CyManII strengthens Eagle Pass critical infrastructure through community-wide training
As cyber threats continue to target local communities, cities like Eagle Pass, Texas, are taking proactive steps to strengthen its critical infrastructure and cybersecurity defenses.
On December 17 and 18, the Cybersecurity Manufacturing and Innovation Institute (CyManII) at UT San Antonio was invited by Mayor of Eagle Pass, Aaron Valdez, to hold a collaborative, two-day critical infrastructure and cybersecurity readiness event.
The event brought together representatives from the city and Maverick County – and other critical community partners – like Eagle Pass ISD, Eagle Pass Water Works System, the Sherriff’s Office, and the Maverick County Hospital District to practice responding to a simulated cyberattack, share real-world experiences, and strengthen coordinated incident response plans across the community.
Representatives from other Texas State leaders and federal agencies were also present, including Supervisory Special Agent (SSA) David Rodriguez, from the San Antonio Federal Bureau of Investigation (FBI) Division; Chief of Cybersecurity, Deron T. McElroy, from the Cybersecurity and Infrastructure Security Agency (CISA); Representative, Luke Rivera, from Texas Cyber Command (TXCC); and Texas State Representative, Eddie Morales, from District 74.
Morales expressed his appreciation for the cyber training CyManII was delivering and for Eagle Pass coming together to address cyber threats. He said one of the main reasons he supported Texas House Bill (HB) 150 was to better protect communities from increasingly sophisticated cyberattacks that threaten critical infrastructure, public services, and sensitive data.
Joe Mallen, CyManII assistant director of experiential learning and certified CMMC professional; Vincent Rendon, CyManII operational technology instructor; and Ed McCormick, Regional Innovation Officer for CyManII’s Lone Star Cyber Forge, were on hand to share their knowledge with Eagle Pass representatives.
“This kind of training is critical because cyber incidents don’t just affect IT systems, they affect critical infrastructure in communities across the U.S.,” Mallen said. “By bringing our Mobile Training Vehicle (MTV) directly to Eagle Pass and running live, realistic simulations, we’re giving both technical teams and community leaders a shared understanding of how an attack unfolds and how decisions are made in real time.”
Rendon added: “When everyone has practiced together, the community is far better prepared to respond quickly, support one another, and protect essential services if a real incident occurs. Building that trust and coordination is needed to protect critical infrastructure when a cyber incident happens.”
During the training, guests witnessed what a live cyberattack looks like on a network, participated in ransomware demonstrations and incident response exercises, and held important security risk assessment discussions.
Gabriel Ramos, IT manager for the Eagle Pass Water Works System, attended the training. He said cybersecurity is critical for water and wastewater systems because these systems directly support public health and safety.
“Any disruption to treatment, distribution, or monitoring can affect the community almost immediately,” Ramos said. “Since these environments depend on a combination of IT and operational systems running 24/7, protecting them is essential to maintaining reliable service, public confidence, and avoiding significant legal and financial consequences.”
For McElroy, his focus during training was to share additional knowledge about key cybersecurity risk management considerations with local critical infrastructure owners and operators, and to assist them with accessing no-cost cybersecurity resources provided by CISA.
“CISA encourages all critical infrastructure owners and operators to engage with CISA to better prepare for a cyber incident,” McElroy said. “Vulnerabilities across critical infrastructure are abundant, and we encourage them to maintain a robust vulnerability management process.”
Ramos said the biggest threats he seen in his industry are ransomware attacks, phishing, and unauthorized access to operational systems. The local water system, like many others, still relies on legacy equipment and infrastructure that were not originally designed with cybersecurity in mind.
“Limited staffing and resources make it challenging for me, as a single IT professional, to keep everything fully patched and continuously monitored, increasing risk if attackers gain access,” Ramos said. “To address this, I remain committed to ongoing education and skill development to better defend against evolving threats.”
