With the passage of Texas State Senate Bill 936 in 2019, the Public Utility Commission of Texas (PUCT) and the Electric Reliability Council of Texas (ERCOT) were empowered to develop a more collaborative, strategic approach to identifying vulnerabilities and finding areas to improve security measures across Texas’ critical electric infrastructure. Paragon Systems was selected as an independent agency by the PUCT to serve as the state’s Cybersecurity Monitor.

The purpose of the Texas Cybersecurity Monitor is to develop a voluntary Outreach Program to promote collaborative discussion on cyber and physical security between the Public Utility Commission of Texas (PUCT), Electric Reliability Council of Texas (ERCOT), and participant Texas Monitored Utilities (MUs) by which Monitored Utilities can express awareness and preparedness through their governance, practices, and training.

"Being a program member has helped us learn more about real world attacks and how to defend against them, as well as better understand government agencies and their overlapping roles.”
General Program Feedback
General Program FeedbackProgram Member
"The self assessment was useful and easy to understand. The report we received based on it improved my understanding of best practices and available resources”
Internal Benchmarking Feedback
Internal Benchmarking FeedbackProgram Member
"The tabletop's objectives and scenarios were realistic and applicable to what we do. It's certainly an important item to practice regularly.”
Tabletop Feedback
Tabletop FeedbackProgram Member
Previous
Next

Program Components

Security Meetings

Quarterly sessions between our cybersecurity monitors and utilities to provide opportunities to share best practices, discuss threats, vulnerabilities, and hot topics.

Tabletops

Biennial cybersecurity-focused incident response (IR) training opportunity, designed to simulate a realistic scenario that focuses on a utility’s capability to detect, identify, protect, respond, and recover from an attack.

Benchmarking

Confidential comprehensive surveys comprised of 17 cybersecurity domains designed to evaluate a utility’s cyber and physical security efforts. Maturity Improvement Reports (MIR) provided post self assessment.

Education

Annual conference with keynote speakers from the public and private sector, best practice lectures, in-person tabletop exercises, and networking opportunities.

Download a Complete Program Guide