EncryptedTechnology: Texas Cyber Command (TXCC) FY 2026-27 Certification Pending Learn more →

ComplianceMay 8, 2026· 9 min read

What Changed: Texas FY 2026-27 Cybersecurity Training Requirements

The FY 2026-2027 cycle brings two big changes: a new certification authority — the Texas Cyber Command — and new required training content. Here is a plain-language breakdown of what changed and what your organization should do.

Key dates: Training providers submit programs for FY 2026-27 certification between June 1 and July 31, 2026. The Texas Cyber Command publishes the certified program list on August 31, 2026, and the FY 2026-27 training year begins September 1, 2026.

A New Certification Authority

House Bill 150 (89th Legislature, 2025) transferred responsibility for certifying cybersecurity training programs from the Texas Department of Information Resources (DIR) to the newly created Texas Cyber Command (TXCC). The annual training requirement itself now lives in Texas Government Code Chapter 2063: covered employees, elected and appointed officials, and contractors with access to government information resources must complete a certified training program each year.

Practically, this means the certified provider list your organization relies on is now published and maintained by the Texas Cyber Command, not DIR. DIR still handles other cybersecurity functions — such as security incident reporting and the state Security Control Standards — but training certification has moved.

What Actually Changed in the Content Requirements

The FY 2026-27 certification standards add several required topic areas that were not part of earlier cycles:

  • Business email compromise (BEC) — including the specific warning signs of forced urgency, unnatural text, repetitive writing, and unverifiable details.
  • Foreign adversary influence operations — including United Front Work Department (UFWD) tactics and methods, resources on UFWD activity in Texas, and how to report concerns to the Texas Ethics Commission.
  • Foreign adversary restrictions — the Texas Government Code § 572.070 prohibitions on accepting travel, gifts, or lodging from foreign adversaries, the 30-day reporting requirement, and the consequences for violations.

Training programs certified for FY 2026-27 must cover these areas. If your current provider's curriculum has not been updated for the new criteria, it will not carry a FY 2026-27 certification.

Critical Dates

June 1, 2026FY 2026-27 provider certification submission window opens
July 31, 2026Provider certification submission window closes
August 31, 2026Texas Cyber Command publishes the FY 2026-27 certified program list; organizations certify compliance for the current training year
September 1, 2026FY 2026-27 training year begins

Note the distinction: June 1 – July 31 is the window for training providers to submit their programs for certification. Your organization's obligation is to make sure covered personnel complete certified training each year and to certify compliance through the state reporting process by August 31.

What Your Organization Should Do Now

  1. Ask your current training provider whether they have submitted for FY 2026-27 certification with the Texas Cyber Command and whether their curriculum covers the new BEC, foreign adversary, and § 572.070 content areas.
  2. Update your covered-personnel roster to include contractors and third-party vendors with access to government systems — they are covered by the training requirement.
  3. Check the Texas Cyber Command's certified program list when it is published on August 31, 2026, and confirm your provider is on it before the new training year.
  4. Plan enrollment early in the FY 2026-27 year so completions are not compressed against next year's August 31 compliance certification.
  5. Keep proof-of-completion records for every covered person, available for audit.

Planning for FY 2026-27?

Our platform handles it automatically

Curriculum built to the FY 2026-27 TXCC criteria, automated enrollment, completion tracking, and dedicated compliance support — designed specifically for Texas government entities.