Texas has always been a state that thinks in terms of scale. Big energy, big ambitions and now, big action in cybersecurity.
With the creation of the Texas Cyber Command under the Department of Information Resources, the state is recognizing what many of us in the industry have long understood: cybersecurity is not just an IT issue, it's a matter of public safety and economic resilience. Protecting municipal systems, schools, and critical energy infrastructure from cyber threats is no longer optional. It is essential.
For these efforts to succeed, Texas must invest as much in people as it does in technology. Without a capable, well-trained workforce to carry out the mission, even the strongest cyber strategies will struggle to hold the line.
The scope of the threat
Cyberattacks are not theoretical. In the last year alone, several cities in Texas experienced major ransomware attacks. One incident in Fort Worth took down core city systems, affecting everything from email access to permitting operations. The ripple effects were significant.
The energy sector is also under constant pressure. As a cornerstone of both the Texas and national economy, the it is a high-value target. Hackers are probing systems that manage oil, gas, and renewable energy infrastructure, looking for weaknesses that could be exploited to steal data or disrupt operations.
Texas has responded by centralizing its cyber incident response capabilities. The Texas Cyber Command is a smart step forward. It brings coordination and focus to an increasingly complex landscape. But its effectiveness will depend entirely on the professionals tasked with doing the work. And that’s where the challenge lies.
The workforce gap
Across the U.S., there are an estimated 400,000 unfilled cybersecurity positions. In Texas, more than 40,000 roles remain vacant, according to CyberSeek. These are not just numbers in a report. They represent a growing vulnerability with gaps in frontline defenses against real and persistent threats.
We cannot afford to rely solely on traditional pathways to fill this gap. Four-year degree programs are important, but they are not designed to scale fast enough or flexibly enough to meet today’s needs. Instead, we need to broaden our view of what a cybersecurity talent pipeline looks like and who it includes.
There needs to be an expanded focus on practical, skills-based training that takes high-aptitude individuals, including those from non-traditional backgrounds, and prepares them for success in cybersecurity careers through rigorous hands-on training that reflects the demands of real-world cyber roles. With the right structure and support, people from all walks of life are already proving they can become capable defenders of our digital infrastructure.
The same entrepreneurial spirit that drives innovation in other sectors can be applied to cybersecurity workforce development. We don’t have to wait years to grow the next generation of defenders. We can do it now, with the right focus and investment.
Texas has taken a critical first step by creating the Cyber Command, but if we want to build lasting resilience, we need to address the workforce bottleneck head-on. Cybersecurity needs more than tech…it needs talent.
---
Dean Gefen is theCEO, NukuDo, a San Antonio-based cybersecurity workforce development and staffing company.
