SENATE, No. 3436

STATE OF NEW JERSEY

218th LEGISLATURE

INTRODUCED FEBRUARY 7, 2019

Sponsored by:

Senator  JOSEPH P. CRYAN

District 20 (Union)

SYNOPSIS

     Directs New Jersey Cybersecurity and Communications Integration Cell to develop cybersecurity prevention and awareness materials for businesses and to establish electronic mail fraud Internet website.

CURRENT VERSION OF TEXT

     As introduced.

An Act concerning cybersecurity prevention and awareness and supplementing Title 52 of the Revised Statutes.

     Be It Enacted by the Senate and General Assembly of the State of New Jersey:

     1.    a.      The New Jersey Cybersecurity and Communications Integration Cell, established pursuant to Executive Order No. 178 (2015) in the New Jersey Office of Homeland Security and Preparedness, shall develop informational materials, in a form determined by the New Jersey Cybersecurity and Communications Integration Cell, for use by businesses in this State concerning cybersecurity prevention and awareness. The informational materials shall include, but not be limited to:

     (1)   best practices concerning cyber risk management;

     (2)   guidance concerning cybersecurity training for employers and employees, including methods with which to increase employee awareness of cybersecurity issues;

     (3)   guidance for establishing policies, plans, processes, and procedures for identifying and mitigating cyber risk; and

     (4)   a comprehensive list of cybersecurity resources for businesses, including information concerning cybersecurity insurance.

     b.    The information required pursuant to subsection a. of this section shall be made available to any business in this State upon request and shall be disseminated by the Department of State to any business that registers in the this State after the date of enactment of P.L.    , c.    (C.      ) (pending before the Legislature as this bill).

     2.    The Director of the New Jersey Cybersecurity and Communications Integration Cell, in consultation with the Chief Technology Officer, shall design, develop, and maintain a single Internet website that is accessible to the general public without charge and that shall include, but not be limited to, data and information concerning:

     a.     electronic mail fraud that has been reported to federal or State agencies;

     b.    methods by which a person may determine whether received electronic mail is associated with any reported electronic mail fraud; and

     c.     reporting electronic mail suspected of being fraudulent to the appropriate federal or State agencies.

     3.    This act shall take effect immediately.

STATEMENT

     This bill directs the New Jersey Cybersecurity and Communications Integration Cell (cell) to develop informational materials for use by businesses in this State concerning cybersecurity prevention and awareness. The informational materials are to include, but not be limited to:

     1)    best practices concerning cyber risk management;

     2)    guidance concerning cybersecurity training for employers and employees, including methods with which to increase employee awareness of cybersecurity issues;

     3)    guidance for establishing policies, plans, processes, and procedures for identifying and mitigating cyber risk; and

     4)    a comprehensive list of cybersecurity resources for businesses, including information concerning cybersecurity insurance.

     The bill also requires that the cybersecurity information is to be made available to any business in this State upon request and is to be disseminated by the Department of State to any business that registers in the State.

     The bill further directs the cell, in consultation with the State's Chief Technology Officer, to establish a website with data and information concerning electronic mail fraud, including information on how a person may report suspected electronic mail fraud.