As the digital landscape evolves, so too must the laws that govern it. In 2025, the Texas Legislature passed a series of bills that signal a bold and proactive approach to cybersecurity, artificial intelligence (AI), and IT modernization. From establishing a state-level cyber command to mandating AI literacy for public employees, this legislation reshapes how Texas handles digital governance.
This blog examines five pivotal bills — HB 150, HB 500, HB 1500, HB 2818, and HB 3512 — and their implications for IT professionals, government agencies, and private sector partners.
1. HB 150 — Establishing the Texas Cyber Command
Overview: HB 150 creates the Texas Cyber Command (TXCC), a centralized agency responsible for defending the state’s critical infrastructure from cyber threats.
Key Provisions:
- Transfers cybersecurity responsibilities from the Department of Information Resources (DIR) to the TXCC.
- Defines “critical infrastructure” broadly, including energy, water, healthcare, IT systems, and more.
- Authorizes the TXCC to provide services such as threat detection, incident response, forensic analysis, and training.
- Empowers the TXCC to contract with local governments and private entities.
Expert Insight: This bill is a game-changer. By centralizing cybersecurity under a dedicated command, Texas aligns more closely with best practices used in federal and military cyber operations. The TXCC’s ability to engage with both public and private sectors supports a unified defense posture — a necessity in today’s threat environment where ransomware and nation-state attacks are increasingly common.
2. HB 500 — Budgetary Support for Cyber and Research Initiatives
Overview: While HB 500 is primarily a budget bill, it includes critical funding provisions for IT and cybersecurity-related programs, particularly through the Cancer Prevention and Research Institute of Texas (CPRIT).
Key Provisions:
- Grants capital budget authority to CPRIT for managing research grants.
- Allows the reallocation of funds to support technology infrastructure in public health research.
Expert Insight: Though not a cybersecurity bill per se, HB 500’s funding mechanisms indirectly support IT infrastructure in research institutions. As biomedical research increasingly relies on secure data environments and high-performance computing, this bill ensures that Texas remains competitive in both health innovation and data security.
3. HB 1500 — Reforming the Texas Sunset Act for Digital Efficiency
Overview: HB 1500 updates the Texas Sunset Act, which governs the periodic review of state agencies.
Key Provisions:
- Extends the lifespan of several agencies, including those involved in IT and environmental regulation.
- Enhances the Sunset Advisory Commission’s ability to evaluate digital transformation efforts.
- Encourages agencies to adopt modern IT systems and cybersecurity best practices as part of the review process.
Expert Insight: This bill embeds digital accountability into the very structure of government oversight. By requiring agencies to demonstrate IT modernization and cybersecurity readiness during Sunset reviews, Texas is institutionalizing digital resilience. It’s a subtle but powerful shift toward long-term digital governance.
4. HB 2818 — Creating the Artificial Intelligence Division at DIR
Overview: HB 2818 establishes an artificial intelligence division within the Department of Information Resources (DIR), tasked with overseeing the use of generative AI in state projects.
Key Provisions:
- Supports modernization of legacy systems using generative AI.
- Allows DIR to develop or procure AI tools or contract with vendors.
- Requires a cost analysis report for each AI-driven project, comparing efficiency gains over traditional methods.
Expert Insight: This bill is visionary. By institutionalizing AI within DIR, Texas is not just adopting AI — it’s governing it. The requirement for cost-benefit analysis ensures transparency and accountability, while the focus on legacy modernization addresses a long-standing pain point in public IT systems. This move positions Texas as a national leader in AI governance and digital transformation.
- IT procurement (hardware, software, and cloud services).
- Cybersecurity assessments and compliance audits.
- Training for public employees on secure system usage.
For example, agencies receiving funds for infrastructure or public services will likely need to upgrade their network infrastructure, implement multifactor authentication, and ensure data privacy compliance under state and federal laws.
5. HB 3512 — Mandating AI and Cybersecurity Training for Public Employees
Overview: HB 3512 mandates annual AI and cybersecurity training for state and local government employees who use computers for at least 25% of their job duties.
Key Provisions:
- Requires DIR to certify at least five AI training programs annually.
- Mandates training on ethical use, literacy, and AI best practices.
- Local governments must certify compliance to qualify for state grants.
- Noncompliance results in financial penalties and grant ineligibility.
Expert Insight: This bill addresses the human element of cybersecurity and AI adoption. Technology is only as secure and effective as the people who use it. By mandating training, Texas is closing the skills gap and reducing the risk of misuse or misunderstanding of AI tools. It also sets a precedent for AI literacy as a core competency in public service.
Strategic Themes Across the Bills
1. Centralization and Coordination
HB 150 and HB 2818 centralize critical functions — cybersecurity and AI — under specialized agencies. This reduces fragmentation and improves response times during incidents or deployments.
2. Accountability and Transparency
HB 2818’s cost analysis reports and HB 3512’s training compliance requirements ensure that digital initiatives are measurable and auditable. HB 1500 reinforces this by embedding digital performance into agency reviews.
3. Workforce Development
HB 3512 is a direct investment in human capital, ensuring that public employees are equipped to handle emerging technologies responsibly.
4. Public-Private Collaboration
HB 150 allows the TXCC to contract with private entities, recognizing that cybersecurity is a shared responsibility. HB 2818 opens the door for vendor partnerships in AI implementation.
Implications for IT Leaders and Practitioners
For Government CIOs and CISOs:
- Expect increased oversight and reporting requirements.
- Prepare for collaboration with the TXCC and DIR’s AI Division.
- Invest in workforce training and compliance tracking systems.
For Private Sector Partners:
- Opportunities in AI services, cybersecurity consulting, and training program development.
- Compliance with state standards will be essential for contracting.
For Policy Analysts and Legal Teams:
- Monitor evolving definitions of “critical infrastructure” and “cybersecurity incidents.”
- Stay ahead of rulemaking from DIR and the TXCC.
A Digital Blueprint for the Nation
Texas is not just reacting to the digital age — it’s architecting it. Collectively, these five bills outline a comprehensive strategy that blends technology, policy, and people into a cohesive framework for digital governance. Whether you’re a technologist, policymaker, or citizen, the message is clear: Texas is building a secure, intelligent, and future-ready state.