Governor Murphy Signs Legislation Enhancing Cybersecurity Protections

New Jersey Office of Homeland Security and Preparedness sent this bulletin at 03/16/2023 02:42 PM EDT

View as a webpage / Share

PRESS RELEASE

FOR IMMEDIATE RELEASE

March 16, 2023

CONTACT

Maria Prato

Communications@njohsp.gov

609-584-4392

Governor Murphy Signs Legislation Enhancing Cybersecurity Protections

HAMILTON, NJ - Continuing the Administration’s efforts to keep New Jersey cyber safe, Governor Phil Murphy signed legislation (S297/A493) March 13 requiring State agencies and government contractors to report cybersecurity incidents to the New Jersey Office of Homeland Security and Preparedness within 72 hours of an incident.

“As we continue to face an evolving threat landscape, we must also adapt the mechanisms in place that safeguard our state,” said Governor Murphy. “This legislation will bolster New Jersey’s security by expediting cybersecurity incident reporting and increase our resilience through effective communication. We remain committed to equipping our state with the best practices and the strongest defense possible in order to keep our communities safe.”

The bill requires NJOHSP Director Laurie Doran to establish and publish reporting guidelines to facilitate the timely and confidential submission of incident notifications by all public agencies in New Jersey, as well as government contractors, including municipalities, counties, kindergarten through 12^th grade public schools, public colleges and universities and State law enforcement agencies among others. The purpose is to ensure the timely reporting of cybersecurity incidents that jeopardize the confidentiality, integrity or availability of systems and information.

“Cyber threats are constantly evolving and, on the rise, not only in New Jersey but throughout the nation and the world,” Director Doran said. “This new cyber incident reporting law will help connect the dots, allowing for effective collective incident response among all stakeholders. I would like to thank Governor Murphy and the bill’s sponsors for making this legislation a priority.”

NJOHSP’s cybersecurity division, the New Jersey Cybersecurity and Communications Integration Cell, received 375 confirmed cyber incident reports in 2022. Quick and consistent reporting will assist NJCCIC in expediting response and mitigating further incidents while improving its visibility and awareness of current trends.

“This legislation is very positive from a cybersecurity perspective,” said NJOHSP Acting Deputy Director and NJCCIC Director Michael Geraghty. “By intaking cybersecurity incident reports, the NJCCIC can provide assistance to the affected public agencies to help them respond and recover from an attack. It also allows the NJCCIC to help prevent further compromises of public agencies by sharing the techniques, tactics and protocols the attackers used and the best practices to thwart them.”

Bill sponsors include Sen. Linda Greenstein, Sen. Fred Madden, Assemblywoman Carol Murphy, Assemblyman Daniel Benson and Assemblyman Clinton Calabrese.

“It is critical that cybersecurity incidents are reported,” said Assemblywoman Murphy. “This information will allow the State to better assess cyber attacks and be prepared. As more of the work our governments do goes online, it is more important than ever to protect vital information and keep our state secure for all of our residents.”

“This new law signals a critical step forward in New Jersey’s cybersecurity preparedness,” said Sen. Greenstein. “These attacks threaten critical services, compromise sensitive information and disrupt daily lives. By requiring public agencies and government contractors to report cybersecurity incidents to the State’s Office of Homeland Security and Preparedness, the State will be better prepared to protect sensitive information and safeguard the interests of New Jersey residents.”

“In New Jersey alone, thousands of cybercrime cases occur each week, with our schools, hospitals and police departments among the entities most affected,” said Sen. Madden. “These public agencies store confidential information about residents, and we must establish procedures to make sure that information is not falling into the wrong hands. With this law in place, our State will have a critical aid to ensure cybercrime cases are not only being reported in a timely manner, but also how many residents are being affected by these attacks and how we can implement ways to prevent them from occurring further.”

The new reporting requirement will take effect immediately.

To report a cyber incident, contact 833-4-NJCCIC or visit cyber.nj.gov, where interested parties may also learn more about New Jersey’s cybersecurity efforts or sign up for an NJCCIC membership for cybersecurity-related updates, alerts and bulletins.

###

Office of Communications
New Jersey Office of Homeland Security and Preparedness
communications@njohsp.gov
609-584-4392

“See Something, Say Something”
Report Suspicious Activity in New Jersey to:
1-866-4-SAFE-NJ | tips@njohsp.gov | njohsp.gov/njsars

Update your subscriptions, modify your password or email address, or stop subscriptions at any time on your Subscriber Preferences Page. You will need to use your email address to log in. If you have questions or problems with the subscription service, please visit subscriberhelp.govdelivery.com.

This service is provided to you at no charge by New Jersey Office of Homeland Security and Preparedness.