Recent cyberattacks on government organizations often begin with human error rather than technical vulnerabilities. A single click on a malicious link, responding to a suspicious call, or unintentionally sharing sensitive information can open the door to attackers. Cybercriminals exploit these everyday mistakes because manipulating people is often easier than breaching secure systems.

To address this, Texas DIR Cybersecurity Training emphasizes the human side of security. This mandate is funded, requires certified vendors, and holds organizations accountable for compliance.

Kratikal, a cybersecurity company focused on people-centric solutions, developed Threatcop to address this challenge. Today, Threatcop is among the select vendors certified by the Texas Department of Information Resources (DIR) for cybersecurity and AI awareness training.

What Effective Cybersecurity Awareness Training Does

An employee may have completed a phishing awareness module and understand the concept. However, when faced with a real attack during a busy workday, they may struggle to respond effectively. Knowing about a threat and recognizing it in a real-world scenario are two very different things.

A high-quality security awareness training program bridges this gap by placing employees in simulated environments that closely mimic real attacks. It teaches not only how to identify threats but also how they are constructed, the psychology behind them, and how to respond appropriately.

Texas codified this standard into law. Under Section 2054.519, DIR-certified training must build genuine information security habits, teach employees to detect, assess, report, and respond to threats, and reflect current attack methods. That standard rules out a substantial portion of what the training market offers.

The Texas DIR Mandate: Coverage and Requirements

The DIR applies more broadly than many organizations initially assume.

Category	Cybersecurity Awareness Training (HB 3834)	AI Awareness Training (HB 3512 – FY 2026)
Mandate & Law	Enforced since 2019 HB 3834 • Texas Gov’t Code §§ 2054.5191–5192	Effective Sept 1, 2025 HB 3512 • Texas Gov’t Code § 2054.5195
Objective	Mitigate human-centric cyber risks	Ensure secure, ethical, and transparent AI use
Who Must Complete	Mandatory for all local government staff with system access and state employees/contractors using a computer ≥25% of their duties.	Mandatory for all state and local government employees and officials using a computer ≥25% of their duties.
Frequency & Deadline	Annually by August 31	Annually by August 31
Threatcop Course Duration	29 minutes 57 seconds	1 hour 17 minutes
Key Risks Covered	Phishing, ransomware, credential theft, and social engineering	AI misuse, data leakage, hallucinations, and privacy risks
State-Provided Option	Available but lacks tracking and certification support	Limited or evolving, vendors are typically required for compliance tracking
Implementation Complexity	Moderate	High (new requirement + evolving expectations)
If Not Completed	Higher breach risk, audit findings, and funding impact	AI misuse, data exposure, compliance, and reputational risk

Many organizations encounter challenges here. DIR’s free training option lacks tracking features and does not issue completion certificates. Agencies must create their own documentation systems. As the August 31 deadline approaches, dispersed completion data increases the risk of inaccurate certification submissions.

Cybersecurity & AI Awareness Training Program for Government Employees – Curriculum Overview

Cybersecurity Awareness Training	AI Awareness Training Program
Awareness Training Importance	Public Sector AI
Information Security Introduction	Basic AI Overview
Multi-Factor Authentication	Practical AI Use
Generative AI	Common AI Tools
Data Classification Awareness	AI Risks Limitations
Hybrid Remote Work	AI Risk Recognition
Incident Response	AI Accuracy Issues
Access Control Policy	AI Contextual Limits
Information Security Policy	Responsible Ethical Use
Data Security	Human Oversight Mandatory
Data Backup	Privacy Security Protection
Secure Disposal Procedures	Transparency Consumer Notice
Business Continuity Recovery	Accuracy Output Verification
Operational Risk Management	Government AI Accountability

Threatcop: Built by Kratikal for the Human Attack Surface

Threatcop was created because most attacks start with mistakes. The people who started Kratikal saw that more than 90 percent of successful cyberattacks happen because of human error, such as being careless or not knowing something, or because of social engineering. So they thought there should be a platform that helps people change their behavior during an attack, rather than just watching what is happening on the network. 

Unlike traditional tools that focus only on network activity, Threatcop focuses on changing user behavior during real-world attack scenarios. It is specifically designed for the public sector and aligns with Texas DIR compliance requirements.

It is created for the public sector and includes:

• Recognition of AI-generated phishing campaigns
• Detection of deepfake voice impersonation
• Awareness of synthetic identity attacks
• Understanding automated social engineering techniques
• Identification of data privacy risks in generative AI tools
• Alignment with Texas DIR compliance standards
• Coverage of legal and regulatory considerations 

Why AI Awareness Is Now a Core Part of the Training Requirement

Texas House Bill 3512 established formal guidance on artificial intelligence awareness for government employees. Understanding its importance requires examining how AI has changed the attack landscape.

• AI-Generated Phishing: Phishing emails sent five years ago were usually detectable because they lacked proper grammar, used generic salutations, and were unrealistic. Employees could detect this. However, this is no longer true. Phishing emails are now generated using language models and information available online. These emails are highly customized and look legitimate. Phishing emails that mention employees’ positions, their managers’ positions, and their ongoing work do not arouse suspicion.
• Deepfake Voice Impersonation: This is a new kind of attack that uses audio synthesis to create realistic voice copies. This can be used to impersonate department heads, IT support personnel, and other top officials. This kind of attack is nearly impossible to detect.
• Synthetic Identity Attacks: In this type of attack, cybercriminals create fake professional identities using publicly available information and AI. They gain credibility before asking for access. This kind of attack is initiated long before any suspicious behavior is detected.

Threatcop’s training addresses these attack types by explaining their construction, not just their appearance. Employees who understand the mechanics of deepfake impersonation are better prepared to recognize variations than those who have only received general warnings.

The Real Gap: Between Compliance and Security

It is important to note that an organization can achieve full DIR compliance by August 31, yet still have a workforce unprepared for future attacks.

Training completed purely for compliance does not necessarily change how employees respond to real-world attacks. True resilience comes from continuous engagement, including:

• Simulated attack exercises throughout the year
• Behavioral tracking across departments
• Targeted follow-up training based on risk exposure

Organizations that adopt this approach build stronger security cultures and significantly reduce breach risk.

A single successful cyberattack can result in costs far exceeding the investment in comprehensive training, including legal, operational, and reputational damage.

Threatcop supports this continuous improvement model while ensuring full DIR compliance, allowing organizations to move beyond checkbox training toward measurable security outcomes.

FAQs