Bill Text: NJ S2271 | 2024-2025 | Regular Session | Introduced
Bill Title: Requires each government entity in this State to conduct review of cybersecurity infrastructure and make recommendations.
Spectrum: Partisan Bill (Democrat 2-0)
Status: (Introduced) 2024-01-09 - Introduced in the Senate, Referred to Senate State Government, Wagering, Tourism & Historic Preservation Committee [S2271 Detail]
Download: New_Jersey-2024-S2271-Introduced.html
STATE OF NEW JERSEY
221st LEGISLATURE
PRE-FILED FOR INTRODUCTION IN THE 2024 SESSION
Sponsored by:
Senator NICHOLAS P. SCUTARI
District 22 (Somerset and Union)
Senator VIN GOPAL
District 11 (Monmouth)
SYNOPSIS
Requires each government entity in this State to conduct review of cybersecurity infrastructure and make recommendations.
CURRENT VERSION OF TEXT
Introduced Pending Technical Review by Legislative Counsel.
An Act concerning a review of the State's cybersecurity infrastructure by all State and local government entities.
Be It Enacted by the Senate and General Assembly of the State of New Jersey:
1. a. Each government entity in this State shall conduct an internal review of the government entity's cybersecurity infrastructure.
As used in this act, "government entity" means any municipality, county, school district, and any instrumentality thereof, and each principal department in the Executive Branch of State government and any agency, board, bureau, authority, office, or instrumentality thereof, and any State college or university established pursuant to chapter 64 of Title 18A of the New Jersey Statutes.
b. In the government entity's internal review, the head of the entity or the entity's governing body, as the case may be, at a minimum, shall:
(1) evaluate the efficiency and security of the current cyber infrastructure of the government entity;
(2) identify any high-risk cybersecurity issues facing the government entity;
(3) offer strategies on how the government entity can improve and modernize its cybersecurity infrastructure, including its computer systems, networks, and software and hardware programs; and
(4) provide any proposed changes to laws, regulations, or policies concerning cybersecurity in this State that the government entity finds appropriate to modify.
c. The head of the entity or the entity's governing body, as the case may be, shall report the findings and recommendations from the internal review to the Governor and, pursuant to section 2 of P.L.1991, c.164 (C.52:14-19.1), to the Legislature no later than 45 days following the effective date of this act, P.L. , c. (pending before the Legislature as this bill).
2. This act shall take effect immediately.
STATEMENT
This bill requires each government entity in this State to conduct a review of the entity's cybersecurity infrastructure and make recommendations. The bill requires the head of the entity or the entity's governing body, as the case may be, at a minimum, to:
(1) evaluate the efficiency and security of the current cyber infrastructure of the government entity;
(2) identify any high-risk cybersecurity issues facing the government entity;
(3) offer strategies on how the government entity can improve and modernize its cybersecurity infrastructure, including its computer systems, networks, and software and hardware programs; and
(4) provide any proposed changes to laws, regulations, or policies concerning cybersecurity in this State that the government entity finds appropriate to modify.
The bill also requires the head or governing body of each government entity, as the case may be, to report the findings and recommendations from the internal review to the Governor and the Legislature no later than 45 days following the effective date of the bill.
