalate, guiding rapid statewide response, and informing smarter resource allocation.
With the Texas Cyber Command, Abbott and state leaders have given Texas the blueprint to turn cybersecurity from aspiration to actionable resilience.
Davis Y. Hake is senior director for the Center for Cybersecurity Policy and Law. Demetra Koelling is executive vice president and general counsel, ON2IT Cybersecurity
