Texas SB 75: A Lone Star Model for Grid Resilience
By Patrick Miller
Texas SB 75 establishes a first-of-its-kind Grid Security Commission to evaluate and enhance the resilience of the state’s electric grid and critical infrastructure. With a broad all-hazards focus, from cyber threats to EMPs, this bipartisan law signals Texas’ intent to lead on proactive, cross-sector grid security. Learn what’s required, what’s coming, and why it matters now
Overview
Texas just took a major step toward hardening its grid against an evolving spectrum of threats. With the unanimous passage of Senate Bill 75 (SB 75), the state has created the Texas Grid Security Commission, a new body charged with identifying vulnerabilities, proposing resilience strategies, and informing future standards. The bill is notable not only for its scope, but also for its bipartisan backing and its all-hazards, all-sectors approach.
Why SB 75 Matters
SB 75 arrives against a familiar backdrop: blackouts, cascading failures, and complex interdependencies that continue to expose the fragility of modern power systems. But this time, Texas is looking beyond weatherization or emergency fuel supplies. The law explicitly calls out:
Cyber threats to grid control systems
Electromagnetic pulses (EMPs) and geomagnetic disturbances (GMDs)
Physical sabotage, insider threats, and seismic risks
Fuel supply chain vulnerabilities
Interdependencies with communications, water, transportation, and health care systems
In short, SB 75 treats grid resilience as a statewide, cross-sector security imperative, not just a utility compliance checkbox.
What the Law Does
SB 75 establishes a Grid Security Commission under the Texas Division of Emergency Management (TDEM). The Commission includes representatives from:
The Public Utility Commission of Texas
The Railroad Commission of Texas
ERCOT
Generation companies
Transmission and distribution utilities
Experts in cybersecurity, EMP mitigation, and critical infrastructure
The group is tasked with evaluating risk across ERCOT and beyond, including municipal utilities and essential public services that depend on power. Their mission? Recommend resilience strategies that go further than federal minimums and speak to Texas’ unique threat landscape.
What’s Coming (and When)
The bill sets a structured—but fast-moving—timeline:
| Date | Milestone |
|---|---|
| Sept 1, 2025 | Law takes effect; Commission formally established |
| Dec 1, 2025 | Initial report due to the Legislature |
| Oct 1, 2026 | Comprehensive resilience plan and standards report due |
| 2027 and beyond | PUCT-led rulemaking may begin based on Commission recommendations |
| Every 2 years | PUCT and ERCOT must conduct simulated grid security exercises |
| Annually | Commission must publish a public-facing (non-confidential) report |
If you operate in or interface with Texas infrastructure, this is your moment to help define the new normal.
What Comes Next
Texas SB 75 is not just a reaction to Winter Storm Uri or past blackout events. It appears to be a forward-leaning attempt to get ahead of the next big shock, whatever form it takes. And while the Commission’s recommendations may start as voluntary, history suggests they won’t stay that way for long.
The smart move now?
Review your current grid security posture
Identify internal SMEs who can track or engage with the Commission
Plan budget scenarios for enhanced controls, planning, or supply chain hardening
And watch closely, because what starts in Texas may not stay in Texas. As other states grapple with grid vulnerability and regulatory uncertainty at the federal level, SB 75 could become a useful blueprint.
Final Thoughts: A Bigger Texas Strategy
SB 75 doesn’t stand alone. It’s part of a broader 2025 Texas cybersecurity architecture that now includes:
SB 271 – Requires 48-hour incident reporting for water utilities and ongoing cyber oversight for others. It’s the enforcement mechanism behind the state’s cyber accountability posture.
Texas Cyber Command – A new state agency in San Antonio tasked with cyber threat intelligence, forensics, and coordination across all levels of government. Funded at $135 million through 2027.
HB 8 – A legislative backbone that mandates training, regular cyber reviews, and strategic planning for all state agencies.
Together, these moves place Texas among the most aggressive states in building out its own cybersecurity governance model, arguably on par with recent efforts in New York (S.7672A/A.6769A and PSC 25-M-0302). But unlike New York’s top-down regulatory approach, Texas is blending state-led strategic coordination (SB 75) with operational capability (Cyber Command) and enforceable transparency (SB 271). Texas is leaning into strategic sovereignty over cyber risk, defining its own rules, building internal capabilities, and preparing to respond on its own terms rather than waiting for federal direction.
