(a) The department, in consultation with the cybersecurity council established under § 2054.512 and industry stakeholders, shall annually:
(1) certify at least five cybersecurity training programs for state and local government employees; and
(2) update standards for maintenance of certification by the cybersecurity training programs under this section.
(b) To be certified under Subsection (a), a cybersecurity training program must:
(1) focus on forming information security habits and procedures that protect information resources; and
(2) teach best practices for detecting, assessing, reporting, and addressing information security threats.

(c) The department may identify and certify under Subsection (a) training programs provided by state agencies and local governments that satisfy the training requirements described by Subsection (b).
(d) The department may contract with an independent third party to certify cybersecurity training programs under this section.
(e) The department shall annually publish on the department’s Internet website the list of cybersecurity training programs certified under this section.
(f) Repealed by Acts 2021, 87th Leg., R.S., Ch. 51 (H.B. 1118), Sec. 5, eff. May 18, 2021.